Docker环境下的etcd集群的搭建

转载

mob604757027d04 2021-07-27 17:24:00

文章标签 centos bash docker 字段集群搭建 文章分类 代码人生

基于centos容器运行etcd集群，默认2379端口是客户监听端口，2380是集群监听端口

centos下的单节点etcd

docker run –name etcd_1 –p 12379:2379 –p 12380:2380 –it centos /bin/bash
docker run –name etcd_2 –p 22379:2379 –p 22380:2380 –it centos /bin/bash
docker run –name etcd_3 –p 32379:2379 –p 32380:2380 –it centos /bin/bash

不带ssl证书的集群搭建，三个容器都要启动

./etcd -name etcd_1 \
  -advertise-client-urls https://0.0.0.0:2379 \
  -listen-client-urls https://0.0.0.0:2379 \
  -listen-peer-urls https://0.0.0.0:2380 \
  -initial-advertise-peer-urls https://0.0.0.0:12380 \
  -initial-cluster-token etcd-cluster \
  -initial-cluster "etcd_1=http://0.0.0.0:12380,etcd_2=http://0.0.0.0:22380,etcd_3=http://0.0.0.0:32380" \
  -initial-cluster-state new

带ssl证书的集群搭建，三个容器都要启动

./etcd -name etcd_1 \
  --auto-tls=true \
  --client-cert-auth=true \
  --cert-file=/ssl/server.pem \
  --key-file=/ssl/server-key.pem \
  --trusted-ca-file=/ssl/ca.pem \
  --peer-auto-tls=true \
  --peer-cert-file=/ssl/peer.pem \
  --peer-key-file=/ssl/peer-key.pem \
  --peer-client-cert-auth=true \
  --peer-trusted-ca-file=/ssl/ca.pem \
  -advertise-client-urls https://0.0.0.0:2379 \
  -listen-client-urls https://0.0.0.0:2379 \
  -listen-peer-urls https://0.0.0.0:2380 \
  -initial-advertise-peer-urls https://0.0.0.0:12380 \
  -initial-cluster-token etcd-cluster \
  -initial-cluster "etcd_1=https://0.0.0.0:12380,etcd_2=https://0.0.0.0:22380,etcd_3=https://0.0.0.0:32380" \
  -initial-cluster-state new

注意-initial-advertise-peer-urls字段，-initial-cluster字段填写宿主机的ip地址

不带证书检查集群的状态

./etcdctl endpoint status

带证书检查集群的状态

./etcdctl \
  --cacert=/ssl/ca.pem \
  --cert=/ssl/server.pem \
  --key=/ssl/server-key.pem \
  --endpoints https://127.0.0.1:2379 \
  endpoint status

不带证书集群新增etcd节点（先添加，后启动）

./etcdctl --endpoints http://0.0.0.0:12380 member add etcd_4 http://0.0.0.0:42380

带证书集群新增etcd节点（先添加，后启动）

./etcdctl \
  --cacert=./ca.pem \
  --cert=./server.pem \
  --key=./server-key.pem \
  --endpoints http://0.0.0.0:12380 member add etcd_4 http://0.0.0.0:42380

不带证书启动etcd_4节点

./etcd -name etcd_4 \
  -advertise-client-urls https://0.0.0.0:2379 \
  -listen-client-urls https://0.0.0.0:2379 \
  -listen-peer-urls https://0.0.0.0:2380 \
  -initial-advertise-peer-urls https://0.0.0.0:42380 \
  -initial-cluster-token etcd-cluster \
  -initial-cluster "etcd_1=https://0.0.0.0:12380,etcd_2=https://0.0.0.0:22380,etcd_3=https://0.0.0.0:32380,etcd_4=https://0.0.0.0:42380" \
  -initial-cluster-state new

带证书同理

本文章为转载内容，我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题，欢迎原作者联系我们进行内容更正或删除文章。