5.第四篇 Etcd儲存元件高可用部署
阿新 • • 發佈:2022-03-17
下載並分發軟體包
#!/bin/bash cd /data/k8s/work source /data/k8s/bin/env.sh wget https://github.com/etcd-io/etcd/releases/download/v3.3.18/etcd-v3.3.18-linux-amd64.tar.gz tar -zxf etcd-v3.3.18-linux-amd64.tar.gz for node_ip in ${ETCD_IPS[@]} do echo ">>> ${node_ip}" scp etcd-v3.3.18-linux-amd64/etcd* root@${node_ip}:/opt/k8s/bin ssh root@${node_ip} "chmod +x /data/k8s/bin/*" done
建立啟動檔案模板
#!/bin/bash cd /data/k8s/work source /data/k8s/bin/env.sh cat > etcd.service.template <<EOF [Unit] Description=Etcd Server After=network.target After=network-online.target Wants=network-online.target Documentation=https://github.com/coreos [Service] Type=notify WorkingDirectory=${ETCD_DATA_DIR} ExecStart=/data/k8s/bin/etcd \\ --data-dir=${ETCD_DATA_DIR} \\ --wal-dir=${ETCD_WAL_DIR} \\ --name=##NODE_NAME## \\ --cert-file=/etc/etcd/cert/etcd.pem \\ --key-file=/etc/etcd/cert/etcd-key.pem \\ --trusted-ca-file=/etc/kubernetes/cert/ca.pem \\ --peer-cert-file=/etc/etcd/cert/etcd.pem \\ --peer-key-file=/etc/etcd/cert/etcd-key.pem \\ --peer-trusted-ca-file=/etc/kubernetes/cert/ca.pem \\ --peer-client-cert-auth \\ --client-cert-auth \\ --listen-peer-urls=https://##NODE_IP##:2380 \\ --initial-advertise-peer-urls=https://##NODE_IP##:2380 \\ --listen-client-urls=https://##NODE_IP##:2379,http://127.0.0.1:2379 \\ --advertise-client-urls=https://##NODE_IP##:2379 \\ --initial-cluster-token=k8s-etcd-cluster \\ --initial-cluster=${ETCD_NODES} \\ --initial-cluster-state=new \\ --auto-compaction-mode=periodic \\ --auto-compaction-retention=1 \\ --max-request-bytes=33554432 \\ --quota-backend-bytes=6442450944 \\ --heartbeat-interval=250 \\ --election-timeout=2000 Restart=on-failure RestartSec=5 LimitNOFILE=65536 [Install] WantedBy=multi-user.target EOF
配置解釋
伺服器配置生成並分發
#!/bin/bash # 根據模板生成各伺服器配置 cd /data/k8s/work source /data/k8s/bin/env.sh for (( i=0; i < 3; i++ )) do sed -e "s/##NODE_NAME##/${ETCD_NAMES[i]}/" -e "s/##NODE_IP##/${ETCD_IPS[i]}/" etcd.service.template > etcd-${ETCD_IPS[i]}.service done # 分發到etcd叢集伺服器 for node_ip in ${ETCD_IPS[@]} do echo ">>> ${node_ip}" scp etcd-${node_ip}.service root@${node_ip}:/etc/systemd/system/etcd.service done
遠端啟動Etcd服務
#!/bin/bash
source /data/k8s/bin/env.sh
for node_ip in ${ETCD_IPS[@]}
do
echo ">>> ${node_ip}"
ssh root@${node_ip} "mkdir -p ${ETCD_DATA_DIR} ${ETCD_WAL_DIR}"
ssh root@${node_ip} "systemctl daemon-reload && systemctl enable etcd && systemctl restart etcd "
done
服務測試
etcd程序狀態
#!/bin/bash
cd /data/k8s/work
source /data/k8s/bin/env.sh
for node_ip in ${ETCD_IPS[@]}
do
echo ">>> ${node_ip}"
ssh root@${node_ip} "systemctl status etcd|grep -i active"
done
結果如下:
>>> 100.73.16.105
Active: active (running) since Fri 2019-12-27 10:37:58 CST; 1 weeks 6 days ago
>>> 100.73.16.106
Active: active (running) since Fri 2019-12-27 10:35:02 CST; 1 weeks 6 days ago
>>> 100.73.16.107
Active: active (running) since Fri 2019-12-27 10:35:04 CST; 1 weeks 6 days ago
etcd叢集健康狀態
#!/bin/bash
source /data/k8s/bin/env.sh
for node_ip in ${ETCD_IPS[@]}
do
echo ">>> ${node_ip}"
ETCDCTL_API=3 /data/k8s/bin/etcdctl \
--endpoints=https://${node_ip}:2379 \
--cacert=/etc/kubernetes/cert/ca.pem \
--cert=/etc/etcd/cert/etcd.pem \
--key=/etc/etcd/cert/etcd-key.pem endpoint health
done
結果如下:
>>> 192.168.16.101
https://192.168.16.101:2379 is healthy: successfully committed proposal: took = 11.701119ms
>>> 192.168.16.102
https://192.168.16.102:2379 is healthy: successfully committed proposal: took = 16.642322ms
>>> 192.168.16.103
https://192.168.16.103:2379 is healthy: successfully committed proposal: took = 10.666141ms
etcd叢集狀態
!/bin/bash
source /data/k8s/bin/env.sh
ETCDCTL_API=3 /data/k8s/bin/etcdctl \
-w table --cacert=/etc/kubernetes/cert/ca.pem \
--cert=/etc/etcd/cert/etcd.pem \
--key=/etc/etcd/cert/etcd-key.pem \
--endpoints=${ETCD_ENDPOINTS} endpoint status
結果如下:
+-----------------------------+------------------+---------+---------+-----------+-----------+------------+
| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | RAFT TERM | RAFT INDEX |
+-----------------------------+------------------+---------+---------+-----------+-----------+------------+
| https://etcd01.k8s.vip:2379 | 3a24b6728b5c27ab | 3.3.18 | 3.1 MB | false | 4 | 5511275 |
| https://etcd02.k8s.vip:2379 | 650c1614add8d9a | 3.3.18 | 3.1 MB | true | 4 | 5511275 |
| https://etcd03.k8s.vip:2379 | bac9ebb7f9efb1bd | 3.3.18 | 3.2 MB | false | 4 | 5511275 |
+-----------------------------+------------------+---------+---------+-----------+-----------+------------+
總結
部署思路是下載二進位制安裝包,分發到伺服器,生成啟動檔案模板,根據之前定義的變數,進行替換並生成各伺服器啟動檔案,再把啟動檔案分發到各伺服器去,最後啟動服務並驗證。