etcd集群搭建

环境介绍

基于CentOS Linux release 7.9.2009 (Core)

ip hostname role
172.17.0.4 cd782d0a790b etcd1
172.17.0.3 83d43a1203f6 etcd2
172.17.0.2 99dac45f202c etcd3

提前准备工作

## 先添加 yum 仓库
## docker-ce
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

## epel
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
安装docker-ce
yum install -y yum-utils device-mapper-persistent-data lvm2 docker-ce
安装go,非必须(如果编译安装,则要有go环境)
yum install golang
其他
yum -y install ansible git iproute

开始构建etcd集群(yum 安装)

yum -y install etcd

## 查看版本
[root@cd782d0a790b data]# etcdctl -v
etcdctl version: 3.3.11
API version: 2

1、基于http协议构建集群

编辑配置文件
cat /etc/etcd/etcd.conf

## etcd存储路径
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"

## 用于监听集群内所有etcd通讯的URL列表
ETCD_LISTEN_PEER_URLS="http://172.17.0.4:2380"

## 用于监听客户端通讯的URL列表
ETCD_LISTEN_CLIENT_URLS="http://172.17.0.4:2379,http://127.0.0.1:2379"

## 集群名字
ETCD_NAME="etcd1"

## 触发快照到硬盘的已提交事务的数量
ETCD_SNAPSHOT_COUNT="10000"

## 心跳间隔时间,单位毫秒
ETCD_HEARTBEAT_INTERVAL="250"

## 选举的超时时间,单位毫秒
ETCD_ELECTION_TIMEOUT="5000"

## 列出本机的通信 URL 以便通告给集群的其他成员
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://172.17.0.4:2380"

## 列出本机的客户端连接URL,通告给集群中的其他成员
ETCD_ADVERTISE_CLIENT_URLS="http://172.17.0.4:2379"

## 启动初始化集群配置
ETCD_INITIAL_CLUSTER="etcd1=http://172.17.0.4:2380,etcd2=http://172.17.0.3:2380,etcd3=http://172.17.0.2:2380"

## 在启动期间用于 etcd 集群的初始化集群记号
ETCD_INITIAL_CLUSTER_TOKEN="k8s_etcd"

## 初始化集群状态,一般在新创建集群时填new,如果是加入某个已有的集群,则填写existing
ETCD_INITIAL_CLUSTER_STATE="new"

## 代理模式设置
ETCD_PROXY="off"

## 是否开始自动压缩,0表示关闭自动压缩。
ETCD_AUTO_COMPACTION_RETENTION="8"

## METRICS接口,用于提供给监控对接的
ETCD_METRICS="basic"

注意:三个配置文件大体内容基本相似,需要注意的是ETCD_NAME和本机的ip地址要随之更改

加入systemctl管理
cat /usr/lib/systemd/system/etcd.service

[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target

[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
EnvironmentFile=-/etc/etcd/etcd.conf
User=etcd
# set GOMAXPROCS to number of processors
ExecStart=/bin/bash -c "GOMAXPROCS=$(nproc) /usr/bin/etcd --name=\"${ETCD_NAME}\" --data-dir=\"${ETCD_DATA_DIR}\" --listen-client-urls=\"${ETCD_LISTEN_CLIENT_URLS}\""
Restart=on-failure
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target
启动服务,检查健康状态
## 三台都启动
systemctl start etcd

## 查看集群
[root@cd782d0a790b /]# etcdctl member list
d02233d35f3c4b94: name=etcd3 peerURLs=http://172.17.0.2:2380 clientURLs=http://172.17.0.2:2379 isLeader=false
e302fd1dad15f911: name=etcd1 peerURLs=http://172.17.0.4:2380 clientURLs=http://172.17.0.4:2379 isLeader=true
ef7057d9f69d96ad: name=etcd2 peerURLs=http://172.17.0.3:2380 clientURLs=http://172.17.0.3:2379 isLeader=false

