etcd 集群部署

1.镜像

  1. cat <<EOF > /etc/yum.repos.d/kubernetes.repo
  2. [kubernetes]
  3. name=Kubernetes
  4. baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
  5. enabled=1
  6. gpgcheck=1
  7. repo_gpgcheck=1
  8. gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
  9. EOF
  10. setenforce 0
  1. yum install etcd-3.3.11-2.el7.centos.x86_64.rpm
  1. mv /etc/etcd/etcd.conf /etc/etcd/etcd.conf.bak
  2. vim /etc/etcd/etcd.conf
  3. :set paste
  4. #[Member]
  5. ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
  6. ETCD_LISTEN_PEER_URLS="http://192.168.26.91:2380,http://localhost:2380" ETCD_LISTEN_CLIENT_URLS="http://192.168.26.91:2379,http://localhost:2379"
  7. ETCD_NAME="default"
  8. #[Clustering]
  9. ETCD_ADVERTISE_CLIENT_URLS="http://192.168.26.91:2379,http://localhost:2379"
  1. 参数的意义
  2. ETCD_NAME 节点名称,默认为default
  3. ETCD_DATA_DIR 服务运行数据保存的路径
  4. ETCD_LISTEN_PEER_URLS 监听的同伴通信的地址,比如http://ip:2380,如果有多个,使用逗号分隔。需要
  5. 所有节点都能够访问,所以不要使用 localhost
  6. ETCD_LISTEN_CLIENT_URLS 监听的客户端服务地址
  7. ETCD_ADVERTISE_CLIENT_URLS 对外公告的该节点客户端监听地址,这个值会告诉集群中其他节点。
  8. ETCD_INITIAL_ADVERTISE_PEER_URLS 对外公告的该节点同伴监听地址,这个值会告诉集群中其他节点
  9. ETCD_INITIAL_CLUSTER 集群中所有节点的信息,格式为
  10. ETCD_INITIAL_CLUSTER_STATE 新建集群的时候,这个值为 new;假如加入已经存在的集群,这个值为existing
  11. ETCD_INITIAL_CLUSTER_TOKEN 集群的ID,多个集群的时候,每个集群的ID必须保持唯一
  1. etcdctl --endpoints http://10.1.0.36:2379 member list
  2. #连接测试
  3. 使用V3版本存储
  4. export $ETCDCTL_API=3

数据恢复

  1. #1.关闭服务
  2. systemctl stop etcd
  3. #2.删除数据
  4. rm -rf /var/lib/etcd/default.etcd
  5. #3.恢复数据
  6. etcdctl snapshot restore /srv/data/etcd-snapshot-previous.db \ --data-dir=/var/lib/etcd/default.etcd \ --name="default" \ --initial-cluster="default=http://localhost:238
  7. #4.更改属主
  8. chown -R etcd.etcd /var/lib/etcd/default.etcd
  9. systemctl start etc

多节点集群

三节点统一使用V3版本

  1. grep -o '^[^#].*' etcd.conf
  2. ETCD_DATA_DIR="/var/lib/etcd/cluster.etcd"
  3. ETCD_LISTEN_PEER_URLS="http://192.168.26.61:2380,http://localhost:2380" ETCD_LISTEN_CLIENT_URLS="http://192.168.26.61:2379,http://localhost:2379"
  4. ETCD_NAME="etcd-61"
  5. ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.26.61:2380" ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379,http://192.168.26.61:2379" ETCD_INITIAL_CLUSTER="etcd61=http://192.168.26.61:2380,etcd-62=http://192.168.26.62:2380,etcd-63=http://192.168.26.63:2380" ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
  6. #初始化的new 新增是existing
  7. ETCD_INITIAL_CLUSTER_STATE="new

查看节点

  1. etcdctl member list

集群恢复数据

  1. systemctl stop etcd
  2. etcdctl snapshot restore data2.snap --initial-cluster=etcd-91=http://192.168.26.91:2380,etcd-92=http://192.168.26.92:2380,etcd-92=http://192.168.26.93:2380 --initial-advertise-peer-urls "http://192.168.26.92:2380" --name=etcd-91 --data-dir=/var/lib/etcd/cluster.etcd
  3. etcdctl snapshot restore data2.snap --initial-cluster=etcd-91=http://192.168.26.91:2380,etcd-92=http://192.168.26.92:2380,etcd-92=http://192.168.26.93:2380 --initial-advertise-peer-urls "http://192.168.26.92:2380" --name=etcd-92 --data-dir=/var/lib/etcd/cluster.etcd
  4. etcdctl snapshot restore data2.snap --initial-cluster=etcd-91=http://192.168.26.91:2380,etcd-92=http://192.168.26.92:2380,etcd-92=http://192.168.26.93:2380 --initial-advertise-peer-urls "http://192.168.26.92:2380" --name=etcd-93 --data-dir=/var/lib/etcd/cluster.etcd
  5. rm -rf /var/lib/etcd/default.etcd
  6. chown -R etcd.etcd /var/lib/etcd/default.etcd
  7. systemctl start etc

使用证书和私钥远程连接

  1. etcdctl --endpoints=https://10.1.0.30:2379 --cacert="./ca.crt" --cert="./server.crt" --key="./server.key" member list

etcdkeeper 可视化工具