• etcd节点扩容至两个节点


    本篇已经安装了单个etcd,然后进行扩容etcd节点至2个,安装单节点请参照:https://www.cnblogs.com/effortsing/p/10295261.html
    
    
    实验架构
    
    test1: 192.168.0.91    etcd 
    test2: 192.168.0.92    etcd
    test3: 192.168.0.93    无
    
    
    需求:test1节点已经安装了etcd, 现在要把test2节点作为etcd节点添加进来
    
    
    
    1、环境配置
    
    # 如下操作在所有节点操作
    
    
    修改主机名
    
    # 注意修改 各自节点对应的 主机名
    sed -i '$ahostname=test2' /etc/hostname
    sed -i '$ahostname=test2' /etc/sysconfig/network && hostnamectl set-hostname test2
    
    
    配置hosts解析
    
    cat >>/etc/hosts<<EOF
    192.168.0.91 test1
    192.168.0.92 test2
    192.168.0.93 test3
    EOF
    
    
    禁用selinux
    
    sed -i 's/SELINUX=permissive/SELINUX=disabled/' /etc/sysconfig/selinux
    
    sed -i 's/enforcing/disabled/g' /etc/selinux/config
    
    
    关闭swap
    
    # 注释/etc/fstab文件里swap相关的行
    
    sed -i 's//dev/mapper/centos-swap/#/dev/mapper/centos-swap/g' /etc/fstab
    
    
    关掉防火墙
    
    systemctl stop firewalld && systemctl disable firewalld
    
    
    都退出xshell查看主机名
    
    
    开启forward
    
    iptables -P FORWARD ACCEPT
    
    
    
    配置转发相关参数
    cat >> /etc/sysctl.d/k8s.conf <<EOF
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
    vm.swappiness=0
    EOF
    
    加载系统参数
    sysctl --system
    
    
    
    加载ipvs相关内核模块
    如果重新开机,需要重新加载
    modprobe ip_vs
    modprobe ip_vs_rr
    modprobe ip_vs_wrr
    modprobe ip_vs_sh
    modprobe nf_conntrack_ipv4
    lsmod | grep ip_vs