## 检查健康状态
[root@cd782d0a790b /]# etcdctl cluster-health
member d02233d35f3c4b94 is healthy: got healthy result from http://172.17.0.2:2379
member e302fd1dad15f911 is healthy: got healthy result from http://172.17.0.4:2379
member ef7057d9f69d96ad is healthy: got healthy result from http://172.17.0.3:2379
以上为默认的 API version: 2,可以将 API version 改为 3,再次查看
export ETCDCTL_API=3
HOST_1=172.17.0.2
HOST_2=172.17.0.3
HOST_3=172.17.0.4
ENDPOINTS=$HOST_1:2379,$HOST_2:2379,$HOST_3:2379

## 查看list
[root@cd782d0a790b /]# etcdctl --endpoints=$ENDPOINTS member list
d02233d35f3c4b94, started, etcd3, http://172.17.0.2:2380, http://172.17.0.2:2379
e302fd1dad15f911, started, etcd1, http://172.17.0.4:2380, http://172.17.0.4:2379
ef7057d9f69d96ad, started, etcd2, http://172.17.0.3:2380, http://172.17.0.3:2379

## 检查health
[root@cd782d0a790b /]# etcdctl --endpoints=$ENDPOINTS endpoint health
172.17.0.2:2379 is healthy: successfully committed proposal: took = 7.5093ms
172.17.0.4:2379 is healthy: successfully committed proposal: took = 5.5682ms
172.17.0.3:2379 is healthy: successfully committed proposal: took = 8.0291ms

## 查看status
[root@cd782d0a790b /]# etcdctl --write-out=table --endpoints=$ENDPOINTS endpoint status
+-----------------+------------------+---------+---------+-----------+-----------+------------+
| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | RAFT TERM | RAFT INDEX |
+-----------------+------------------+---------+---------+-----------+-----------+------------+
| 172.17.0.2:2379 | d02233d35f3c4b94 | 3.3.11 | 16 kB | false | 129 | 12 |
| 172.17.0.3:2379 | ef7057d9f69d96ad | 3.3.11 | 16 kB | false | 129 | 12 |
| 172.17.0.4:2379 | e302fd1dad15f911 | 3.3.11 | 20 kB | true | 129 | 12 |
+-----------------+------------------+---------+---------+-----------+-----------+------------+

具体更多操作可以查看etcd官网demo:https://etcd.io/docs/v3.4/demo/

2、基于https构建集群

首先需要生成证书,下载证书生成工具
curl -s -L -o /usr/local/bin/cfssl https://pkg.cfssl.org/R1.2/cfssl_linux-amd64
curl -s -L -o /usr/local/bin/cfssljson https://pkg.cfssl.org/R1.2/cfssljson_linux-amd64
curl -s -L -o /usr/local/bin/cfssl-certinfo https://pkg.cfssl.org/R1.2/cfssl-certinfo_linux-amd64

chmod +x /usr/local/bin/cfssl*
开始生成证书
## CA机构配置,有效期10年
[root@cd782d0a790b cert]# cat > ca-config.json << EOF
{
"signing": {
"default": {
"expiry": "87600h"
},
"profiles": {
"etcd": {
"expiry": "87600h",
"usages": [
"signing",
"key encipherment",
"server auth",
"client auth"
]
}
}
}
}
EOF
"字段说明"
"ca-config.json":可以定义多个 profiles,分别指定不同的过期时间、使用场景等参数;后续在签名证书时使用某个 profile;
"signing":表示该证书可用于签名其它证书;生成的 ca.pem 证书中 CA=TRUE;
"server auth":表示client可以用该 CA 对server提供的证书进行验证;
"client auth":表示server可以用该 CA 对client提供的证书进行验证;

## CA机构配置,机构名称Comman Name,所在地Country国家, State省, Locality市
[root@cd782d0a790b cert]# cat > ca-csr.json << EOF
{
"CN": "etcd CA",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"ST": "Beijing",
"L": "Beijing"
}
]
}
EOF

