k8s集群部署三(部署Etcd集群)

原创
2019/02/16 17:14
阅读数 1.3K

由图中可以看出,Etcd是kube-apiserver用于存储的一个集群。

安装的下载地址为https://github.com/etcd-io/etcd/releases/tag/v3.2.12,找到其中的

etcd-v3.2.12-linux-amd64.tar.gz

在三台机依次解压,执行以下命令

tar -xzvf etcd-v3.2.12-linux-amd64.tar.gz

cd etcd-v3.2.12-linux-amd64

mkdir -p /opt/kubernetes/{bin,cfg,ssl}

mv etcd /opt/kubernetes/bin/

mv etcdctl /opt/kubernetes/bin/

cd /opt/kubernetes/cfg

touch etcd

vim etcd

内容如下

#[Member]
ETCD_NAME="etcd01"
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PFER_URLS="https://172.18.98.48:2380"
ETCD_LISTEN_CLIENT_URLS="https://172.18.98.48:2379"

#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://172.18.98.48:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://172.18.98.48:2379"
ETCD_INITIAL_CLUSTER="etcd01=https://172.18.98.48:2380,etcd02=https://172.18.98.47:2380,etcd03=https://172.18.98.46:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"

以上的IP地址根据你自己的IP地址来定。不同的服务器需要修改

ETCD_NAME,ETCD_LISTEN_PFER_URLS,ETCD_LISTEN_CLIENT_URLS,ETCD_INITIAL_ADVERTISE_PEER_URLS,ETCD_ADVERTISE_CLIENT_URLS

cd /usr/lib/systemd/system/

touch etcd.service

vim etcd.service

内容如下

[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target

[Service]
Type=notify
EnvironmentFile=-/opt/kubernetes/cfg/etcd
ExecStart=/opt/kubernetes/bin/etcd \
--name=${ETCD_NAME} \
--data-dir=${ETCD_DATA_DIR} \
--listen-peer-urls=${ETCD_LISTEN_PFER_URLS} \
--listen-client-urls=${ETCD_LISTEN_CLIENT_URLS},http://127.0.0.1:2379 \
--advertise-client-urls=${ETCD_ADVERTISE_CLIENT_URLS} \
--initial-advertise-peer-urls=${ETCD_INITIAL_ADVERTISE_PEER_URLS} \
--initial-cluster=${ETCD_INITIAL_CLUSTER} \
--initial-cluster-token=${ETCD_INITIAL_CLUSTER} \
--initial-cluster-state=new \
--cert-file=/opt/kubernetes/ssl/server.pem \
--key-file=/opt/kubernetes/ssl/server-key.pem \
--peer-cert-file=/opt/kubernetes/ssl/server.pem \
--peer-key-file=/opt/kubernetes/ssl/server-key.pem \
--trusted-ca-file=/opt/kubernetes/ssl/ca.pem \
--peer-trusted-ca-file=/opt/kubernetes/ssl/ca.pem
Restart=on-failure
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target

进入之前存储证书文件的目录

cd ssl

cp server*pem ca*.pem /opt/kubernetes/ssl/

systemctl daemon-reload & systemctl start etcd进行启动

如果启动中有错误,可以通过journalctl -u etcd或者tail -100f /var/log/messages来查看错误日志。

启动成功,查看进程

# ps -ef | grep etcd
root      5243     1  3 16:42 ?        00:00:00 /opt/kubernetes/bin/etcd --name=etcd01 --data-dir=/var/lib/etcd/default.etcd --listen-peer-urls=https://172.18.98.48:2380 --listen-client-urls=https://172.18.98.48:2379,http://127.0.0.1:2379 --advertise-client-urls=https://172.18.98.48:2379 --initial-advertise-peer-urls=https://172.18.98.48:2380 --initial-cluster=etcd01=https://172.18.98.48:2380,etcd02=https://172.18.98.47:2380,etcd03=https://172.18.98.46:2380 --initial-cluster-token=etcd01=https://172.18.98.48:2380,etcd02=https://172.18.98.47:2380,etcd03=https://172.18.98.46:2380 --initial-cluster-state=new --cert-file=/opt/kubernetes/ssl/server.pem --key-file=/opt/kubernetes/ssl/server-key.pem --peer-cert-file=/opt/kubernetes/ssl/server.pem --peer-key-file=/opt/kubernetes/ssl/server-key.pem --trusted-ca-file=/opt/kubernetes/ssl/ca.pem --peer-trusted-ca-file=/opt/kubernetes/ssl/ca.pem

测试Etcd集群

vim /etc/profile

在最末尾增加

PATH=$PATH:/opt/kubernetes/bin

保存退出

source /etc/profile

cd /opt/kubernetes/ssl/

# etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem --endpoints="https://172.18.98.48:2379,https://172.18.98.47:2379,https://172.18.98.46:2379" cluster-health
member 617854a0804804e is healthy: got healthy result from https://172.18.98.47:2379
member 93b5038b85e12bf7 is healthy: got healthy result from https://172.18.98.48:2379
member d848850d091a45de is healthy: got healthy result from https://172.18.98.46:2379
cluster is healthy

为了方便三台服务器安装,可以给它们安装免密码登录,具体可以参考如何在多台服务器添加ssh的免密码登录

展开阅读全文
加载中

作者的其它热门文章

打赏
0
1 收藏
分享
打赏
0 评论
1 收藏
0
分享
返回顶部
顶部