跟着炎炎盐实践k8s---Kubernetes 1.16.10 二进制高可用集群部署之ETCD部署
2021-01-27 02:14
标签:server ant targe kubectl sage ddr 字段 linux out 一、环境准备 etcd 数据目录: etcd WAL 目录: 1、创建etcd相关证书 ###生成证书和私钥 ###分发到etcd节点 2、安装etcd 3、创建etcd.service 3、启动etcd 4、确认集群健康 5、向etcd写入POD网段信息 6、重启flannel、docker 7、检查flannel、docker是否获取到正确的子网 跟着炎炎盐实践k8s---Kubernetes 1.16.10 二进制高可用集群部署之ETCD部署 标签:server ant targe kubectl sage ddr 字段 linux out 原文地址:https://blog.51cto.com/13534471/2507969 这一节我们在三个主节点部署高可用的etcd集群,官方建议5节点或者7节点,我们三节点也是够用的。我们开始吧!
10.13.33.29 etcd-0
10.13.33.40 etcd-1
10.13.33.38 etcd-2
ETCD_DATA_DIR="/data/k8s/etcd/data"
ETCD_WAL_DIR="/data/k8s/etcd/wal"
(建议是 SSD 磁盘分区,或者和 ETCD_DATA_DIR 不同的磁盘分区)cd /opt/k8s/work
cat > etcd-csr.json
cfssl gencert -ca=/opt/k8s/work/ca.pem -ca-key=/opt/k8s/work/ca-key.pem -config=/opt/k8s/work/ca-config.json -profile=kubernetes etcd-csr.json | cfssljson -bare etcd
ls etcd*pem
mkdir -p /etc/etcd/cert
cp etcd*.pem /etc/etcd/cert/
wget https://github.com/etcd-io/etcd/releases/download/v3.3.13/etcd-v3.3.13-linux-amd64.tar.gz ##下载etcd组件
tar -xvf etcd-v3.3.13-linux-amd64.tar.gz ##解压
cp etcd-v3.3.13-linux-amd64/etcd* /opt/k8s/bin/ ##复制etcd命令到指定目录
chmod +x /opt/k8s/bin/* ##赋权
mkdir -p /data/k8s/etcd/data /data/k8s/etcd/wal ##创建etcd数据目录
cat > etcd.service.template
systemctl daemon-reload && systemctl enable etcd && systemctl restart etcd && systemctl status etcd|grep Active
curl -L 127.0.0.1:2379/health ###检查启动状态
[root@master-01 work]# curl -L 127.0.0.1:2379/health
{"health":"true"}
[root@master-01 work]# ETCDCTL_API=3 /opt/k8s/bin/etcdctl -w table --cacert=/etc/kubernetes/cert/ca.pem --cert=/etc/etcd/cert/etcd.pem --key=/etc/etcd/cert/etcd-key.pem --endpoints=https://10.13.33.29:2379,https://10.13.33.38:2379,https://10.13.33.40:2379 endpoint status
+--------------------------+------------------+---------+---------+-----------+-----------+------------+
| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | RAFT TERM | RAFT INDEX |
+--------------------------+------------------+---------+---------+-----------+-----------+------------+
| https://10.13.33.29:2379 | 3d57cc849d2a16** | 3.3.13 | 33 MB | true | 36971 | 6201481 |
| https://10.13.33.38:2379 | bff9394ca77d77** | 3.3.13 | 33 MB | false | 36971 | 6201481 |
| https://10.13.33.40:2379 | 2ce7325ad513f9** | 3.3.13 | 33 MB | false | 36971 | 6201481 |
+--------------------------+------------------+---------+---------+-----------+-----------+------------+
[root@master-01 work]# ETCDCTL_API=3 /opt/k8s/bin/etcdctl -w table --cacert=/etc/kubernetes/cert/ca.pem --cert=/etc/etcd/cert/etcd.pem --key=/etc/etcd/cert/etcd-key.pem --endpoints=https://10.13.33.29:2379,https://10.13.33.38:2379,https://10.13.33.40:2379 member list
+------------------+---------+-----------+--------------------------+--------------------------+
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS |
+------------------+---------+-----------+--------------------------+--------------------------+
| 2ce7325ad513f9** | started | master-03 | https://10.13.33.40:2380 | https://10.13.33.40:2379 |
| 3d57cc849d2a16** | started | master-02 | https://10.13.33.29:2380 | https://10.13.33.29:2379 |
| bff9394ca77d77** | started | master-01 | https://10.13.33.38:2380 | https://10.13.33.38:2379 |
+------------------+---------+-----------+--------------------------+--------------------------+
{"health":"true"}[root@ETCDCTL_API=3 /opt/k8s/bin/etcdctl -w table --cacert=/etc/kubernetes/cert/ca.pem --cert=/etc/etcd/cert/etcd.pem --key=/etc/etcd/cert/etcd-key.pem --endpoints=https://10.13.33.29:2379,https://10.13.33.38:2379,https://10.13.33.40:2379 endpoint health
https://10.13.33.38:2379 is healthy: successfully committed proposal: took = 2.174634ms
https://10.13.33.29:2379 is healthy: successfully committed proposal: took = 1.465878ms
https://10.13.33.40:2379 is healthy: successfully committed proposal: took = 2.36525ms
安装kubectl后可以通过kubectl查看
[root@master-01 ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {"health":"true"}
etcd-1 Healthy {"health":"true"}
etcd-2 Healthy {"health":"true"}
etcdctl --endpoints=https://10.13.33.29:2379,https://10.13.33.38:2379,https://10.13.33.40:2379 --ca-file=/opt/k8s/work/ca.pem --cert-file=/opt/k8s/work/flanneld.pem --key-file=/opt/k8s/work/flanneld-key.pem mk /kubernetes/network/config ‘{"Network":"‘172.30.0.0/16‘", "SubnetLen": 21, "Backend": {"Type": "vxlan"}}‘
systemctl restart flanneld docker
systemctl status flanneld docker | grep Active
ip addr show| grep flannel.1
[root@master-01 work]# ip addr show|grep flannel.1
5: flannel.1:
上一篇:js设置/获取剪切板内容
文章标题:跟着炎炎盐实践k8s---Kubernetes 1.16.10 二进制高可用集群部署之ETCD部署
文章链接:http://soscw.com/essay/47547.html