cn_wumo
cn_wumo
文章4
标签4
分类4
回到首页
文章归档
关于博客
我的朋友
© 2021 cn_wumo Powered by Hexo & Nexmoe
闽ICP备2021013451号
Docker环境下的etcd集群的搭建

Docker环境下的etcd集群的搭建

2021年09月06日 573 字 大概 3 分钟

基于centos容器运行etcd集群,默认2379端口是客户监听端口,2380是集群监听端口

centos下的单节点etcd运行可见
http://cn-wumo.top/2021/09-05-CentOS下的etcd的搭建

1
2
3
docker run –name etcd_1 –p 12379:2379 –p 12380:2380 –it centos /bin/bash
docker run –name etcd_2 –p 22379:2379 –p 22380:2380 –it centos /bin/bash
docker run –name etcd_3 –p 32379:2379 –p 32380:2380 –it centos /bin/bash

不带ssl证书的集群搭建,三个容器都要启动

1
2
3
4
5
6
7
8
./etcd -name etcd_1 \
  -advertise-client-urls https://0.0.0.0:2379 \
  -listen-client-urls https://0.0.0.0:2379 \
  -listen-peer-urls https://0.0.0.0:2380 \
  -initial-advertise-peer-urls https://0.0.0.0:12380 \
  -initial-cluster-token etcd-cluster \
  -initial-cluster "etcd_1=http://0.0.0.0:12380,etcd_2=http://0.0.0.0:22380,etcd_3=http://0.0.0.0:32380" \
  -initial-cluster-state new

带ssl证书的集群搭建,三个容器都要启动

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
./etcd -name etcd_1 \
  --auto-tls=true \
  --client-cert-auth=true \
  --cert-file=/ssl/server.pem \
  --key-file=/ssl/server-key.pem \
  --trusted-ca-file=/ssl/ca.pem \
  --peer-auto-tls=true \
  --peer-cert-file=/ssl/peer.pem \
  --peer-key-file=/ssl/peer-key.pem \
  --peer-client-cert-auth=true \
  --peer-trusted-ca-file=/ssl/ca.pem \
  -advertise-client-urls https://0.0.0.0:2379 \
  -listen-client-urls https://0.0.0.0:2379 \
  -listen-peer-urls https://0.0.0.0:2380 \
  -initial-advertise-peer-urls https://0.0.0.0:12380 \
  -initial-cluster-token etcd-cluster \
  -initial-cluster "etcd_1=https://0.0.0.0:12380,etcd_2=https://0.0.0.0:22380,etcd_3=https://0.0.0.0:32380" \
  -initial-cluster-state new

注意-initial-advertise-peer-urls字段,-initial-cluster字段填写宿主机的ip地址

不带证书检查集群的状态

1
./etcdctl endpoint status

带证书检查集群的状态

1
2
3
4
5
6
./etcdctl \
  --cacert=/ssl/ca.pem \
  --cert=/ssl/server.pem \
  --key=/ssl/server-key.pem \
  --endpoints https://127.0.0.1:2379 \
  endpoint status

不带证书集群新增etcd节点(先添加,后启动)

1
./etcdctl --endpoints http://0.0.0.0:12380 member add etcd_4 http://0.0.0.0:42380

带证书集群新增etcd节点(先添加,后启动)

1
2
3
4
5
./etcdctl \
  --cacert=./ca.pem \
  --cert=./server.pem \
  --key=./server-key.pem \
  --endpoints http://0.0.0.0:12380 member add etcd_4 http://0.0.0.0:42380

不带证书启动etcd_4节点

1
2
3
4
5
6
7
8
./etcd -name etcd_4 \
  -advertise-client-urls https://0.0.0.0:2379 \
  -listen-client-urls https://0.0.0.0:2379 \
  -listen-peer-urls https://0.0.0.0:2380 \
  -initial-advertise-peer-urls https://0.0.0.0:42380 \
  -initial-cluster-token etcd-cluster \
  -initial-cluster "etcd_1=https://0.0.0.0:12380,etcd_2=https://0.0.0.0:22380,etcd_3=https://0.0.0.0:32380,etcd_4=https://0.0.0.0:42380" \
  -initial-cluster-state new

带证书同理

本文作者:cn_wumo
本文链接:http://cn-wumo.top/2021/09-06-Docker%E7%8E%AF%E5%A2%83%E4%B8%8B%E7%9A%84etcd%E9%9B%86%E7%BE%A4%E7%9A%84%E6%90%AD%E5%BB%BA/
版权声明:本文采用 CC BY-NC-SA 3.0 CN 协议进行许可
后端服务器