OpenShift環境中手工模式添加etcd server

時間  2019-12-05
標籤 openshift 環境 手工 模式 添加 etcd server 简体版
原文   原文鏈接

模擬備份和恢復,在現有的集羣環境,單master(etcd), infra和node上面添加另一臺機器做爲etcd Server.html

基於OpenShift 3.11版本,詳情能夠參考node

https://docs.openshift.com/container-platform/3.11/admin_guide/assembly_restoring-cluster.html#restoring-etcd-v3-snapshotide

 

爲了減小步驟,先clone那臺master出來成爲etcd1,而後修改ip,主機名,而後將上面的服務移除ui

# mkdir -p /etc/origin/node/pods-stopped
# mv /etc/origin/node/pods/* /etc/origin/node/pods-stopped/

 

而後開始具體步驟:spa

 

  • 修改雙方機器的/etc/hosts加入節點
  • 生成新節點所須要的證書

master節點上操做3d

export NEW_ETCD_HOSTNAME="etcd1.example.com"
export NEW_ETCD_IP="192.168.56.109"

export CN=$NEW_ETCD_HOSTNAME
export SAN="IP:${NEW_ETCD_IP}, DNS:${NEW_ETCD_HOSTNAME}"
export PREFIX="/etc/etcd/generated_certs/etcd-$CN/"
export OPENSSLCFG="/etc/etcd/ca/openssl.cnf"

 

# mkdir -p ${PREFIX}

# openssl req -new -config ${OPENSSLCFG} \
    -keyout ${PREFIX}server.key  \
    -out ${PREFIX}server.csr \
    -reqexts etcd_v3_req -batch -nodes \
    -subj /CN=$CN

# openssl ca -name etcd_ca -config ${OPENSSLCFG} \
    -out ${PREFIX}server.crt \
    -in ${PREFIX}server.csr \
    -extensions etcd_v3_ca_server -batch

# openssl req -new -config ${OPENSSLCFG} \
    -keyout ${PREFIX}peer.key \
    -out ${PREFIX}peer.csr \
    -reqexts etcd_v3_req -batch -nodes \
    -subj /CN=$CN

# openssl ca -name etcd_ca -config ${OPENSSLCFG} \
  -out ${PREFIX}peer.crt \
  -in ${PREFIX}peer.csr \
  -extensions etcd_v3_ca_peer -batch

 

將配置etcd.conf和ca.crt拷貝到master下爲新的etcd節點配置的路徑rest

# cp /etc/etcd/etcd.conf ${PREFIX}
# cp /etc/etcd/ca.crt ${PREFIX}

 

  • 添加節點,在master機器上操做

先member list一下,確保沒有localhostcode

etcdctl --cert-file=/etc/etcd/peer.crt \
    --key-file=/etc/etcd/peer.key \
    --ca-file=/etc/etcd/ca.crt \
    --peers="https://192.168.56.103:2379"    member list

 

etcdctl -C https://192.168.56.103:2379 \
  --ca-file=/etc/etcd/ca.crt     \
  --cert-file=/etc/etcd/peer.crt     \
  --key-file=/etc/etcd/peer.key member add ${NEW_ETCD_HOSTNAME} https://${NEW_ETCD_IP}:2380

Member 2bc199c384f701e3 added to cluster e99c0083931d3d79

ETCD_NAME="etcd1.example.com"
ETCD_INITIAL_CLUSTER="etcd1.example.com=https://192.168.56.109:2380,master.example.com=https://192.168.56.103:2380"
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://192.168.56.109:2380"
ETCD_INITIAL_CLUSTER_STATE="existing"

 

  • 修改配置

修改${PREFIX}/etcd.conf的各類值,按照上面的輸出,主要是包括這些字段orm

ETCD_NAME

ETCD_INITIAL_CLUSTER

ETCD_INITIAL_CLUSTER_STATE

ETCD_LISTEN_PEER_URLS
ETCD_LISTEN_CLIENT_URLS
ETCD_INITIAL_ADVERTISE_PEER_URLS
ETCD_ADVERTISE_CLIENT_URLS

打包拷貝到新的etcd機器server

# tar -czvf /etc/etcd/generated_certs/${CN}.tgz -C ${PREFIX} .
# scp /etc/etcd/generated_certs/${CN}.tgz ${CN}:/tmp/

 

  • 新的etcd的機器上操做

停進程

# mkdir -p /etc/origin/node/pods-stopped
# mv /etc/origin/node/pods/* /etc/origin/node/pods-stopped/
  • 刪除現有數據
# rm -Rf /etc/etcd/*
# rm -Rf /var/lib/etcd/*
# tar xzvf /tmp/etcd0.example.com.tgz -C /etc/etcd/

# chown -R etcd.etcd /etc/etcd/*
# chown -R etcd.etcd /var/lib/etcd/

檢查一下這些數據的時間點

 

  • 啓動新的etcd
# cp /etc/origin/node/pods-stopped/etcd.yaml  /etc/origin/node/pods/

 

經過master-logs觀察數據

/usr/local/bin/master-logs etcd etcd -f

在/var/lib/etcd下會同步一份新的數據

無誤後檢查

 

相同步驟添加另外一個Server.

 

etcd數據恢復

若是是原來就有3個Etcd Server,能夠先用snapshot.db恢復第一臺,而後基於member add添加另一臺,啓動另外那臺就可,

不須要配置證書等步驟。

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程