2.k8s安装etcd数据库

安装etcd数据库

创建etcd证书签名请求文件

cat > etcd-csr.json <

生成 CA 证书和私钥

cfssl gencert -ca=/kubernetes/cert/ca.pem -ca-key=/kubernetes/cert/ca-key.pem -config=/root/cfssl/ca-config.json -profile=kubernetes etcd-csr.json | cfssljson -bare etcd
cp etcd*.pem /kubernetes/cert

[图片上传失败...(image-2e02b9-1589188251163)]

下载etcd

wget https://github.com/etcd-io/etcd/releases/download/v3.3.10/etcd-v3.3.10-linux-amd64.tar.gz
tar zxf etcd-v3.3.10-linux-amd64.tar.gz
mkdir -p /kubernetes/etcd/{bin,cfg,data}
cp etcd-v3.3.10-linux-amd64/etcd* /kubernetes/etcd/bin/

#配置环境变量
export ETCD_HOME=/kubernetes/etcd
export PATH=$PATH:$ETCD_HOME/bin

添加etcd服务

etcd服务配置参数

cat > /kubernetes/etcd/cfg/etcd.conf << EOF
#[Member]
ETCD_NAME="etcd01"
ETCD_DATA_DIR="/kubernetes/etcd/data"
ETCD_LISTEN_PEER_URLS="https://192.168.104.174:2380"
ETCD_LISTEN_CLIENT_URLS="https://192.168.104.174:2379"
 
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://192.168.104.174:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://192.168.104.174:2379"
ETCD_INITIAL_CLUSTER="etcd01=https://192.168.104.174:2380,etcd02=https://192.168.104.175:2380,etcd03=https://192.168.104.176:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"

#[Security]
ETCD_CERT_FILE="/kubernetes/cert/etcd.pem"
ETCD_KEY_FILE="/kubernetes/cert/etcd-key.pem"
ETCD_TRUSTED_CA_FILE="/kubernetes/cert/ca.pem"
ETCD_CLIENT_CERT_AUTH="true"
ETCD_PEER_CERT_FILE="/kubernetes/cert/etcd.pem"
ETCD_PEER_KEY_FILE="/kubernetes/cert/etcd-key.pem"
ETCD_PEER_TRUSTED_CA_FILE="/kubernetes/cert/ca.pem"
ETCD_PEER_CLIENT_CERT_AUTH="true"
EOF

服务

cat  > /usr/lib/systemd/system/etcd.service <

• ETCD_NAME每台服务器唯一
• 其他两台服务器需要修改ip地址
• ETCD_LISTEN_PEER_URLS
• ETCD_LISTEN_CLIENT_URLS
• ETCD_INITIAL_ADVERTISE_PEER_URLS
• ETCD_ADVERTISE_CLIENT_URLS

其他两台主服务器

scp -r /kubernetes/ [email protected]:/
scp -r /kubernetes/ [email protected]:/
scp /usr/lib/systemd/system/etcd.service [email protected]:/usr/lib/systemd/system
scp /usr/lib/systemd/system/etcd.service [email protected]:/usr/lib/systemd/system

启动etcd服务并且设置开机自启动

systemctl daemon-reload
systemctl enable etcd
systemctl start etcd

检查状态

/kubernetes/etcd/bin/etcdctl --ca-file=/kubernetes/cert/ca.pem --cert-file=/kubernetes/cert/etcd.pem --key-file=/kubernetes/cert/etcd-key.pem --endpoints="https://192.168.104.174:2379,https://192.168.104.175:2379,https://192.168.104.176:2379" cluster-health