## 向ca机构申请:证书注册 (中国,北京省,北京市),每个节点用相同的证书,所以要填写所有主机ip
[root@cd782d0a790b cert]# cat > server-csr.json << EOF
{
"CN": "etcd",
"hosts": [
"172.17.0.2",
"172.17.0.3",
"172.17.0.4"
],
"names": [
{
"C": "CN",
"ST": "BeiJing",
"L": "BeiJing",
"O":"aa.com",
"CN":"beijing.aa.com"
}
]
}
EOF

请求文件全部编辑好后:
## 生成ca证书和key
cfssl gencert -initca ca-csr.json | cfssljson -bare ca -
## 生成etcd证书和key,注意这里的-profile的值必须和ca-config中的profiles的值一样
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=etcd server-csr.json | cfssljson -bare server

## 生成证书如下
[root@cd782d0a790b ssl]# ls *.pem
ca-key.pem ca.pem server-key.pem server.pem

## 赋值读权限
chmod 644 *.pem

以上情况是客户端、服务端、集群内peer通信都是用同一个证书,实际情况中,可以把它分为多个,设置不同的功能,不同的到期时间,例如如下:

## ca证书生成,在此定义了几种不同的证书类型
[root@cd782d0a790b cert]# cat > ca-config.json << EOF
{
"signing": {
"default": {
"expiry": "168h"
},
"profiles": {
"server": {
"expiry": "8760h",
"usages": [
"signing",
"key encipherment",
"server auth"
]
},
"client": {
"expiry": "8760h",
"usages": [
"signing",
"key encipherment",
"client auth"
]
},
"peer": {
"expiry": "8760h",
"usages": [
"signing",
"key encipherment",
"server auth",
"client auth"
]
}
}
}
}
EOF
"类型说明"
在其中定义3个profile
"server" 作为服务器与客户端通信时的服务器证书
"client" 作为服务器与客户端通信时的客户端证书
"peer" 作为服务器间通信时用的证书,既认证服务器也认证客户端

cat > ca-csr.json << EOF
{
"CN": "etcd CA",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"ST": "Beijing",
"L": "Beijing"
}
]
}
EOF
 
## 这种是单独的,各自使用自己的peer证书,注意名字要不同,所有的机器都要执行一次
[root@cd782d0a790b cert]# cat > etcd1-csr.json << EOF
{
"CN": "etcd1",
"hosts": [
"172.17.0.2"
],
"names": [
{
"C": "CN",
"ST": "BeiJing",
"L": "BeiJing",
"O":"aa.com",
"CN":"beijing.aa.com"
}
]
}
EOF
 
请求文件全部编辑好后:
## 生成ca证书和key
cfssl gencert -initca ca-csr.json | cfssljson -bare ca -
## 生成etcd证书和key,注意这里的-profile的值必须和ca-config中的profiles的值一样
for i in `seq 1 5`;do cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=peer etcd${i}-csr.json | cfssljson -bare etcd${i};done

[root@cd782d0a790b ssl]# ls
ca-config.json ca.csr etcd1-key.pem etcd2-csr.json etcd2.pem etcd3.csr etcd4-key.pem etcd5-csr.json etcd5.pem
ca-csr.json ca.pem etcd1.csr etcd2-key.pem etcd3-csr.json etcd3.pem etcd4.csr etcd5-key.pem server.pem
ca-key.pem etcd1-csr.json etcd1.pem etcd2.csr etcd3-key.pem etcd4-csr.json etcd4.pem etcd5.csr

## 赋值读权限
chmod 644 *.pem

如果是每个服务器单独的证书,下边etcd的配置,包括查看、检查状态时,所指定的证书,都指定本机的即可

修改etcd.conf配置
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="https://172.17.0.4:2380"
ETCD_LISTEN_CLIENT_URLS="https://172.17.0.4:2379,https://127.0.0.1:2379"
ETCD_NAME="etcd1"
ETCD_SNAPSHOT_COUNT="10000"
ETCD_HEARTBEAT_INTERVAL="250"
ETCD_ELECTION_TIMEOUT="5000"
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://172.17.0.4:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://172.17.0.4:2379"
ETCD_INITIAL_CLUSTER="etcd1=https://172.17.0.4:2380,etcd2=https://172.17.0.3:2380,etcd3=https://172.17.0.2:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd"
ETCD_INITIAL_CLUSTER_STATE="new"
ETCD_PROXY="off"
## etcd 客户端与服务端通信的证书和key
ETCD_CERT_FILE="/data/cert/ssl/etcd1.pem"
ETCD_KEY_FILE="/data/cert/ssl/etcd1-key.pem"
ETCD_CLIENT_CERT_AUTH="true"

