Etcd-v3.4.27集群部署

2024-07-16 12:34:05
开发
21

下载etcd

# wget  https://storage.googleapis.com/etcd/v3.4.27/etcd-v3.4.27-linux-amd64.tar.gz
--2024-07-16 09:46:54--  https://storage.googleapis.com/etcd/v3.4.27/etcd-v3.4.27-linux-amd64.tar.gz
Resolving storage.googleapis.com (storage.googleapis.com)... 142.251.43.27, 172.217.163.59, 172.217.160.123, ...
Connecting to storage.googleapis.com (storage.googleapis.com)|142.251.43.27|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 16171146 (15M) [application/x-tar]
Saving to: ‘etcd-v3.4.27-linux-amd64.tar.gz’

100%[===========================================================================================================================>] 16,171,146  8.40MB/s   in 1.8s   

2024-07-16 09:46:56 (8.40 MB/s) - ‘etcd-v3.4.27-linux-amd64.tar.gz’ saved [16171146/16171146]

如果是下载其他版本。则可以用如下脚本，修改版本号

ETCD_VER=v3.4.27

# choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}

rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test

curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz

/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version

新增配置文件etcd.conf.yml

# cat etcd.conf.yml 
# 节点名称，不能重复，需要和initial-cluster配置项中每个服务器ip对应的节点名对齐
name: etcd02
# etcd  data和wal存储路径，按实际部署目录修改
data-dir: /data/dataos/modo/etcd-v3.4.27/data
wal-dir: /data/dataos/modo/etcd-v3.4.27/wal
# # 客户端监听端口 IP和占用端口按实际部署情况修改
listen-client-urls: http://10.200.207.2:2379,http://127.0.0.1:2379
advertise-client-urls: http://10.200.207.2:2379,http://127.0.0.1:2379
# etcd集群通信端口配置，IP和占用端口按实际部署情况修改
listen-peer-urls: http://10.200.207.2:2380
initial-advertise-peer-urls: http://10.200.207.2:2380
# 集群配置，三个节点的 节点名=ip:端口 按实际部署情况修改
initial-cluster: etcd01=http://10.200.207.1:2380,etcd02=http://10.200.207.2:2380,etcd03=http://10.200.207.3:2380
initial-cluster-token: etcd-cluster-token
initial-cluster-state: new

启动etcd

# cat start_etcd.sh 
#!/bin/bash
nohup ./etcd --config-file=etcd.conf.yml  > ./logs/etcd.log 2>&1  &

查看etcd

# etcdctl
-bash: etcdctl: command not found

命令未找到，添加配置

# ll /usr/local/bin/
total 0
# cp /data/dataos/modo/etcd-v3.4.27/etcd /usr/local/bin/
# cp /data/dataos/modo/etcd-v3.4.27/etcdctl /usr/local/bin/
# vi /etc/profile
# source /etc/profile
# etcdctl version
etcdctl version: 3.4.27
API version: 3.4

