etcd 集群部署
1.镜像
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
setenforce 0
yum install etcd-3.3.11-2.el7.centos.x86_64.rpm
mv /etc/etcd/etcd.conf /etc/etcd/etcd.conf.bak
vim /etc/etcd/etcd.conf
:set paste
#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://192.168.26.91:2380,http://localhost:2380" ETCD_LISTEN_CLIENT_URLS="http://192.168.26.91:2379,http://localhost:2379"
ETCD_NAME="default"
#[Clustering]
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.26.91:2379,http://localhost:2379"
参数的意义
ETCD_NAME 节点名称,默认为default
ETCD_DATA_DIR 服务运行数据保存的路径
ETCD_LISTEN_PEER_URLS 监听的同伴通信的地址,比如http://ip:2380,如果有多个,使用逗号分隔。需要
所有节点都能够访问,所以不要使用 localhost!
ETCD_LISTEN_CLIENT_URLS 监听的客户端服务地址
ETCD_ADVERTISE_CLIENT_URLS 对外公告的该节点客户端监听地址,这个值会告诉集群中其他节点。
ETCD_INITIAL_ADVERTISE_PEER_URLS 对外公告的该节点同伴监听地址,这个值会告诉集群中其他节点
ETCD_INITIAL_CLUSTER 集群中所有节点的信息,格式为
ETCD_INITIAL_CLUSTER_STATE 新建集群的时候,这个值为 new;假如加入已经存在的集群,这个值为existing。
ETCD_INITIAL_CLUSTER_TOKEN 集群的ID,多个集群的时候,每个集群的ID必须保持唯一
etcdctl --endpoints http://10.1.0.36:2379 member list
#连接测试
使用V3版本存储
export $ETCDCTL_API=3
数据恢复
#1.关闭服务
systemctl stop etcd
#2.删除数据
rm -rf /var/lib/etcd/default.etcd
#3.恢复数据
etcdctl snapshot restore /srv/data/etcd-snapshot-previous.db \ --data-dir=/var/lib/etcd/default.etcd \ --name="default" \ --initial-cluster="default=http://localhost:238
#4.更改属主
chown -R etcd.etcd /var/lib/etcd/default.etcd
systemctl start etc
多节点集群
三节点统一使用V3版本
grep -o '^[^#].*' etcd.conf
ETCD_DATA_DIR="/var/lib/etcd/cluster.etcd"
ETCD_LISTEN_PEER_URLS="http://192.168.26.61:2380,http://localhost:2380" ETCD_LISTEN_CLIENT_URLS="http://192.168.26.61:2379,http://localhost:2379"
ETCD_NAME="etcd-61"
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.26.61:2380" ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379,http://192.168.26.61:2379" ETCD_INITIAL_CLUSTER="etcd61=http://192.168.26.61:2380,etcd-62=http://192.168.26.62:2380,etcd-63=http://192.168.26.63:2380" ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
#初始化的new 新增是existing
ETCD_INITIAL_CLUSTER_STATE="new
查看节点
etcdctl member list
集群恢复数据
systemctl stop etcd
etcdctl snapshot restore data2.snap --initial-cluster=etcd-91=http://192.168.26.91:2380,etcd-92=http://192.168.26.92:2380,etcd-92=http://192.168.26.93:2380 --initial-advertise-peer-urls "http://192.168.26.92:2380" --name=etcd-91 --data-dir=/var/lib/etcd/cluster.etcd
etcdctl snapshot restore data2.snap --initial-cluster=etcd-91=http://192.168.26.91:2380,etcd-92=http://192.168.26.92:2380,etcd-92=http://192.168.26.93:2380 --initial-advertise-peer-urls "http://192.168.26.92:2380" --name=etcd-92 --data-dir=/var/lib/etcd/cluster.etcd
etcdctl snapshot restore data2.snap --initial-cluster=etcd-91=http://192.168.26.91:2380,etcd-92=http://192.168.26.92:2380,etcd-92=http://192.168.26.93:2380 --initial-advertise-peer-urls "http://192.168.26.92:2380" --name=etcd-93 --data-dir=/var/lib/etcd/cluster.etcd
rm -rf /var/lib/etcd/default.etcd
chown -R etcd.etcd /var/lib/etcd/default.etcd
systemctl start etc
使用证书和私钥远程连接
etcdctl --endpoints=https://10.1.0.30:2379 --cacert="./ca.crt" --cert="./server.crt" --key="./server.key" member list