## ca证书
ETCD_TRUSTED_CA_FILE="/data/cert/ssl/ca.pem"

## etcd 集群内部通信证书和key
ETCD_PEER_CERT_FILE="/data/cert/ssl/etcd1.pem"
ETCD_PEER_KEY_FILE="/data/cert/ssl/etcd1-key.pem"
ETCD_PEER_CLIENT_CERT_AUTH="true"
ETCD_PEER_TRUSTED_CA_FILE="/data/cert/ssl/ca.pem"
ETCD_AUTO_COMPACTION_RETENTION="8"
ETCD_METRICS="basic"

将http全部更改为https,然后指定证书的路径的路径

重启服务
systemctl restart etcd

## 重启时,报类似错误
request sent was ignored (cluster ID mismatch: peer[61c68880c0fd8e67]=47ca0413c1aaf745, local=755bf44e2e1770ae)

publish error: etcdserver: request timed out

## 因为之前启动过http的etcd集群,已经有数据保存,由于这些脏数据引起的,所有节点全部数据删除后,重启即可
rm -rf /var/lib/etcd/default.etcd/*
检查状态
export ETCDCTL_API=3
HOST_1=https://172.17.0.2
HOST_2=https://172.17.0.3
HOST_3=https://172.17.0.4
ENDPOINTS=$HOST_1:2379,$HOST_2:2379,$HOST_3:2379

## list
etcdctl --endpoints=$ENDPOINTS --cacert="/data/cert/ssl/ca.pem" --cert="/data/cert/ssl/etcd1.pem" --key="/data/cert/ssl/etcd1-key.pem" member list --write-out=table
+------------------+---------+-------+-------------------------+-------------------------+
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS |
+------------------+---------+-------+-------------------------+-------------------------+
| 37ab29a4575d84d2 | started | etcd3 | https://172.17.0.2:2380 | https://172.17.0.2:2379 |
| 3e6a29fd4717a78b | started | etcd2 | https://172.17.0.3:2380 | https://172.17.0.3:2379 |
| 653155eddc689793 | started | etcd1 | https://172.17.0.4:2380 | https://172.17.0.4:2379 |
+------------------+---------+-------+-------------------------+-------------------------+

## status
etcdctl --endpoints=$ENDPOINTS --cacert="/data/cert/ssl/ca.pem" --cert="/data/cert/ssl/etcd1.pem" --key="/data/cert/ssl/etcd1-key.pem" endpoint status --write-out=table
+-------------------------+------------------+---------+---------+-----------+-----------+------------+
| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | RAFT TERM | RAFT INDEX |
+-------------------------+------------------+---------+---------+-----------+-----------+------------+
| https://172.17.0.2:2379 | 37ab29a4575d84d2 | 3.3.11 | 20 kB | false | 1064 | 139 |
| https://172.17.0.3:2379 | 3e6a29fd4717a78b | 3.3.11 | 20 kB | true | 1064 | 139 |
| https://172.17.0.4:2379 | 653155eddc689793 | 3.3.11 | 20 kB | false | 1064 | 139 |
+-------------------------+------------------+---------+---------+-----------+-----------+------------+

3、ETCD集群中添加节点

member add 添加
## add
etcdctl --endpoints=$ENDPOINTS --cacert="/data/cert/ssl/ca.pem" --cert="/data/cert/ssl/etcd1.pem" --key="/data/cert/ssl/etcd1-key.pem" member add etcd4 --peer-urls=https://172.17.0.5:2380
Member 71f4582f1c4ba901 added to cluster a89c967de8e14b61

