安装 etcd

    当前是通过 rpm 包安装

    k8smaster0机器为例:

    1. $ cat /usr/lib/systemd/system/etcd.service
    2. [Unit]
    3. Description=Etcd Server
    4. After=network.target
    5. After=network-online.target
    6. Wants=network-online.target
    8. Type=notify
    10. EnvironmentFile=-/etc/etcd/etcd.conf
    11. # set GOMAXPROCS to number of processors
    12. ExecStart=/bin/bash -c "ETCD_UNSUPPORTED_ARCH=arm64 /usr/bin/etcd --name=k8smaster0 --cert-file=/etc/etcd/kubernetes.pem --key-file=/etc/etcd/kubernetes-key.pem --peer-cert-file=/etc/etcd/kubernetes.pem --peer-key-file=/etc/etcd/kubernetes-key.pem --trusted-ca-file=/etc/etcd/ca.pem --peer-trusted-ca-file=/etc/etcd/ca.pem --peer-client-cert-auth --client-cert-auth --initial-advertise-peer-urls https://192.168.122.154:2380 --listen-peer-urls https://192.168.122.154:2380 --listen-client-urls https://192.168.122.154:2379,https://127.0.0.1:2379 --advertise-client-urls https://192.168.122.154:2379 --initial-cluster-token etcd-cluster-0 --initial-cluster k8smaster0=https://192.168.122.154:2380,k8smaster1=https://192.168.122.155:2380,k8smaster2=https://192.168.122.156:2380 --initial-cluster-state new --data-dir /var/lib/etcd"
    14. Restart=always
    15. RestartSec=10s
    16. LimitNOFILE=65536
    18. [Install]
    19. WantedBy=multi-user.target
    • 由于本文把etcd和k8s control部署在相同机器,所以使用了kubernetes.pemkubernetes-key.pem证书来启动;
    • ca证书,在整个部署流程里面使用了一个,etcd可以生成自己的ca,然后用自己的ca签名其他证书,但是需要在apiserver访问etcd的client用该ca签名的证书;
    • initial-cluster需要把所有部署etcd的配置加上;
    • 为了提高etcd的存储效率,可以使用ssd硬盘的目录,作为data-dir

    启动服务

    1. $  ETCDCTL_API=3 etcdctl -w table endpoint status --endpoints=https://192.168.122.155:2379,https://192.168.122.156:2379,https://192.168.122.154:2379   --cacert=/etc/etcd/ca.pem   --cert=/etc/etcd/kubernetes.pem   --key=/etc/etcd/kubernetes-key.pem
    2. +------------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
    3. |           ENDPOINT           |        ID        | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFTAPPLIED INDEX | ERRORS |
    4. +------------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
    5. | https://192.168.122.155:2379 | b50ec873e253ebaa |  3.4.14 |  262 kB |     false |      false |       819 |         21 |           21 |        |
    6. | https://192.168.122.156:2379 | e2b0d126774c6d02 |  3.4.14 |  262 kB |      true |      false |       819 |         21 |           21 |        |
    8. +------------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+