二進位制安裝k8s-1.20.4之搭建etcd叢集
阿新 • • 發佈:2022-05-05
1、部署etcd檔案
cd /data/app/k8s-ssl/
cp ca.pem kubernetes-key.pem kubernetes.pem /data/app/etcd/ssl/
2、 建立etcd服務配置檔案
vim etcd.sh
ETCD_NAME=`hostname` INTERNAL_IP=`hostname -i` INITIAL_CLUSTER=zy-nph-skg-fat-channel-redis-yace01=https://172.31.170.15:2380,zy-nph-skg-fat-channel-redis-yace02=https://172.31.170.16:2380,zy-nph-skg-fat-channel-redis-yace03=https://172.31.170.17:2380 SSL_PATH=/data/app/etcd/ssl cat << EOF | sudo tee /etc/systemd/system/etcd.service [Unit] Description=etcd Documentation=https://github.com/coreos [Service] ExecStart=/usr/local/bin/etcd \\ --name ${ETCD_NAME} \\ --cert-file=${SSL_PATH}/kubernetes.pem \\ --key-file=${SSL_PATH}/kubernetes-key.pem \\--peer-cert-file=${SSL_PATH}/kubernetes.pem \\ --peer-key-file=${SSL_PATH}/kubernetes-key.pem \\ --trusted-ca-file=${SSL_PATH}/ca.pem \\ --peer-trusted-ca-file=${SSL_PATH}/ca.pem \\ --peer-client-cert-auth \\ --client-cert-auth \\ --initial-advertise-peer-urls https://${INTERNAL_IP}:2380 \\ --listen-peer-urls https://${INTERNAL_IP}:2380 \\ --listen-client-urls https://${INTERNAL_IP}:2379,https://127.0.0.1:2379 \\ --advertise-client-urls https://${INTERNAL_IP}:2379 \\ --initial-cluster-token etcd-cluster-0 \\ --initial-cluster ${INITIAL_CLUSTER} \\ --initial-cluster-state new \\ --data-dir=/data/app/etcd/data Restart=on-failure RestartSec=5 [Install] WantedBy=multi-user.target EOF
3、 啟動etcd叢集服務
systemctl daemon-reload
systemctl enable etcd
systemctl start etcd
4、 驗證etcd叢集服務
export ETCDCTL_API=3 etcdctl --endpoints="172.31.170.15:2379,172.31.170.16:2379,172.31.170.17:2379" --cacert=/data/app/etcd/ssl/ca.pem --cert=/data/app/etcd/ssl/kubernetes.pem --key=/data/app/etcd/ssl/kubernetes-key.pem endpoint status --write-out=table etcdctl --endpoints="172.31.170.15:2379,172.31.170.16:2379,172.31.170.17:2379" --cacert=/data/app/etcd/ssl/ca.pem --cert=/data/app/etcd/ssl/kubernetes.pem --key=/data/app/etcd/ssl/kubernetes-key.pem endpoint health --write-out=table