ETCD_NAME="etcd4"
ETCD_INITIAL_CLUSTER="etcd3=https://172.17.0.2:2380,etcd2=https://172.17.0.3:2380,etcd1=https://172.17.0.4:2380,etcd4=https://172.17.0.5:2380"
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://172.17.0.5:2380"
ETCD_INITIAL_CLUSTER_STATE="existing"

## list
etcdctl --endpoints=$ENDPOINTS --cacert="/data/cert/ssl/ca.pem" --cert="/data/cert/ssl/etcd1.pem" --key="/data/cert/ssl/etcd1-key.pem" member list --write-out=table
+------------------+-----------+-------+-------------------------+-------------------------+
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS |
+------------------+-----------+-------+-------------------------+-------------------------+
| 37ab29a4575d84d2 | started | etcd3 | https://172.17.0.2:2380 | https://172.17.0.2:2379 |
| 3e6a29fd4717a78b | started | etcd2 | https://172.17.0.3:2380 | https://172.17.0.3:2379 |
| 653155eddc689793 | started | etcd1 | https://172.17.0.4:2380 | https://172.17.0.4:2379 |
| e321a980939fe867 | unstarted | | https://172.17.0.5:2380 | |
+------------------+-----------+-------+-------------------------+-------------------------+

注意:添加节点时,必须把集群状态修复完毕,才能继续添加下一个,否则报错类似:Error: etcdserver: unhealthy cluster

最终etcd4的配置文件如下
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="https://172.17.0.5:2380"
ETCD_LISTEN_CLIENT_URLS="https://172.17.0.5:2379,https://127.0.0.1:2379"
ETCD_NAME="etcd4"
ETCD_SNAPSHOT_COUNT="10000"
ETCD_HEARTBEAT_INTERVAL="250"
ETCD_ELECTION_TIMEOUT="5000"
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://172.17.0.5:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://172.17.0.5:2379"
ETCD_INITIAL_CLUSTER="etcd1=https://172.17.0.4:2380,etcd2=https://172.17.0.3:2380,etcd3=https://172.17.0.2:2380,etcd4=https://172.17.0.5:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd"
ETCD_INITIAL_CLUSTER_STATE="existing"
ETCD_PROXY="off"
ETCD_CERT_FILE="/data/cert/ssl/etcd4.pem"
ETCD_KEY_FILE="/data/cert/ssl/etcd4-key.pem"
ETCD_CLIENT_CERT_AUTH="true"
ETCD_TRUSTED_CA_FILE="/data/cert/ssl/ca.pem"
ETCD_PEER_CERT_FILE="/data/cert/ssl/etcd4.pem"
ETCD_PEER_KEY_FILE="/data/cert/ssl/etcd4-key.pem"
ETCD_PEER_CLIENT_CERT_AUTH="true"
ETCD_PEER_TRUSTED_CA_FILE="/data/cert/ssl/ca.pem"
ETCD_AUTO_COMPACTION_RETENTION="8"
ETCD_METRICS="basic"
启动etcd4,查看集群状态
systemctl start etcd

export ETCDCTL_API=3
HOST_1=https://172.17.0.2
HOST_2=https://172.17.0.3
HOST_3=https://172.17.0.4
HOST_4=https://172.17.0.5
ENDPOINTS=$HOST_1:2379,$HOST_2:2379,$HOST_3:2379,$HOST_4:2379

## list
etcdctl --endpoints=$ENDPOINTS --cacert="/data/cert/ssl/ca.pem" --cert="/data/cert/ssl/etcd1.pem" --key="/data/cert/ssl/etcd1-key.pem" member list --write-out=table
+------------------+---------+-------+-------------------------+-------------------------+
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS |
+------------------+---------+-------+-------------------------+-------------------------+
| 37ab29a4575d84d2 | started | etcd3 | https://172.17.0.2:2380 | https://172.17.0.2:2379 |
| 3e6a29fd4717a78b | started | etcd2 | https://172.17.0.3:2380 | https://172.17.0.3:2379 |
| 653155eddc689793 | started | etcd1 | https://172.17.0.4:2380 | https://172.17.0.4:2379 |
| e321a980939fe867 | started | etcd4 | https://172.17.0.5:2380 | https://172.17.0.5:2379 |
+------------------+---------+-------+-------------------------+-------------------------+

