Kubernetes(四)部署Etcd集群

  • A+
所属分类:Kubernetes

下载etcd软件包

mkdir /root/tools
cd /root/tools
https://github.com/etcd-io/etcd/releases/download/v3.3.11/etcd-v3.3.11-linux-amd64.tar.gz
tar -zxvf etcd-v3.3.11-linux-amd64.tar.gz
mv etcd-v3.3.11-linux-amd64/etcd /opt/kubernetes/bin/
mv etcd-v3.3.11-linux-amd64/etcdctl /opt/kubernetes/bin/

所有节点创建Kubernetes工作目录

mkdir /opt/kubernetes
mkdir /opt/kubernetes/{bin,cfg,ssl}

master 创建配置文件,其余node节点,注意ETCD NAME和IP地址

[root@k8s-master cfg]# cat /opt/kubernetes/cfg/etcd 
#[Member]
ETCD_NAME="etcd01"
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="https://192.168.20.211:2380"
ETCD_LISTEN_CLIENT_URLS="https://192.168.20.211:2379"
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://192.168.20.211:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://192.168.20.211:2379"
ETCD_INITIAL_CLUSTER="etcd01=https://192.168.20.211:2380,etcd02=https://192.168.20.212:2380,etcd03=https://192.168.20.213:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"

master 和 node 创建service

[root@k8s-master cfg]# cat /usr/lib/systemd/system/etcd.service
[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target
[Service]
Type=notify
EnvironmentFile=-/opt/kubernetes/cfg/etcd
ExecStart=/opt/kubernetes/bin/etcd \
--name=${ETCD_NAME} \
--data-dir=${ETCD_DATA_DIR} \
--listen-peer-urls=${ETCD_LISTEN_PEER_URLS} \
--listen-client-urls=${ETCD_LISTEN_CLIENT_URLS},http://127.0.0.1:2379 \
--advertise-client-urls=${ETCD_ADVERTISE_CLIENT_URLS} \
--initial-advertise-peer-urls=${ETCD_INITIAL_ADVERTISE_PEER_URLS} \
--initial-cluster=${ETCD_INITIAL_CLUSTER} \
--initial-cluster-token=${ETCD_INITIAL_CLUSTER} \
--initial-cluster-state=new \
--cert-file=/opt/kubernetes/ssl/server.pem \
--key-file=/opt/kubernetes/ssl/server-key.pem \
--peer-cert-file=/opt/kubernetes/ssl/server.pem \
--peer-key-file=/opt/kubernetes/ssl/server-key.pem \
--trusted-ca-file=/opt/kubernetes/ssl/ca.pem \
--peer-trusted-ca-file=/opt/kubernetes/ssl/ca.pem
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target

拷贝SSL证书

cd /root/ssl
cp server* ca* /opt/kubernetes/ssl/
[root@k8s-master ssl]# ls /opt/kubernetes/ssl/
ca-key.pem  ca.pem  server-key.pem  server.pem

Master启动etcd服务,第一次启动会卡住,因为节点node没路由,中断,可以查看启动正常

[root@k8s-master kubernetes]# systemctl start etcd
[root@k8s-master kubernetes]# ps -ef|grep etcd

可以看到启动信息,如果报错查看

[root@k8s-master tools]# tailf /var/log/messages 
Jan 21 22:27:45 localhost etcd: health check for peer 76b7f9d9a0c7d1c7 could not connect: dial tcp 192.168.20.213:2380: connect: no route to host (prober "ROUND_TRIPPER_SNAPSHOT")
Jan 21 22:27:45 localhost etcd: health check for peer 76b7f9d9a0c7d1c7 could not connect: dial tcp 192.168.20.213:2380: connect: no route to host (prober "ROUND_TRIPPER_RAFT_MESSAGE")
Jan 21 22:27:45 localhost etcd: health check for peer 7da6bf848e0373ae could not connect: dial tcp 192.168.20.212:2380: connect: no route to host (prober "ROUND_TRIPPER_SNAPSHOT")
Jan 21 22:27:45 localhost etcd: health check for peer 7da6bf848e0373ae could not connect: dial tcp 192.168.20.212:2380: connect: no route to host (prober "ROUND_TRIPPER_RAFT_MESSAGE")

node节点部署etcd

node节点递归创建目录

mkdir /opt/kubernetes
mkdir /opt/kubernetes/{bin,cfg,ssl}

master分发etcd文件

scp -r /opt/kubernetes/* root@192.168.20.212:/opt/kubernetes/
scp -r /opt/kubernetes/* root@192.168.20.213:/opt/kubernetes/

master分发etcd.service

scp /usr/lib/systemd/system/etcd.service root@192.168.20.212:/usr/lib/systemd/system/
scp /usr/lib/systemd/system/etcd.service root@192.168.20.213:/usr/lib/systemd/system/

Node节点只需修改cfg/etcd配置,修改对应的name和ip,如下是node2节点配置:

[root@k8s-node01 kubernetes]# vim /opt/kubernetes/cfg/etcd 
#[Member]
ETCD_NAME="etcd02"
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="https://192.168.20.212:2380"
ETCD_LISTEN_CLIENT_URLS="https://192.168.20.212:2379"
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://192.168.20.212:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://192.168.20.212:2379"
ETCD_INITIAL_CLUSTER="etcd01=https://192.168.20.211:2380,etcd02=https://192.168.20.212:2380,etcd03=https://192.168.20.213:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new

Node节点设置开机启动、查看启动状态,其他master全设置开机启动

systemctl start etcd
ps -ef|grep etcd
systemctl enable etcd
systemctl list-unit-files|grep etcd

master 配置环境变量

vim /etc/profile
PATH=$PATH:/opt/kubernetes/bin

source /etc/profile

检查集群状态

[root@k8s-master kubernetes]# cd /opt/kubernetes/ssl/
etcdctl \
--ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem \
--endpoints="https://192.168.20.211:2379,https://192.168.20.212:2379,https://192.168.20.213:2379" \
cluster-health

healthy说明etcd集群部署成功,如果有问题,检查message日志,ssl证书(颁发ip)和防火墙端口

YaLei

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: