[关闭]
@zhangyy 2020-05-09T10:01:17.000000Z 字数 12039 阅读 147

kubernetes 1.18.2 的 双栈部署(一) etcd 部署

kubernetes系列


  • 一: 环境部署规划
  • 二:系统环境初始化
  • 三:配置ETCD集群

一: 环境部署规划

  1. cat /etc/hosts
  2. ----
  3. 192.168.100.11 node01.flyfish
  4. 192.168.100.12 node02.flyfish
  5. 192.168.100.13 node03.flyfish
  6. 192.168.100.14 node04.flyfish
  7. 192.168.100.15 node05.flyfish
  8. ----
  9. 1.etcd集群规划
  10. ---
  11. 192.168.100.11
  12. 192.168.100.12
  13. 192.168.100.13
  14. ---
  15. 2.Kubernetes master节点集群规划
  16. ---
  17. 192.168.100.11
  18. 192.168.100.12
  19. 192.168.100.13
  20. ---
  21. 3.Kubernetes node节点集群规划
  22. ---
  23. 192.168.100.14
  24. 192.168.100.15
  25. ---
  26. 4. Kubernetes pod 网络规划
  27. ---
  28. 10.80.0.0/12
  29. ---
  30. 5.Kubernetes service 网络规划
  31. ---
  32. 10.66.0.0/16
  33. ---
  34. 6.Kubernetes 集群域名
  35. ---
  36. cluster.local
  37. ---
  38. 7.Kubernetes 集群dns
  39. ---
  40. 10.66.0.2
  41. ---
  42. 8.Kubernetes 高可用方案
  43. ---
  44. nginx+confd
  45. ---

二:系统环境初始化

2.1 设置关闭防火墙及SELINUX

  1. # centos (所有主机)
  2. sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
  3. systemctl stop firewalld && systemctl disable firewalld
  4. setenforce 0

image_1e7r6pjp5ogr15b318vk16iuuvc9.png-79.8kB

2.2 安装及配置CFSSL 签发证书使用

  1. #go 环境部署
  2. yum install go
  3. go get github.com/cloudflare/cfssl/cmd/cfssl
  4. go get github.com/cloudflare/cfssl/cmd/cfssljson
  5. mv /go/ /usr/local/
  6. vim /etc/profile
  7. ---
  8. GOBIN=/root/go/bin/
  9. PATH=$PATH:$GOBIN:$HOME/bin
  10. export PATH
  11. ---

