k8s二進制安裝之etcd

時間  2020-01-08
標籤 k8s 二進制 安裝 etcd 简体版
原文   原文鏈接

etcd

安裝etcd
wget https://github.com/etcd-io/etcd/releases/download/v3.3.9/etcd-v3.3.9-linux-amd64.tar.gz
tar -xvf etcd-v3.3.9-linux-amd64.tar.gz
mv etcd-v3.3.9-linux-amd64/etcd* /usr/local/bin/
建立etcd啓動文件
cat > /usr/lib/systemd/system/etcd.service << EOF
[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target
Documentation=https://github.com/coreos
[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
ExecStart=/usr/local/bin/etcd \\
  --name k8s-master \\
  --cert-file=/etc/kubernetes/ssl/kubernetes.pem \\
  --key-file=/etc/kubernetes/ssl/kubernetes-key.pem \\
  --peer-cert-file=/etc/kubernetes/ssl/kubernetes.pem \\
  --peer-key-file=/etc/kubernetes/ssl/kubernetes-key.pem \\
  --trusted-ca-file=/etc/kubernetes/ssl/ca.pem \\
  --peer-trusted-ca-file=/etc/kubernetes/ssl/ca.pem \\
  --initial-advertise-peer-urls https://172.16.20.206:2380 \\
  --listen-peer-urls https://172.16.20.206:2380 \\
  --listen-client-urls https://172.16.20.206:2379,http://127.0.0.1:2379 \\
  --advertise-client-urls https://172.16.20.206:2379 \\
  --initial-cluster-token etcd-cluster \\
  --initial-cluster k8s-master=https://172.16.20.206:2380,k8s-node1=https://172.16.20.207:2380,k8s-node2=https://172.16.20.208:2380 \\
  --initial-cluster-state new \\
  --data-dir=/var/lib/etcd
Restart=on-failure
RestartSec=5
LimitNOFILE=65536                                                                                                                               
[Install]                                                                                                                                       
WantedBy=multi-user.target
EOF

#####說明
etcd 的數據目錄爲 /var/lib/etcd,需在啓動服務前建立這個目錄,不然啓動服務的時候會報錯「Failed at step CHDIR spawning /usr/bin/etcd: No such file or directory」;
--name 選項後面的名字要和當前主機名相同
--initial-advertise-peer-urls,--listen-peer-urls,--listen-client-urls,--listen-client-urls,--advertise-client-urls,必須爲本機IP
--initial-cluster 注意集羣IP和主機名的對應關係
#####說明
指定 etcd 的工做目錄爲 /var/lib/etcd,數據目錄爲 /var/lib/etcd,需在啓動服務前建立這兩個目錄;
爲了保證通訊安全,須要指定 etcd 的公私鑰(cert-file和key-file)、Peers 通訊的公私鑰和 CA 證書(peer-cert-file、peer-key-file、peer-trusted-ca-file)、客戶端的CA證書(trusted-ca-file);
建立 kubernetes.pem 證書時使用的 kubernetes-csr.json 文件的 hosts 字段包含全部 etcd 節點的IP,不然證書校驗會出錯;
--initial-cluster-state 值爲 new 時,--name 的參數值必須位於 --initial-cluster 列表中; node

分發到各個節點

分發etcd.service , etcd.conf,/usr/local/bin/etcd* 到各個節點的對應目錄;修改etcd.conf的對應配合爲當前節點信息。 linux

scp -r /usr/local/bin/etcd* k8s-node1:/usr/local/bin/
scp -r /usr/local/bin/etcd* k8s-node2:/usr/local/bin/
scp -r /etc/etcd k8s-node1:/etc/
scp -r /etc/etcd k8s-node2:/etc/
scp /usr/lib/systemd/system/etcd.service k8s-node1:/usr/lib/systemd/system/
scp /usr/lib/systemd/system/etcd.service k8s-node2:/usr/lib/systemd/system/
啓動etcd

全部節點執行git

systemctl daemon-reload
systemctl start etcd
systemctl status etcd
systemctl enable etcd
驗證
etcdctl \
  --ca-file=/etc/kubernetes/ssl/ca.pem \
  --cert-file=/etc/kubernetes/ssl/kubernetes.pem \
  --key-file=/etc/kubernetes/ssl/kubernetes-key.pem \
  cluster-health

member 4cc910cd64041b9f is healthy: got healthy result from https://172.16.20.206:2379
member 71e662482c67f8f0 is healthy: got healthy result from https://172.16.20.207:2379
member d3813a08e230ddef is healthy: got healthy result from https://172.16.20.208:2379
cluster is healthy
######  清除全部數據

etcdctl del / --prefixgithub

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程