/etc/profile文件中新增etcdctl的api版本，默认使用2

# 在文件最后加入变量，因为etcd默认使用V2版本，我们需要V3版本的API。 export ETCDCTL_API=3

etcd开机自启动

# vi /etc/systemd/system/etcd.service 
# systemctl daemon-reload
# systemctl enable etcd
# systemctl start etcd
# systemctl status etcd
● etcd.service - Etcd Server
   Loaded: loaded (/etc/systemd/system/etcd.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2024-07-16 10:28:48 CST; 7s ago
     Docs: https://github.com/coreos/etcd
 Main PID: 26450 (etcd)
   CGroup: /system.slice/etcd.service
           └─26450 /usr/local/bin/etcd
Jul 16 10:28:47 10.200.207.2 etcd[26450]: raft2024/07/16 10:28:47 INFO: 8e9e05c52164694d became leader at term 2
Jul 16 10:28:47 10.200.207.2 etcd[26450]: raft2024/07/16 10:28:47 INFO: raft.node: 8e9e05c52164694d elected leader 8e9e05c52164694d at term 2
Jul 16 10:28:48 10.200.207.2 etcd[26450]: sync duration of 1.384904543s, expected less than 1s
Jul 16 10:28:48 10.200.207.2 etcd[26450]: published {Name:default ClientURLs:[http://localhost:2379]} to cluster cdf818194e3a8c32
Jul 16 10:28:48 10.200.207.2 etcd[26450]: ready to serve client requests
Jul 16 10:28:48 10.200.207.2 etcd[26450]: setting up the initial cluster version to 3.4
Jul 16 10:28:48 10.200.207.2 systemd[1]: Started Etcd Server.
Jul 16 10:28:48 10.200.207.2 etcd[26450]: serving insecure client requests on 127.0.0.1:2379, this is strongly discouraged!
Jul 16 10:28:48 10.200.207.2 etcd[26450]: set the initial cluster version to 3.4
Jul 16 10:28:48 10.200.207.2 etcd[26450]: enabled capabilities for version 3.4
# netstat -antp | grep 2379
tcp        0      0 127.0.0.1:2379          0.0.0.0:*               LISTEN      26450/etcd          
tcp        0      0 127.0.0.1:35094         127.0.0.1:2379          ESTABLISHED 26450/etcd          
tcp        0      0 127.0.0.1:2379          127.0.0.1:35094         ESTABLISHED 26450/etcd


# 创建用户，设置密码
etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --new-user-password=auyd871477sha user add root
# 添加角色
etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --user=root:auyd871477sha role add root
# 授权角色
etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --user=root:auyd871477sha user grant-role root root
# 配置允许登录
etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --user=root:auyd871477sha auth enable
# 查询账号列表，验证root账号是否创建成功
etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --user='root' --password='auyd871477sha'  user list
# 说明
# http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379  为3个节点的连接信息，具体可以看每个节点的配置
# auyd871477sha   root的密码
# 其余命令按照样例执行

etcd新增用户

前提是，主机上防火墙，iptabls关闭，要么就设置端口可以访问。

创建用户，设置密码
# etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --new-user-password=auyd871477sha user add root
User root created

添加角色
# etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --user=root:auyd871477sha role add root
{"level":"warn","ts":"2024-07-16T10:43:55.774319+0800","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"endpoint://client-b99c1334-e97a-4db8-a518-7daa4232f486/10.200.207.1:2379","attempt":0,"error":"rpc error: code = FailedPrecondition desc = etcdserver: authentication is not enabled"}
Role root created

授权角色
# etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --user=root:auyd871477sha user grant-role root root
{"level":"warn","ts":"2024-07-16T10:45:01.539572+0800","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"endpoint://client-96b7c611-46c1-4744-a997-f6c0f55dee0c/10.200.207.1:2379","attempt":0,"error":"rpc error: code = FailedPrecondition desc = etcdserver: authentication is not enabled"}
Role root is granted to user root

设置允许登陆
# etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --user=root:auyd871477sha auth enable
{"level":"warn","ts":"2024-07-16T10:45:24.638387+0800","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"endpoint://client-7f3bb6ef-11f0-44f1-875f-e17108e25fc8/10.200.207.1:2379","attempt":0,"error":"rpc error: code = FailedPrecondition desc = etcdserver: authentication is not enabled"}
Authentication Enabled

查询账号列表，验证root账号是否创建成功
# etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --user='root' --password='auyd871477sha'  user list
root

原文地址:https://blog.csdn.net/red_sky_blue/article/details/140457478 本文来自互联网用户投稿，该文观点仅代表作者本人，不代表本站立场。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如若转载，请注明出处：https://www.suanlizi.com/kf/1813069567916904448.html 如若内容造成侵权/违法违规/事实不符，请联系《酸梨子》网邮箱：1419361763@qq.com进行投诉反馈，一经查实，立即删除！

阅读全部