## status
etcdctl --endpoints=$ENDPOINTS --cacert="/data/cert/ssl/ca.pem" --cert="/data/cert/ssl/etcd1.pem" --key="/data/cert/ssl/etcd1-key.pem" endpoint status --write-out=table
+-------------------------+------------------+---------+---------+-----------+-----------+------------+
| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | RAFT TERM | RAFT INDEX |
+-------------------------+------------------+---------+---------+-----------+-----------+------------+
| https://172.17.0.2:2379 | 37ab29a4575d84d2 | 3.3.11 | 20 kB | false | 1066 | 159 |
| https://172.17.0.3:2379 | 3e6a29fd4717a78b | 3.3.11 | 20 kB | false | 1066 | 159 |
| https://172.17.0.4:2379 | 653155eddc689793 | 3.3.11 | 20 kB | true | 1066 | 159 |
| https://172.17.0.5:2379 | e321a980939fe867 | 3.3.11 | 20 kB | false | 1066 | 159 |
+-------------------------+------------------+---------+---------+-----------+-----------+------------+

4、备份及恢复ETCD集群数据

备份
## 环境配置
export ETCDCTL_API=3
kubectl get nodes -o wide
HOST_1=https://10.36.234.169
HOST_2=https://10.36.234.180
HOST_3=https://10.36.235.19
ENDPOINTS=$HOST_1:2379,$HOST_2:2379,$HOST_3:2379

## 备份
etcdctl --endpoints=$ENDPOINTS --cacert="/etc/ssl/etcd/ssl/ca.pem" --cert="/etc/ssl/etcd/ssl/member-gzbh-intelmbx043.gzbh.baidu.com.pem" --key="/etc/ssl/etcd/ssl/member-gzbh-intelmbx043.gzbh.baidu.com-key.pem" snapshot save my.db
Snapshot saved at my.db

## 查看
[root@gzbh-intelmbx043 etcd_data]# ls
my.db
恢复
## 停止etcd服务
systemctl stop etcd

## 删除原数据(如原数据重要,记得备份!)
rm -rf /var/lib/etcd

## 恢复,如果是多台机器集群模式,每个机器都要导入
etcdctl --endpoints=https://10.61.187.39:2379 --cacert="/etc/ssl/etcd/ssl/ca.pem" --cert="/etc/ssl/etcd/ssl/member-yq01-aip-aikefu06e1a866.yq01.baidu.com.pem" --key="/etc/ssl/etcd/ssl/member-yq01-aip-aikefu06e1a866.yq01.baidu.com-key.pem" snapshot restore my.db --name=etcd1 --initial-cluster etcd1=https://10.61.187.39:2380 --initial-cluster-token etcd_test --initial-advertise-peer-urls https://10.61.187.39:2380 --data-dir=/var/lib/etcd/
2021-05-25 16:05:02.784608 I | mvcc: restore compact to 6104817
2021-05-25 16:05:02.802119 I | etcdserver/membership: added member 67745b5848ce7e3c [https://10.61.187.39:2380] to cluster 1256ee7f1ba66254

## 启动服务即可
systemctl start etcd

需要注意:数据的备份和恢复是个敏感操作,一定要谨慎!

Kubernetes-3.3:ETCD集群搭建及使用(https认证+数据备份恢复)的更多相关文章

  1. [Kubernetes]CentOS7下Etcd集群搭建

    Etcd简要介绍 Etcd是Kubernetes集群中的一个十分重要的组件,用于保存集群所有的网络配置和对象的状态信息 Etcd构建自身高可用集群主要有三种形式: ①静态发现: 预先已知 Etcd 集 ...

  2. Docker下ETCD集群搭建

    搭建集群之前首先准备两台安装了CentOS 7的主机,并在其上安装好Docker. Master 10.100.97.46 Node 10.100.97.64 ETCD集群搭建有三种方式,分别是Sta ...