image_1e7r78hvq1irgmd81bh71nep7slm.png-106.6kB

image_1e7r79aho14a4115u9cr1bou1gta13.png-123.7kB

image_1e7r79s441hs71r3h1uuv1eqb11vj1g.png-140.4kB

image_1e7r7ac1g6ao5ir110i1u2f1dll1t.png-97.9kB


三:配置ETCD集群

3.1 签发etcd 证书

  1. mkdir etcd
  2. cd etcd
  3. vim etcd.sh
  4. ---
  5. # 设置证书环境变量
  6. # 设置证书使用时间87600h 10年
  7. export EXPIRY_TIME="87600h"
  8. # 签发证书IP
  9. export ETCD_MEMBER_1_IP="192.168.100.11"
  10. export ETCD_MEMBER_2_IP="192.168.100.12"
  11. export ETCD_MEMBER_3_IP="192.168.100.13"
  12. # 机器名
  13. export ETCD_MEMBER_1_HOSTNAMES="node01.flyfish"
  14. export ETCD_MEMBER_2_HOSTNAMES="node02.flyfish"
  15. export ETCD_MEMBER_3_HOSTNAMES="node03.flyfish"
  16. # etcd 集群通讯证书
  17. export ETCD_SERVER_HOSTNAMES="\"${ETCD_MEMBER_1_HOSTNAMES}\",\"${ETCD_MEMBER_2_HOSTNAMES}\",\"${ETCD_MEMBER_3_HOSTNAMES}\""
  18. export ETCD_SERVER_IPS="\"${ETCD_MEMBER_1_IP}\",\"${ETCD_MEMBER_2_IP}\",\"${ETCD_MEMBER_3_IP}\""
  19. #证书所需要的配置参数
  20. export CERT_ST="ShangHai"
  21. export CERT_L="ShangHai"
  22. export CERT_O="k8s"
  23. export CERT_OU="Qist"
  24. export CERT_PROFILE="kubernetes"
  25. # 设置工作目录
  26. export HOST_PATH=`pwd`
  27. # 创建etcd K8S 证书json 存放目录
  28. mkdir -p ${HOST_PATH}/cfssl/{k8s,etcd}
  29. # 创建签发证书存放目录
  30. mkdir -p ${HOST_PATH}/cfssl/pki/{k8s,etcd}
  31. # CA 配置文件用于配置根证书的使用场景 (profile) 和具体参数 (usage,过期时间、服务端认证、客户端认证、加密等),后续在签名其它证书时需要指定特定场景。
  32. cat << EOF | tee ${HOST_PATH}/cfssl/ca-config.json
  33. {
  34. "signing": {
  35. "default": {
  36. "expiry": "${EXPIRY_TIME}"
  37. },
  38. "profiles": {
  39. "${CERT_PROFILE}": {
  40. "usages": [
  41. "signing",
  42. "key encipherment",
  43. "server auth",
  44. "client auth"
  45. ],
  46. "expiry": "${EXPIRY_TIME}"
  47. }
  48. }
  49. }
  50. }
  51. EOF
  52. # 创建 ETCD CA 配置文件
  53. cat << EOF | tee ${HOST_PATH}/cfssl/etcd/etcd-ca-csr.json
  54. {
  55. "CN": "etcd",
  56. "key": {
  57. "algo": "rsa",
  58. "size": 2048
  59. },
  60. "names": [
  61. {
  62. "C": "CN",
  63. "ST": "$CERT_ST",
  64. "L": "$CERT_L",
  65. "O": "$CERT_O",
  66. "OU": "$CERT_OU"
  67. }
  68. ],
  69. "ca": {
  70. "expiry": "${EXPIRY_TIME}"
  71. }
  72. }
  73. EOF
  74. # etcd ca 证书签发
  75. cfssl gencert -initca ${HOST_PATH}/cfssl/etcd/etcd-ca-csr.json | \
  76. cfssljson -bare ${HOST_PATH}/cfssl/pki/etcd/etcd-ca
  77. # 创建 ETCD Server 配置文件
  78. cat << EOF | tee ${HOST_PATH}/cfssl/etcd/etcd-server.json
  79. {
  80. "CN": "etcd",
  81. "hosts": [
  82. "127.0.0.1",
  83. ${ETCD_SERVER_IPS},
  84. ${ETCD_SERVER_HOSTNAMES}
  85. ],
  86. "key": {
  87. "algo": "rsa",
  88. "size": 2048
  89. },
  90. "names": [
  91. {
  92. "C": "CN",
  93. "ST": "$CERT_ST",
  94. "L": "$CERT_L",
  95. "O": "$CERT_O",
  96. "OU": "$CERT_OU"
  97. }
  98. ]
  99. }
  100. EOF
  101. # 生成 ETCD Server 证书和私钥
  102. cfssl gencert \
  103. -ca=${HOST_PATH}/cfssl/pki/etcd/etcd-ca.pem \
  104. -ca-key=${HOST_PATH}/cfssl/pki/etcd/etcd-ca-key.pem \
  105. -config=${HOST_PATH}/cfssl/ca-config.json \
  106. -profile=${CERT_PROFILE} \
  107. ${HOST_PATH}/cfssl/etcd/etcd-server.json | \
  108. cfssljson -bare ${HOST_PATH}/cfssl/pki/etcd/etcd-server
  109. # 创建 ETCD Member 1 配置文件
  110. cat << EOF | tee ${HOST_PATH}/cfssl/etcd/${ETCD_MEMBER_1_HOSTNAMES}.json
  111. {
  112. "CN": "etcd",
  113. "hosts": [
  114. "127.0.0.1",
  115. "${ETCD_MEMBER_1_IP}",
