k8s集羣部署三（部署Etcd集羣）

由圖中能夠看出，Etcd是kube-apiserver用於存儲的一個集羣。

安裝的下載地址爲https://github.com/etcd-io/etcd/releases/tag/v3.2.12，找到其中的

etcd-v3.2.12-linux-amd64.tar.gz

在三臺機依次解壓,執行如下命令

tar -xzvf etcd-v3.2.12-linux-amd64.tar.gz

cd etcd-v3.2.12-linux-amd64

mkdir -p /opt/kubernetes/{bin,cfg,ssl}

mv etcd /opt/kubernetes/bin/

mv etcdctl /opt/kubernetes/bin/

cd /opt/kubernetes/cfg

touch etcd

vim etcd

內容以下

#[Member]
ETCD_NAME="etcd01"
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PFER_URLS="https://172.18.98.48:2380"
ETCD_LISTEN_CLIENT_URLS="https://172.18.98.48:2379"

#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://172.18.98.48:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://172.18.98.48:2379"
ETCD_INITIAL_CLUSTER="etcd01=https://172.18.98.48:2380,etcd02=https://172.18.98.47:2380,etcd03=https://172.18.98.46:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"

以上的IP地址根據你本身的IP地址來定。不一樣的服務器須要修改

ETCD_NAME，ETCD_LISTEN_PFER_URLS，ETCD_LISTEN_CLIENT_URLS，ETCD_INITIAL_ADVERTISE_PEER_URLS，ETCD_ADVERTISE_CLIENT_URLS

cd /usr/lib/systemd/system/

touch etcd.service

vim etcd.service

內容以下

[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target

[Service]
Type=notify
EnvironmentFile=-/opt/kubernetes/cfg/etcd
ExecStart=/opt/kubernetes/bin/etcd \
--name=${ETCD_NAME} \
--data-dir=${ETCD_DATA_DIR} \
--listen-peer-urls=${ETCD_LISTEN_PFER_URLS} \
--listen-client-urls=${ETCD_LISTEN_CLIENT_URLS},http://127.0.0.1:2379 \
--advertise-client-urls=${ETCD_ADVERTISE_CLIENT_URLS} \
--initial-advertise-peer-urls=${ETCD_INITIAL_ADVERTISE_PEER_URLS} \
--initial-cluster=${ETCD_INITIAL_CLUSTER} \
--initial-cluster-token=${ETCD_INITIAL_CLUSTER} \
--initial-cluster-state=new \
--cert-file=/opt/kubernetes/ssl/server.pem \
--key-file=/opt/kubernetes/ssl/server-key.pem \
--peer-cert-file=/opt/kubernetes/ssl/server.pem \
--peer-key-file=/opt/kubernetes/ssl/server-key.pem \
--trusted-ca-file=/opt/kubernetes/ssl/ca.pem \
--peer-trusted-ca-file=/opt/kubernetes/ssl/ca.pem
Restart=on-failure
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target

進入以前存儲證書文件的目錄

cd ssl

cp server*pem ca*.pem /opt/kubernetes/ssl/

systemctl daemon-reload & systemctl start etcd進行啓動

若是啓動中有錯誤，能夠經過journalctl -u etcd或者tail -100f /var/log/messages來查看錯誤日誌。

啓動成功，查看進程

# ps -ef | grep etcd
root      5243     1  3 16:42 ?        00:00:00 /opt/kubernetes/bin/etcd --name=etcd01 --data-dir=/var/lib/etcd/default.etcd --listen-peer-urls=https://172.18.98.48:2380 --listen-client-urls=https://172.18.98.48:2379,http://127.0.0.1:2379 --advertise-client-urls=https://172.18.98.48:2379 --initial-advertise-peer-urls=https://172.18.98.48:2380 --initial-cluster=etcd01=https://172.18.98.48:2380,etcd02=https://172.18.98.47:2380,etcd03=https://172.18.98.46:2380 --initial-cluster-token=etcd01=https://172.18.98.48:2380,etcd02=https://172.18.98.47:2380,etcd03=https://172.18.98.46:2380 --initial-cluster-state=new --cert-file=/opt/kubernetes/ssl/server.pem --key-file=/opt/kubernetes/ssl/server-key.pem --peer-cert-file=/opt/kubernetes/ssl/server.pem --peer-key-file=/opt/kubernetes/ssl/server-key.pem --trusted-ca-file=/opt/kubernetes/ssl/ca.pem --peer-trusted-ca-file=/opt/kubernetes/ssl/ca.pem

測試Etcd集羣

vim /etc/profile

在最末尾增長

PATH=$PATH:/opt/kubernetes/bin

保存退出

source /etc/profile

cd /opt/kubernetes/ssl/

# etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem --endpoints="https://172.18.98.48:2379,https://172.18.98.47:2379,https://172.18.98.46:2379" cluster-health
member 617854a0804804e is healthy: got healthy result from https://172.18.98.47:2379
member 93b5038b85e12bf7 is healthy: got healthy result from https://172.18.98.48:2379
member d848850d091a45de is healthy: got healthy result from https://172.18.98.46:2379
cluster is healthy

爲了方便三臺服務器安裝，能夠給它們安裝免密碼登陸，具體能夠參考如何在多臺服務器添加ssh的免密碼登陸