    安装etcd
    useradd etcd
    mkdir -p /server/software/k8s mkdir -p /opt/k8s/bin cd /server/software/k8s wget https://github.com/coreos/etcd/releases/download/v3.2.18/etcd-v3.2.18-linux-amd64.tar.gz tar -xf etcd-v3.2.18-linux-amd64.tar.gz mv etcd-v3.2.18-linux-amd64/etcd* /opt/k8s/bin chmod +x /opt/k8s/bin/* ln -s /opt/k8s/bin/etcd /usr/bin/etcd ln -s /opt/k8s/bin/etcdctl /usr/bin/etcdctl etcd --version 2、复制test1单节点ca证书和私钥、etcd证书和私钥 test2 上先创建存放证书和私钥目录 mkdir -p /etc/kubernetes/cert/ mkdir -p /etc/etcd/cert/ 从test1节点上找到证书复制过来 scp /etc/kubernetes/cert/ca*.pem root@192.168.0.92:/etc/kubernetes/cert/ scp /etc/etcd/cert/etcd*.pem root@192.168.0.92:/etc/etcd/cert/ chmod 777 /etc/etcd/cert/* chmod 777 /etc/kubernetes/* 3、添加证书到linux系统受信任列表(选做) 添加根证书到linux系统受信任列表 cd /etc/kubernetes/cert/ cat ca.pem >> /etc/pki/tls/certs/ca-bundle.crt 添加etcd 证书到linux系统受信任列表 cd /etc/etcd/cert/ cat etcd.pem >> /etc/pki/tls/certs/ca-bundle.crt 5、添加新成员 5.1、注册新节点 # 在test1节点上操作 # etcdctl 在注册完新节点后,会返回一段提示,包含3个环境变量,需要在etcd启动脚本中修改成这3个环境变量 [root@test1 ~]# etcdctl --ca-file /root/ssl/ca.pem --cert-file /root/ssl/etcd.pem --key-file /root/ssl/etcd-key.pem member add test2 http://192.168.0.92:2380 Added member named test2 with ID 2eb21869c9f27e29 to cluster ETCD_NAME="test2" ETCD_INITIAL_CLUSTER="test2=http://192.168.0.92:2380,test1=https://192.168.0.91:2380" ETCD_INITIAL_CLUSTER_STATE="existing" 5.2、修改test2节点的peer url为https etcdctl --ca-file /etc/kubernetes/cert/ca.pem --cert-file /etc/etcd/cert/etcd.pem --key-file /etc/etcd/cert/etcd-key.pem member update test2 https://192.168.0.92:2380 如果执行失败,先跳过,不影响 6、 配置环境变量 # 在 test2 节点上操作 cat >> /etc/profile << EOF export ETCD_NAME=$(hostname) export INTERNAL_IP=$(hostname -i | awk '{print $NF}') export ECTD_CLUSTER='test1=https://192.168.0.91:2380' EOF source /etc/profile 7、配置启动脚本 # 在 test2 节点操作 # 把第5 步 生成的结果写到 etcd启动脚本中, mkdir -p /data/etcd cat> /etc/systemd/system/etcd.service<< EOF [Unit] Description=Etcd Server After=network.target After=network-online.target Wants=network-online.target Documentation=https://github.com/coreos [Service] Type=notify WorkingDirectory=/data/etcd EnvironmentFile=-/etc/etcd/etcd.conf ExecStart=/opt/k8s/bin/etcd --name ${ETCD_NAME} --cert-file=/etc/etcd/cert/etcd.pem --key-file=/etc/etcd/cert/etcd-key.pem --peer-cert-file=/etc/etcd/cert/etcd.pem --peer-key-file=/etc/etcd/cert/etcd-key.pem --trusted-ca-file=/etc/kubernetes/cert/ca.pem --peer-trusted-ca-file=/etc/kubernetes/cert/ca.pem --initial-advertise-peer-urls https://${INTERNAL_IP}:2380 --listen-peer-urls https://${INTERNAL_IP}:2380 \ --listen-client-urls https://${INTERNAL_IP}:2379,http://127.0.0.1:2379 --advertise-client-urls https://${INTERNAL_IP}:2379 --initial-cluster-token my-etcd-token --initial-cluster $ECTD_CLUSTER,test2=http://192.168.0.92:2380 --initial-cluster-state existing --data-dir=/data/etcd Restart=on-failure RestartSec=5 LimitNOFILE=65536 [Install] WantedBy=multi-user.target EOF 8、启动新节点 systemctl daemon-reload #一定要执行,否则报错 systemctl start etcd systemctl status etcd systemctl enable etcd 9、查看集群成员和安全状态 # 在test1节点上操作 [root@test1 ~]# etcdctl --ca-file /etc/kubernetes/cert/ca.pem --cert-file /etc/etcd/cert/etcd.pem --key-file /etc/etcd/cert/etcd-key.pem member list 2eb21869c9f27e29: name=test2 peerURLs=http://192.168.0.92:2380 clientURLs=https://192.168.0.92:2379 isLeader=false 42f7141ed6110de1: name=test1 peerURLs=https://192.168.0.91:2380 clientURLs=https://192.168.0.91:2379 isLeader=true [root@test1 ~]# etcdctl --ca-file /etc/kubernetes/cert/ca.pem --cert-file /etc/etcd/cert/etcd.pem --key-file /etc/etcd/cert/etcd-key.pem cluster-health member 2eb21869c9f27e29 is healthy: got healthy result from https://192.168.0.92:2379 member 42f7141ed6110de1 is healthy: got healthy result from https://192.168.0.91:2379 cluster is healthy 9.2、修改所有节点启动文件一致,然后重启 报错解决: [root@test2 k8s]# etcdctl --ca-file /etc/kubernetes/cert/ca.pem --cert-file /etc/etcd/cert/etcd.pem --key-file /etc/etcd/cert/etcd-key.pem member list Error: client: etcd cluster is unavailable or misconfigured; error #0: dial tcp 127.0.0.1:4001: getsockopt: connection refused ; error #1: dial tcp 127.0.0.1:2379: getsockopt: connection refused error #0: dial tcp 127.0.0.1:4001: getsockopt: connection refused error #1: dial tcp 127.0.0.1:2379: getsockopt: connection refused 启动文件需要添加: http://127.0.0.1:2379 其他报错,删除etcd数据目录重启
  • 相关阅读:
    TCP/IP 协议简介
    制作html的旋转太极图
    Redis高可用
    RFID固定资产管理系统解决方案
    为什么要用三维数据可视化?
    Java单元测试技巧之PowerMock
    技术干货 | 如何在 Library 中使用/依赖 mPaaS?
    云原生的进一步具象化
    【阿里云EMR实战篇】以EMR测试集群版本为例,详解 Flink SQL Client 集成 Hive 使用步骤
    【实践案例】Databricks 数据洞察 Delta Lake 在基智科技(STEPONE)的应用实践
  • 原文地址:https://www.cnblogs.com/effortsing/p/10296424.html
Copyright © 2020-2023  润新知