  116. "${ETCD_MEMBER_1_HOSTNAMES}"
  117. ],
  118. "key": {
  119. "algo": "rsa",
  120. "size": 2048
  121. },
  122. "names": [
  123. {
  124. "C": "CN",
  125. "ST": "$CERT_ST",
  126. "L": "$CERT_L",
  127. "O": "$CERT_O",
  128. "OU": "$CERT_OU"
  129. }
  130. ]
  131. }
  132. EOF
  133. # 生成 ETCD Member 1 证书和私钥
  134. cfssl gencert \
  135. -ca=${HOST_PATH}/cfssl/pki/etcd/etcd-ca.pem \
  136. -ca-key=${HOST_PATH}/cfssl/pki/etcd/etcd-ca-key.pem \
  137. -config=${HOST_PATH}/cfssl/ca-config.json \
  138. -profile=${CERT_PROFILE} \
  139. ${HOST_PATH}/cfssl/etcd/${ETCD_MEMBER_1_HOSTNAMES}.json | \
  140. cfssljson -bare ${HOST_PATH}/cfssl/pki/etcd/etcd-member-${ETCD_MEMBER_1_HOSTNAMES}
  141. # 创建 ETCD Member 2 配置文件
  142. cat << EOF | tee ${HOST_PATH}/cfssl/etcd/${ETCD_MEMBER_2_HOSTNAMES}.json
  143. {
  144. "CN": "etcd",
  145. "hosts": [
  146. "127.0.0.1",
  147. "${ETCD_MEMBER_2_IP}",
  148. "${ETCD_MEMBER_2_HOSTNAMES}"
  149. ],
  150. "key": {
  151. "algo": "rsa",
  152. "size": 2048
  153. },
  154. "names": [
  155. {
  156. "C": "CN",
  157. "ST": "$CERT_ST",
  158. "L": "$CERT_L",
  159. "O": "$CERT_O",
  160. "OU": "$CERT_OU"
  161. }
  162. ]
  163. }
  164. EOF
  165. # 生成 ETCD Member 2 证书和私钥
  166. cfssl gencert \
  167. -ca=${HOST_PATH}/cfssl/pki/etcd/etcd-ca.pem \
  168. -ca-key=${HOST_PATH}/cfssl/pki/etcd/etcd-ca-key.pem \
  169. -config=${HOST_PATH}/cfssl/ca-config.json \
  170. -profile=${CERT_PROFILE} \
  171. ${HOST_PATH}/cfssl/etcd/${ETCD_MEMBER_2_HOSTNAMES}.json | \
  172. cfssljson -bare ${HOST_PATH}/cfssl/pki/etcd/etcd-member-${ETCD_MEMBER_2_HOSTNAMES}
  173. # 创建 ETCD Member 3 配置文件
  174. cat << EOF | tee ${HOST_PATH}/cfssl/etcd/${ETCD_MEMBER_3_HOSTNAMES}.json
  175. {
  176. "CN": "etcd",
  177. "hosts": [
  178. "127.0.0.1",
  179. "${ETCD_MEMBER_3_IP}",
  180. "${ETCD_MEMBER_3_HOSTNAMES}"
  181. ],
  182. "key": {
  183. "algo": "rsa",
  184. "size": 2048
  185. },
  186. "names": [
  187. {
  188. "C": "CN",
  189. "ST": "$CERT_ST",
  190. "L": "$CERT_L",
  191. "O": "$CERT_O",
  192. "OU": "$CERT_OU"
  193. }
  194. ]
  195. }
  196. EOF
  197. # 生成 ETCD Member 3 证书和私钥
  198. cfssl gencert \
  199. -ca=${HOST_PATH}/cfssl/pki/etcd/etcd-ca.pem \
  200. -ca-key=${HOST_PATH}/cfssl/pki/etcd/etcd-ca-key.pem \
  201. -config=${HOST_PATH}/cfssl/ca-config.json \
  202. -profile=${CERT_PROFILE} \
  203. ${HOST_PATH}/cfssl/etcd/${ETCD_MEMBER_3_HOSTNAMES}.json | \
  204. cfssljson -bare ${HOST_PATH}/cfssl/pki/etcd/etcd-member-${ETCD_MEMBER_3_HOSTNAMES}
  205. # 创建 ETCD Client 配置文件
  206. cat << EOF | tee ${HOST_PATH}/cfssl/etcd/etcd-client.json
  207. {
  208. "CN": "client",
  209. "hosts": [""],
  210. "key": {
  211. "algo": "rsa",
  212. "size": 2048
  213. },
  214. "names": [
  215. {
  216. "C": "CN",
  217. "ST": "$CERT_ST",
  218. "L": "$CERT_L",
  219. "O": "$CERT_O",
  220. "OU": "$CERT_OU"
  221. }
  222. ]
  223. }
  224. EOF
  225. # 生成 ETCD Client 证书和私钥
  226. cfssl gencert \
  227. -ca=${HOST_PATH}/cfssl/pki/etcd/etcd-ca.pem \
  228. -ca-key=${HOST_PATH}/cfssl/pki/etcd/etcd-ca-key.pem \
  229. -config=${HOST_PATH}/cfssl/ca-config.json \
  230. -profile=${CERT_PROFILE} \
  231. ${HOST_PATH}/cfssl/etcd/etcd-client.json | \
  232. cfssljson -bare ${HOST_PATH}/cfssl/pki/etcd/etcd-client
  233. ---
  234. chmod +x etcd.sh
  235. ./etcd.sh