  3. Centos7下Etcd集群搭建

    一.简介 "A highly-available key value store for shared configuration and service discovery." ...

  4. kubeadm 线上集群部署(一) 外部 ETCD 集群搭建

      IP Hostname   192.168.1.23 k8s-etcd-01 etcd集群节点,默认关于ETCD所有操作均在此节点上操作 192.168.1.24 k8s-etcd-02 etcd ...

  5. etcd 集群搭建

    现有三台机器 CentOS7 node1 10.2.0.10 node2 10.2.0.11 node3 10.2.0.12  1 源码解压命令行方式 node1 ./etcd --name infr ...

  6. etcd集群搭建

    etcd介绍,以及适用场景,参考:http://www.infoq.com/cn/articles/etcd-interpretation-application-scenario-implement ...

  7. Kubernetes实战 高可用集群搭建,配置,运维与应用

    1-1 K8S导学 1-2 搭建K8S集群步骤和要点介绍 1-3 搭建三节点Ubuntu环境 1-4 安装容器引擎 1-5 下载Kubeadm.node组件和命令行工具 1-6 向集群中加入worke ...

  8. etcd集群的搭建

    由于最近在学习kubernetes,etcd作为kubernetes集群的主数据库,必须先启动. etcds实例名称 IP地址 Hostname etcd 1 192.168.142.161 kube ...

  9. Kubernetes集群部署之三ETCD集群部署

    kuberntes 系统使用 etcd 存储所有数据,本文档介绍部署一个三节点高可用 etcd 集群的步骤,这三个节点复用 kubernetes 集群机器k8s-master.k8s-node-1.k ...

随机推荐

  1. [源码分析] 分布式任务队列 Celery 之 发送Task & AMQP

    [源码分析] 分布式任务队列 Celery 之 发送Task & AMQP 目录 [源码分析] 分布式任务队列 Celery 之 发送Task & AMQP 0x00 摘要 0x01 ...

  2. 一次使用IDEA中HTTP Client的经历

    1 开端 HTTP Client是IDEA中自带的一个插件,用于代替原来的REST Client,打开Tools->HTTP Client->Test RESTful Web Servic ...

  3. JavaFX获取屏幕尺寸

    1 awt Dimension screenSize = Toolkit.getDefaultToolkit().getScreenSize(); double width = screenSize. ...

  4. 753. Cracking the Safe

    There is a box protected by a password. The password is n digits, where each letter can be one of th ...

  5. SpringCloud之Ribbon负载均衡策略

    Spring Cloud 微服务架构学习记录与示例 一.认识Ribbon 首先咱们需要认识下负载均衡,一般分为服务器端负载和客户端负载均衡. 服务器端负载均衡:比如Nginx.F5,请求达到服务器后由 ...

  6. IDAPython类库---idaapi.py的源码

    #ThisfilewasautomaticallygeneratedbySWIG(http://www.swig.org).#Version2.0.12##Donotmakechangestothis ...

  7. Linux中编写Shell脚本

    目录 Shell Shell脚本的执行 Shell脚本编写规范 Shell 中的变量 变量的算术运算 双小括号 (())  数值运算命令的用法 let 运算命令的用法 expr 命令的用法 br 命令 ...

  8. Python中面向对象和类

    目录 面向对象 类的定义 类的访问 类的属性和方法 继承和多态 面向对象 Python从设计之初就已经是一门面向对象的语言,正因为如此,在Python中创建一个类和对象是很容易的. 面向对象: 类(C ...

  9. 数据表格 layui.table

    layui官网-表单 自动渲染 方法渲染 table.render,cols中的field是后台传递的data map.put("data",stuService.selectSt ...

  10. 【技巧】使用xshell和xftp连接centos连接配置

    说明:xshell用来执行指令,xftp用来上传和下载文件. ① 这是xshell连接属性: ②.这是xftp连接属性 附件:这里给个xshelll和xftp的免安装的破解版本地址.侵删. 度娘链接: ...