一键部署Etcd3.4.15集群
目录
一、Etcd部署架构图
二、下载etcd安装包
1、上传etcd-package.tar.gz 包到/opt目录下,etcd-package.tar.gz 目录如下:
etcd-package
├── cfssl
│ ├── cfssl
│ ├── cfssl-certinfo
│ └── cfssljson
├── conf
│ ├── ca-config.json
│ ├── ca.csr
│ ├── ca-csr.json
│ ├── ca-key.pem
│ ├── ca.pem
│ ├── etcd.service
│ ├── generate_etcd_cert.sh
│ ├── server.csr
│ ├── server-csr.json
│ ├── server-key.pem
│ └── server.pem
├── etcd
│ ├── bin
│ │ ├── etcd
│ │ └── etcdctl
│ ├── cfg
│ │ └── etcd.conf
│ └── ssl
│ ├── ca-key.pem
│ ├── ca.pem
│ ├── server-key.pem
│ └── server.pem
├── install.sh
└── uninstall.sh
2、安装Etcd
tar zxvf ./etcd-package.tar.gz
修改server-csr.json
# etcd/conf/server-csr.json
{
"CN": "etcd",
"hosts": [
"172.19.12.11",
"172.19.12.12",
"172.19.12.13"
],
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"L": "BeiJing",
"ST": "BeiJing"
}
]
}
修改etcd/cfg/etcd.conf文件,根据etcd01、etcd02、etcd03的IP与名称修改
ETCD_NAME="etcd01"
...
ETCD_LISTEN_PEER_URLS="https://172.19.12.11:2380"
ETCD_LISTEN_CLIENT_URLS="https://172.19.12.11:2379,http://127.0.0.1:2379"
...
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://172.19.12.11:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://172.19.12.11:2379"
ETCD_INITIAL_CLUSTER="etcd01=https://172.19.12.11:2380,etcd02=https://172.19.12.12:2380,etcd03=https://172.19.12.13:2380"
3、安装 etcd01
sh install.sh
4、将证书传到etcd-02、etcd-03服务器上
scp -r /opt/etcd/ssl/* root@etcd-02:/opt/etcd/ssl/
scp -r /opt/etcd/ssl/* root@etcd-03:/opt/etcd/ssl/
5、修改etcd02、etcd03 的 etcd/cfg/etcd.conf文件
ETCD_NAME="etcd02"
...
ETCD_LISTEN_PEER_URLS="https://172.19.12.12:2380"
ETCD_LISTEN_CLIENT_URLS="https://172.19.12.12:2379,http://127.0.0.1:2379"
...
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://172.19.12.12:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://172.19.12.12:2379"
ETCD_INITIAL_CLUSTER="etcd01=https://172.19.12.11:2380,etcd02=https://172.19.12.12:2380,etcd03=https://172.19.12.13:2380"
ETCD_NAME="etcd03"
...
ETCD_LISTEN_PEER_URLS="https://172.19.12.13:2380"
ETCD_LISTEN_CLIENT_URLS="https://172.19.12.13:2379,http://127.0.0.1:2379"
...
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://172.19.12.13:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://172.19.12.13:2379"
ETCD_INITIAL_CLUSTER="etcd01=https://172.19.12.11:2380,etcd02=https://172.19.12.12:2380,etcd03=https://172.19.12.13:2380"
三、验证
# /opt/etcd/bin
./etcdctl \
--cacert=/opt/etcd/ssl/ca.pem \
--cert=/opt/etcd/ssl/server.pem \
--key=/opt/etcd/ssl/server-key.pem \
--endpoints="https://172.19.12.11:2379,https://172.19.12.12:2379,https://172.19.12.13:2379" \
endpoint health
成功
https://172.19.12.11:2379 is healthy: successfully committed proposal: took = 20.944439ms
https://172.19.12.12:2379 is healthy: successfully committed proposal: took = 21.553236ms
https://172.19.12.13:2379 is healthy: successfully committed proposal: took = 21.869114ms