image_1e7r829g01k2118pa5u5gca1qum2a.png-101.6kB

image_1e7r85op76ostnvabl1ro2145h34.png-167.8kB

image_1e7r84itpldu162bnj17toh372n.png-154.9kB

3.2 分发文件到主节点

  1. # 分发生成的证书到所有需要部署etcd 节点
  2. ssh 192.168.100.11 mkdir -p /opt/etcd/ssl
  3. ssh 192.168.100.12 mkdir -p /opt/etcd/ssl
  4. ssh 192.168.100.13 mkdir -p /opt/etcd/ssl
  5. # 分发文件
  6. scp -r ./cfssl/pki/etcd/* 192.168.100.11:/opt/etcd/ssl/
  7. scp -r ./cfssl/pki/etcd/* 192.168.100.12:/opt/etcd/ssl/
  8. scp -r ./cfssl/pki/etcd/* 192.168.100.13:/opt/etcd/ssl/

image_1e7r8c95a1g9v1feuvkdq9v1n2h3h.png-231kB

image_1e7r8co5a1nfe1h4gmas1gsr1jcs3u.png-253.6kB


3.3 etcd 二进制文件准备

  1. mv etcd.sh /root
  2. vim etcd-soft.sh
  3. ----
  4. wget https://github.com/etcd-io/etcd/releases/download/v3.4.7/etcd-v3.4.7-linux-amd64.tar.gz
  5. # 解压下载好文件
  6. tar -zxvf etcd-v3.4.7-linux-amd64.tar.gz
  7. # 创建二进制远程存放目录
  8. ssh 192.168.100.11 mkdir -p /opt/etcd/bin
  9. ssh 192.168.100.12 mkdir -p /opt/etcd/bin
  10. ssh 192.168.100.13 mkdir -p /opt/etcd/bin
  11. # 分发解压好二进制文件
  12. cd etcd-v3.4.7-linux-amd64/
  13. scp -r etcd* 192.168.100.11:/opt/etcd/bin
  14. scp -r etcd* 192.168.100.12:/opt/etcd/bin
  15. scp -r etcd* 192.168.100.13:/opt/etcd/bin
  16. ---
  17. chmod +x etcd-soft.sh
  18. ./etcd-soft.sh

