Kubernetes容器集群部署Etcd(三)

master端操作:

 下载ectd:

https://github.com/coreos/etcd/releases/tag/v3.2.12

在分三台机器分别创建如下目录

mkdir /opt/kubernetes/{bin,cfg,ssl} -p

bin目录存放二进制包
cfg目录存放配置文件
ssl目录存放相关证书

解压etcd并把二进制放到的/opt/kubernetes/bin下

[root@master app]# mv etcd-v3.2.12-linux-amd64/etcd /opt/kubernetes/bin/
[root@master app]# mv etcd-v3.2.12-linux-amd64/etcdctl /opt/kubernetes/bin/

 

创建etcd

cfg目录下:

[root@master cfg]# cat > etcd <<EOF
#[Member]
ETCD_NAME="etcd01"
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="https://192.168.1.101:2380"
ETCD_LISTEN_CLIENT_URLS="https://192.168.1.101:2379"

#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://192.168.1.101:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://192.168.1.101:2379"
ETCD_INITIAL_CLUSTER="etcd01=https://192.168.1.101:2380,etcd02=https://192.168.1.102:2380,etcd03=https://192.168.1.101:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"
EOF

使用systemctl启动etcd

[root@master cfg]# vim /usr/lib/systemd/system/etcd.service

[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target



[Service]
Type=notify
EnvironmentFile=-/opt/kubernetes/cfg/etcd
ExecStart=/opt/kubernetes/bin/etcd \
--name=${ETCD_NAME} \
--data-dir=${ETCD_DATA_DIR} \
--listen-peer-urls=${ETCD_LISTEN_PEER_URLS} \
--listen-client-urls=${ETCD_LISTEN_CLIENT_URLS},http://127.0.0.1:2379 \
--advertise-client-urls=${ETCD_ADVERTISE_CLIENT_URLS} \
--initial-advertise-peer-urls=${ETCD_INITIAL_ADVERTISE_PEER_URLS} \
--initial-cluster=${ETCD_INITIAL_CLUSTER} \
--initial-cluster-token=${ETCD_INITIAL_CLUSTER} \
--initial-cluster-state=new \
--cert-file=/opt/kubernetes/ssl/server.pem \
--key-file=/opt/kubernetes/ssl/server-key.pem \
--peer-cert-file=/opt/kubernetes/ssl/server.pem \
--peer-key-file=/opt/kubernetes/ssl/server-key.pem \
--trusted-ca-file=/opt/kubernetes/ssl/ca.pem \
--peer-trusted-ca-file=/opt/kubernetes/ssl/ca.pem
Restart=on-failure
LimitNOFILE=65536




[Install]
WantedBy=multi-user.target






复制生成的证书到ssl止录下




[root@master ssl]# cp server*pem ca*em /opt/kubernetes/ssl/




 


启动etcd




systemctl start etcd
systemctl enable etcd




 


 


将master下的cfg bin ssl传到两台node节点




[root@master ~]# scp -r /opt/kubernetes/ssl/ root@192.168.1.102:/opt/kubernetes/
[root@master ~]# scp -r /opt/kubernetes/ssl/ root@192.168.1.103:/opt/kubernetes/
[root@master ~]# scp -r /opt/kubernetes/cfg/ root@192.168.1.103:/opt/kubernetes/
[root@master ~]# scp -r /opt/kubernetes/cfg/ root@192.168.1.102:/opt/kubernetes/
[root@master ~]# scp -r /opt/kubernetes/bin/ root@192.168.1.102:/opt/kubernetes/
[root@master ~]# scp -r /opt/kubernetes/bin/ root@192.168.1.103:/opt/kubernetes/
scp /usr/lib/systemd/system/etcd.service root@192.168.1.102:/usr/lib/systemd/system/
scp /usr/lib/systemd/system/etcd.service root@192.168.1.103:/usr/lib/systemd/system/




分别修改两台node节点etcd配置文件并启动etcd:






#[Member]
ETCD_NAME="etcd02"
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="https://192.168.1.102:2380"
ETCD_LISTEN_CLIENT_URLS="https://192.168.1.102:2379"

#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://192.168.1.102:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://192.168.1.102:2379"
ETCD_INITIAL_CLUSTER="etcd01=https://192.168.1.101:2380,etcd02=https://192.168.1.102:2380,etcd03=https://192.168.1.103:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"



node1节点






#[Member]
ETCD_NAME="etcd03"
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="https://192.168.1.103:2380"
ETCD_LISTEN_CLIENT_URLS="https://192.168.1.103:2379"

#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://192.168.1.103:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://192.168.1.103:2379"
ETCD_INITIAL_CLUSTER="etcd01=https://192.168.1.101:2380,etcd02=https://192.168.1.102:2380,etcd03=https://192.168.1.103:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"



node2节点


 


把bin下的etcdctl加入到全局变量中:




[root@master ssl]# tail -1 /etc/profile
PATH=$PATH:/opt/kubernetes/bin




测试集群状态:




[root@master ssl]# etcdctl --ca-file=/opt/kubernetes/ssl/ca.pem --cert-file=/opt/kubernetes/ssl/server.pem --key-file=/opt/kubernetes/ssl/server-key.pem --endpoints="https://192.168.1.101:2379,https://192.168.1.102:2379,https://192.168.1.103:2379" cluster-health
2018-08-07 16:04:56.712309 I | warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated
2018-08-07 16:04:56.713135 I | warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated
member aaa5c721ef606e3e is healthy: got healthy result from https://192.168.1.103:2379
member be00be9e45da0e29 is healthy: got healthy result from https://192.168.1.101:2379
member fcac5aab5d8c11fa is healthy: got healthy result from https://192.168.1.102:2379
cluster is healthy




 






        

        

            posted on 
2018-08-07 16:06 
裤裆内隐藏杀气 
阅读(497) 
评论(0编辑 
收藏 
举报

        

    










    
    

    
    

    

        

    

        

            
                
                
            
        

    

    

    

    





            

        

        

            

导航