zoukankan      html  css  js  c++  java
  • k8s二进制部署

    下载etcd

    [root@hdss7-12 ~]# useradd -s /sbin/nologin -M etcd
    [root@hdss7-12 ~]# cd /opt/src/
    [root@hdss7-12 src]# wget https://github.com/etcd-io/etcd/releases/download/v3.1.20/etcd-v3.1.20-linux-amd64.tar.gz
    [root@hdss7-12 src]# tar -xf etcd-v3.1.20-linux-amd64.tar.gz 
    [root@hdss7-12 src]# mv etcd-v3.1.20-linux-amd64 /opt/release/etcd-v3.1.20
    [root@hdss7-12 src]# ln -s /opt/release/etcd-v3.1.20 /opt/apps/etcd
    [root@hdss7-12 src]# ll /opt/apps/etcd
    lrwxrwxrwx 1 root root 25 Jan 5 17:56 /opt/apps/etcd -> /opt/release/etcd-v3.1.20
    [root@hdss7-12 src]# mkdir -p /opt/apps/etcd/certs /data/etcd /data/logs/etcd-server

    下发证书到各个etcd上

    [root@hdss7-200 ~]# cd /opt/certs/
    [root@hdss7-200 certs]# for i in 12 21 22;do scp ca.pem etcd-peer.pem etcd-peer-key.pem hdss7-${i}:/opt/apps/etcd/certs/ ;done

    创建启动脚本(部分参数每台机器不同)

    [root@hdss7-12 ~]# vim /opt/apps/etcd/etcd-server-startup.sh
    #!/bin/sh
    # listen-peer-urls etcd节点之间通信端口
    # listen-client-urls 客户端与etcd通信端口
    # quota-backend-bytes 配额大小
    # 需要修改的参数:name,listen-peer-urls,listen-client-urls,initial-advertise-peer-urls
    
    WORK_DIR=$(dirname $(readlink -f $0))
    [ $? -eq 0 ] && cd $WORK_DIR || exit
    
    /opt/apps/etcd/etcd --name etcd-server-7-12 
    --data-dir /data/etcd/etcd-server 
    --listen-peer-urls https://10.4.7.12:2380 
    --listen-client-urls https://10.4.7.12:2379,http://127.0.0.1:2379 
    --quota-backend-bytes 8000000000 
    --initial-advertise-peer-urls https://10.4.7.12:2380 
    --advertise-client-urls https://10.4.7.12:2379,http://127.0.0.1:2379 
    --initial-cluster etcd-server-7-12=https://10.4.7.12:2380,etcd-server-7-21=https://10.4.7.21:2380,etcd-server-7-22=https://10.4.7.22:2380 
    --ca-file ./certs/ca.pem 
    --cert-file ./certs/etcd-peer.pem 
    --key-file ./certs/etcd-peer-key.pem 
    --client-cert-auth 
    --trusted-ca-file ./certs/ca.pem 
    --peer-ca-file ./certs/ca.pem 
    --peer-cert-file ./certs/etcd-peer.pem 
    --peer-key-file ./certs/etcd-peer-key.pem 
    --peer-client-cert-auth 
    --peer-trusted-ca-file ./certs/ca.pem 
    --log-output stdout
    

     修改文件和目录属性

    [root@hdss7-12 ~]# chmod u+x /opt/apps/etcd/etcd-server-startup.sh
    [root@hdss7-12 ~]# chown -R etcd.etcd /opt/apps/etcd/ /data/etcd /data/logs/etcd-server

    启动etcd
    因为这些进程都是要启动为后台进程,要么手动启动,要么采用后台进程管理工具,实验中使用后台管理工具

    [root@hdss7-12 ~]# chmod u+x /opt/apps/etcd/etcd-server-startup.sh
    [root@hdss7-12 ~]# chown -R etcd.etcd /opt/apps/etcd/ /data/etcd /data/logs/etcd-server

    etcd 进程状态查看

    [root@hdss7-12 ~]# supervisorctl status # supervisorctl 状态
    etcd-server-7-12 RUNNING pid 22375, uptime 0:00:39
    
    [root@hdss7-12 ~]# netstat -lntp|grep etcd
    tcp 0 0 10.4.7.12:2379 0.0.0.0:* LISTEN 22379/etcd 
    tcp 0 0 127.0.0.1:2379 0.0.0.0:* LISTEN 22379/etcd 
    tcp 0 0 10.4.7.12:2380 0.0.0.0:* LISTEN 22379/etcd
    
    [root@hdss7-12 ~]# /opt/apps/etcd/etcdctl member list # 随着etcd重启,leader会变化
    988139385f78284: name=etcd-server-7-22 peerURLs=https://10.4.7.22:2380 clientURLs=http://127.0.0.1:2379,https://10.4.7.22:2379 isLeader=false
    5a0ef2a004fc4349: name=etcd-server-7-21 peerURLs=https://10.4.7.21:2380 clientURLs=http://127.0.0.1:2379,https://10.4.7.21:2379 isLeader=true
    f4a0cb0a765574a8: name=etcd-server-7-12 peerURLs=https://10.4.7.12:2380 clientURLs=http://127.0.0.1:2379,https://10.4.7.12:2379 isLeader=false
    
    [root@hdss7-12 ~]# /opt/apps/etcd/etcdctl cluster-health
    member 988139385f78284 is healthy: got healthy result from http://127.0.0.1:2379
    member 5a0ef2a004fc4349 is healthy: got healthy result from http://127.0.0.1:2379
    member f4a0cb0a765574a8 is healthy: got healthy result from http://127.0.0.1:2379
    cluster is healthy 

    etcd 启停方式

    [root@hdss7-12 ~]# supervisorctl start etcd-server-7-12
    [root@hdss7-12 ~]# supervisorctl stop etcd-server-7-12
    [root@hdss7-12 ~]# supervisorctl restart etcd-server-7-12
    [root@hdss7-12 ~]# supervisorctl status etcd-server-7-12
  • 相关阅读:
    .NET:在ASP.NET中如何进行IP限制
    vim配置文件和插件
    初学Perl的感受之数据类型
    ASP.NET伪静态详解及配置
    Wayback Machine
    对单元测试的一点感悟——这是一把双刃剑
    python中使用postgres
    第三章 匿名方法
    在C#程序中使用ocx的方法
    可扩展的 “密码强度” 代码示例
  • 原文地址:https://www.cnblogs.com/Wang-Hongwei/p/14145079.html
Copyright © 2011-2022 走看看