image_1e7r92ap4264v0m17ib1a2s1sc14b.png-296.7kB

image_1e7r92ufs17vcqo21ua8c6e148o4o.png-122.3kB


3.4 etcd 配置文件准备

  1. # 创建配置文件存放目录
  2. ssh 192.168.100.11 mkdir -p /opt/etcd/conf
  3. ssh 192.168.100.12 mkdir -p /opt/etcd/conf
  4. ssh 192.168.100.13 mkdir -p /opt/etcd/conf
  5. # 192.168.100.11 配置
  6. ssh 192.168.100.11
  7. cat << EOF | tee /opt/etcd/conf/etcd
  8. ETCD_OPTS="--name=node01.flyfish \\
  9. --data-dir=/opt/etcd/data/default.etcd \\
  10. --wal-dir=/opt/etcd/data/default.etcd/wal \\
  11. --listen-peer-urls=https://192.168.100.11:2380 \\
  12. --listen-client-urls=https://192.168.100.11:2379,https://127.0.0.1:2379 \\
  13. --advertise-client-urls=https://192.168.100.11:2379 \\
  14. --initial-advertise-peer-urls=https://192.168.100.11:2380 \\
  15. --initial-cluster=node01.flyfish=https://192.168.100.11:2380,node02.flyfish=https://192.168.100.12:2380,node03.flyfish=https://192.168.100.13:2380 \\
  16. --initial-cluster-token=node01.flyfish=https://192.168.100.11:2380,node02.flyfish=https://192.168.100.12:2380,node03.flyfish=https://192.168.100.13:2380 \\
  17. --initial-cluster-state=new \\
  18. --heartbeat-interval=6000 \\
  19. --election-timeout=30000 \\
  20. --snapshot-count=5000 \\
  21. --auto-compaction-retention=1 \\
  22. --max-request-bytes=33554432 \\
  23. --quota-backend-bytes=17179869184 \\
  24. --trusted-ca-file=/opt/etcd/ssl/etcd-ca.pem \\
  25. --cert-file=/opt/etcd/ssl/etcd-server.pem \\
  26. --key-file=/opt/etcd/ssl/etcd-server-key.pem \\
  27. --peer-cert-file=/opt/etcd/ssl/etcd-member-node01.flyfish.pem \\
  28. --peer-key-file=/opt/etcd/ssl/etcd-member-node01.flyfish-key.pem \\
  29. --peer-client-cert-auth \\
  30. --enable-v2=true \\
  31. --peer-trusted-ca-file=/opt/etcd/ssl/etcd-ca.pem"
  32. EOF
  33. # 192.168.100.12 配置
  34. ssh 192.168.100.12
  35. cat << EOF | tee /opt/etcd/conf/etcd
  36. ETCD_OPTS="--name=node02.flyfish \\
  37. --data-dir=/opt/etcd/data/default.etcd \\
  38. --wal-dir=/opt/etcd/data/default.etcd/wal \\
  39. --listen-peer-urls=https://192.168.100.12:2380 \\
  40. --listen-client-urls=https://192.168.100.12:2379,https://127.0.0.1:2379 \\
  41. --advertise-client-urls=https://192.168.100.12:2379 \\
  42. --initial-advertise-peer-urls=https://192.168.100.12:2380 \\
  43. --initial-cluster=node01.flyfish=https://192.168.100.11:2380,node02.flyfish=https://192.168.100.12:2380,node03.flyfish=https://192.168.100.13:2380 \\
  44. --initial-cluster-token=node01=https://192.168.100.11:2380,node02.flyfish=https://192.168.100.12:2380,node03.flyfish=https://192.168.100.13:2380 \\
  45. --initial-cluster-state=new \\
  46. --heartbeat-interval=6000 \\
  47. --election-timeout=30000 \\
  48. --snapshot-count=5000 \\
  49. --auto-compaction-retention=1 \\
  50. --max-request-bytes=33554432 \\
  51. --quota-backend-bytes=17179869184 \\
  52. --trusted-ca-file=/opt/etcd/ssl/etcd-ca.pem \\
  53. --cert-file=/opt/etcd/ssl/etcd-server.pem \\
  54. --key-file=/opt/etcd/ssl/etcd-server-key.pem \\
  55. --peer-cert-file=/opt/etcd/ssl/etcd-member-node02.flyfish.pem \\
  56. --peer-key-file=/opt/etcd/ssl/etcd-member-node02.flyfish-key.pem \\
  57. --peer-client-cert-auth \\
  58. --enable-v2=true \\
  59. --peer-trusted-ca-file=/opt/etcd/ssl/etcd-ca.pem"
  60. EOF
  61. # 192.168.100.13 配置
  62. ssh 192.168.100.13
  63. cat << EOF | tee /opt/etcd/conf/etcd
  64. ETCD_OPTS="--name=node03.flyfish \\
  65. --data-dir=/opt/etcd/data/default.etcd \\
  66. --wal-dir=/opt/etcd/data/default.etcd/wal \\
  67. --listen-peer-urls=https://192.168.100.13:2380 \\
  68. --listen-client-urls=https://192.168.100.13:2379,https://127.0.0.1:2379 \\
  69. --advertise-client-urls=https://192.168.100.13:2379 \\
  70. --initial-advertise-peer-urls=https://192.168.100.13:2380 \\
  71. --initial-cluster=node01.flyfish=https://192.168.100.11:2380,node02.flyfish=https://192.168.100.12:2380,node03.flyfish=https://192.168.100.13:2380 \\
  72. --initial-cluster-token=node01.flyfish=https://192.168.100.11:2380,node02.flyfish=https://192.168.100.12:2380,node03.flyfish=https://192.168.100.13:2380 \\
  73. --initial-cluster-state=new \\
  74. --heartbeat-interval=6000 \\
  75. --election-timeout=30000 \\
  76. --snapshot-count=5000 \\
  77. --auto-compaction-retention=1 \\
  78. --max-request-bytes=33554432 \\
  79. --quota-backend-bytes=17179869184 \\
  80. --trusted-ca-file=/opt/etcd/ssl/etcd-ca.pem \\
  81. --cert-file=/opt/etcd/ssl/etcd-server.pem \\
  82. --key-file=/opt/etcd/ssl/etcd-server-key.pem \\
  83. --peer-cert-file=/opt/etcd/ssl/etcd-member-node03.flyfish.pem \\
  84. --peer-key-file=/opt/etcd/ssl/etcd-member-node03.flyfish-key.pem \\
  85. --peer-client-cert-auth \\
  86. --enable-v2=true \\
  87. --peer-trusted-ca-file=/opt/etcd/ssl/etcd-ca.pem"
  88. EOF

