Etcd-v3.4.27集群部署_业界新闻

发布时间:2024-07-19 01:09

阅读量:4

下载etcd

# wget  https://storage.googleapis.com/etcd/v3.4.27/etcd-v3.4.27-linux-amd64.tar.gz --2024-07-16 09:46:54--  https://storage.googleapis.com/etcd/v3.4.27/etcd-v3.4.27-linux-amd64.tar.gz Resolving storage.googleapis.com (storage.googleapis.com)... 142.251.43.27, 172.217.163.59, 172.217.160.123, ... Connecting to storage.googleapis.com (storage.googleapis.com)|142.251.43.27|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 16171146 (15M) [application/x-tar] Saving to: ‘etcd-v3.4.27-linux-amd64.tar.gz’  100%[===========================================================================================================================>] 16,171,146  8.40MB/s   in 1.8s     2024-07-16 09:46:56 (8.40 MB/s) - ‘etcd-v3.4.27-linux-amd64.tar.gz’ saved [16171146/16171146]

如果是下载其他版本。则可以用如下脚本，修改版本号

ETCD_VER=v3.4.27  # choose either URL GOOGLE_URL=https://storage.googleapis.com/etcd GITHUB_URL=https://github.com/etcd-io/etcd/releases/download DOWNLOAD_URL=${GOOGLE_URL}  rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test  curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1 rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz  /tmp/etcd-download-test/etcd --version /tmp/etcd-download-test/etcdctl version

新增配置文件etcd.conf.yml

# cat etcd.conf.yml  # 节点名称，不能重复，需要和initial-cluster配置项中每个服务器ip对应的节点名对齐 name: etcd02 # etcd  data和wal存储路径，按实际部署目录修改 data-dir: /data/dataos/modo/etcd-v3.4.27/data wal-dir: /data/dataos/modo/etcd-v3.4.27/wal # # 客户端监听端口 IP和占用端口按实际部署情况修改 listen-client-urls: http://10.200.207.2:2379,http://127.0.0.1:2379 advertise-client-urls: http://10.200.207.2:2379,http://127.0.0.1:2379 # etcd集群通信端口配置，IP和占用端口按实际部署情况修改 listen-peer-urls: http://10.200.207.2:2380 initial-advertise-peer-urls: http://10.200.207.2:2380 # 集群配置，三个节点的 节点名=ip:端口 按实际部署情况修改 initial-cluster: etcd01=http://10.200.207.1:2380,etcd02=http://10.200.207.2:2380,etcd03=http://10.200.207.3:2380 initial-cluster-token: etcd-cluster-token initial-cluster-state: new

启动etcd

# cat start_etcd.sh  #!/bin/bash nohup ./etcd --config-file=etcd.conf.yml  > ./logs/etcd.log 2>&1  &

查看etcd

# etcdctl -bash: etcdctl: command not found

命令未找到，添加配置

# ll /usr/local/bin/ total 0 # cp /data/dataos/modo/etcd-v3.4.27/etcd /usr/local/bin/ # cp /data/dataos/modo/etcd-v3.4.27/etcdctl /usr/local/bin/ # vi /etc/profile # source /etc/profile # etcdctl version etcdctl version: 3.4.27 API version: 3.4

/etc/profile文件中新增etcdctl的api版本，默认使用2

# 在文件最后加入变量，因为etcd默认使用V2版本，我们需要V3版本的API。 export ETCDCTL_API=3

etcd开机自启动

# vi /etc/systemd/system/etcd.service  # systemctl daemon-reload # systemctl enable etcd # systemctl start etcd # systemctl status etcd ● etcd.service - Etcd Server    Loaded: loaded (/etc/systemd/system/etcd.service; enabled; vendor preset: disabled)    Active: active (running) since Tue 2024-07-16 10:28:48 CST; 7s ago      Docs: https://github.com/coreos/etcd  Main PID: 26450 (etcd)    CGroup: /system.slice/etcd.service            └─26450 /usr/local/bin/etcd Jul 16 10:28:47 10.200.207.2 etcd[26450]: raft2024/07/16 10:28:47 INFO: 8e9e05c52164694d became leader at term 2 Jul 16 10:28:47 10.200.207.2 etcd[26450]: raft2024/07/16 10:28:47 INFO: raft.node: 8e9e05c52164694d elected leader 8e9e05c52164694d at term 2 Jul 16 10:28:48 10.200.207.2 etcd[26450]: sync duration of 1.384904543s, expected less than 1s Jul 16 10:28:48 10.200.207.2 etcd[26450]: published {Name:default ClientURLs:[http://localhost:2379]} to cluster cdf818194e3a8c32 Jul 16 10:28:48 10.200.207.2 etcd[26450]: ready to serve client requests Jul 16 10:28:48 10.200.207.2 etcd[26450]: setting up the initial cluster version to 3.4 Jul 16 10:28:48 10.200.207.2 systemd[1]: Started Etcd Server. Jul 16 10:28:48 10.200.207.2 etcd[26450]: serving insecure client requests on 127.0.0.1:2379, this is strongly discouraged! Jul 16 10:28:48 10.200.207.2 etcd[26450]: set the initial cluster version to 3.4 Jul 16 10:28:48 10.200.207.2 etcd[26450]: enabled capabilities for version 3.4 # netstat -antp | grep 2379 tcp        0      0 127.0.0.1:2379          0.0.0.0:*               LISTEN      26450/etcd           tcp        0      0 127.0.0.1:35094         127.0.0.1:2379          ESTABLISHED 26450/etcd           tcp        0      0 127.0.0.1:2379          127.0.0.1:35094         ESTABLISHED 26450/etcd

 # 创建用户，设置密码 etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --new-user-password=auyd871477sha user add root # 添加角色 etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --user=root:auyd871477sha role add root # 授权角色 etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --user=root:auyd871477sha user grant-role root root # 配置允许登录 etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --user=root:auyd871477sha auth enable # 查询账号列表，验证root账号是否创建成功 etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --user='root' --password='auyd871477sha'  user list # 说明 # http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379  为3个节点的连接信息，具体可以看每个节点的配置 # auyd871477sha   root的密码 # 其余命令按照样例执行

etcd新增用户

前提是，主机上防火墙，iptabls关闭，要么就设置端口可以访问。

创建用户，设置密码 # etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --new-user-password=auyd871477sha user add root User root created  添加角色 # etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --user=root:auyd871477sha role add root {"level":"warn","ts":"2024-07-16T10:43:55.774319+0800","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"endpoint://client-b99c1334-e97a-4db8-a518-7daa4232f486/10.200.207.1:2379","attempt":0,"error":"rpc error: code = FailedPrecondition desc = etcdserver: authentication is not enabled"} Role root created  授权角色 # etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --user=root:auyd871477sha user grant-role root root {"level":"warn","ts":"2024-07-16T10:45:01.539572+0800","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"endpoint://client-96b7c611-46c1-4744-a997-f6c0f55dee0c/10.200.207.1:2379","attempt":0,"error":"rpc error: code = FailedPrecondition desc = etcdserver: authentication is not enabled"} Role root is granted to user root  设置允许登陆 # etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --user=root:auyd871477sha auth enable {"level":"warn","ts":"2024-07-16T10:45:24.638387+0800","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"endpoint://client-7f3bb6ef-11f0-44f1-875f-e17108e25fc8/10.200.207.1:2379","attempt":0,"error":"rpc error: code = FailedPrecondition desc = etcdserver: authentication is not enabled"} Authentication Enabled  查询账号列表，验证root账号是否创建成功 # etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --user='root' --password='auyd871477sha'  user list root