image_1e7raebp7rhg1a7q5ds1ra41lsv55.png-207.4kB

image_1e7raeq4p1jid1rcn16d21lr61ok55i.png-198.7kB

image_1e7raf7fmnrj1cp063fkb7sb95v.png-209.3kB

3.5 etcd 启动文件配置

  1. cat << EOF | tee etcd.service
  2. [Unit]
  3. Description=Etcd Server
  4. After=network.target
  5. After=network-online.target
  6. Wants=network-online.target
  7. Documentation=https://github.com/etcd-io/etcd
  8. [Service]
  9. Type=notify
  10. LimitNOFILE=65535
  11. LimitNPROC=65535
  12. LimitCORE=infinity
  13. LimitMEMLOCK=infinity
  14. User=etcd
  15. Group=etcd
  16. WorkingDirectory=/opt/etcd/data/default.etcd
  17. EnvironmentFile=-/opt/etcd/conf/etcd
  18. ExecStart=/opt/etcd/bin/etcd \$ETCD_OPTS
  19. Restart=on-failure
  20. [Install]
  21. WantedBy=multi-user.target
  22. EOF

  1. # 上传启动文件到服务器
  2. scp etcd.service 192.168.100.11:/usr/lib/systemd/system
  3. scp etcd.service 192.168.100.12:/usr/lib/systemd/system
  4. scp etcd.service 192.168.100.12:/usr/lib/systemd/system

3.6 etcd 启动准备

  1. # 创建etcd 用户
  2. ssh 192.168.100.11 useradd etcd -s /sbin/nologin -M
  3. ssh 192.168.100.12 useradd etcd -s /sbin/nologin -M
  4. ssh 192.168.100.13 useradd etcd -s /sbin/nologin -M
  5. # 创建etcd 存储文件目录
  6. ssh 192.168.100.11 mkdir -p /opt/etcd/data/default.etcd/wal
  7. ssh 192.168.100.12 mkdir -p /opt/etcd/data/default.etcd/wal
  8. ssh 192.168.100.13 mkdir -p /opt/etcd/data/default.etcd/wal
  9. # 给/apps/etcd etcd 用户权限
  10. ssh 192.168.100.11 chown -R etcd:etcd /opt/etcd/
  11. ssh 192.168.100.12 chown -R etcd:etcd /opt/etcd/
  12. ssh 192.168.100.13 chown -R etcd:etcd /opt/etcd/

image_1e7rd90vo1esnav7emu2ro1je16f.png-55.8kB

3.7 etcd 启动

  1. # 刷新service
  2. systemctl daemon-reload
  3. # 设置开机启动
  4. systemctl enable etcd.service
  5. # 启动etcd
  6. systemctl start etcd.service
  7. # 查看启动状态
  8. systemctl status etcd.service
  9. # 验证etcd 集群是否正常 任意节点
  10. vi ~/.bashrc
  11. export ETCDCTL_API=3
  12. export ENDPOINTS=https://192.168.100.11:2379,https://192.168.100.12:2379,https://192.168.100.13:2379
  13. alias ctl='/opt/etcd/bin/etcdctl --endpoints=${ENDPOINTS} --cacert=/opt/etcd/ssl/etcd-ca.pem --cert=/opt/etcd/ssl/etcd-client.pem --key=/opt/etcd/ssl/etcd-client-key.pem'
  14. # 保存
  15. source ~/.bashrc
  16. # 验证集群是否正常
  17. ctl endpoint status
  18. ctl endpoint hashkv
  19. ctl endpoint health
  20. ctl member list

image_1e7riat2m1m6qdmg1a899ni5jt9.png-225.8kB


  1. 如果有request sent was ignored (cluster ID mismatch: peer[2a7d2f116f343f6]=9f3896b564270b78, local=85959a7a5b22596f)
  2. 这样的报错 启动不了 则要 删除 缓存
  3. rm -rf /opt/etcd/data/default.etcd/wal/*
  4. 然后在重新启动
  5. service etcd restart

image_1e7rife8f14811sg0qiinefj50m.png-80.5kB


添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注