一篇带给你ETCD入门指南

前言

之前对etcd不是很了解,于是下定决心学习一下。随手把过程记录了一下,希望对大家有帮助。

让客户满意是我们工作的目标,不断超越客户的期望值来自于我们对这个行业的热爱。我们立志把好的技术通过有效、简单的方式提供给客户,将通过不懈努力成为客户在信息化领域值得信任、有价值的长期合作伙伴,公司提供的服务项目有:主机域名、网络空间、营销软件、网站建设、汉台网站维护、网站推广。

环境说明如下:

一、集群搭建

我这里将etcd部署在虚拟机上,采取静态配置,即在etcd各节点在配置中指定。

1.所有节点下载etcd并解压、移动至/usr/local/bin/,并给予对应权限

 
 
 
 
  1. # 下载地址:https://github.com/etcd-io/etcd/releases 
  2. wget https://github.com/coreos/etcd/releases/download/v3.4.16/etcd-v3.4.16-linux-amd64.tar.gz 
  3. tar -zxvf etcd-v3.4.16-linux-amd64.tar.gz 
  4. cd etcd* 
  5. mv etcdctl etcd /usr/local/bin 
  6. chmod +x /usr/local/bin/etcd* 

2.证书文件

 
 
 
 
  1. # 证书文件 ca-config.json etcd-ca-csr.json etcd-csr.json 
  2. cat ca-config.json 
  3.   "signing": { 
  4.     "default": { 
  5.       "expiry": "876000h" 
  6.     }, 
  7.     "profiles": { 
  8.       "kubernetes": { 
  9.         "usages": [ 
  10.             "signing", 
  11.             "key encipherment", 
  12.             "server auth", 
  13.             "client auth" 
  14.         ], 
  15.         "expiry": "876000h" 
  16.       } 
  17.     } 
  18.   } 
  19.  
  20. cat etcd-ca-csr-json 
  21.   "CN": "etcd", 
  22.   "key": { 
  23.     "algo": "rsa", 
  24.     "size": 2048 
  25.   }, 
  26.   "names": [ 
  27.     { 
  28.       "C": "CN", 
  29.       "ST": "Shenzhen", 
  30.       "L": "Shenzhen", 
  31.       "O": "etcd", 
  32.       "OU": "Etcd Security" 
  33.     } 
  34.   ] 
  35.  
  36.  
  37. cat etcd-csr.json 
  38.     "CN": "etcd", 
  39.     "hosts": [ 
  40.       "127.0.0.1", 
  41.       "10.211.55.50", 
  42.       "10.211.55.51", 
  43.       "10.211.55.52" 
  44.     ], 
  45.     "key": { 
  46.         "algo": "rsa", 
  47.         "size": 2048 
  48.     }, 
  49.     "names": [ 
  50.         { 
  51.             "C": "CN", 
  52.             "ST": "Shenzhen", 
  53.             "L": "Shenzhen", 
  54.             "O": "etcd", 
  55.             "OU": "Etcd Security" 
  56.         } 
  57.     ] 

3.etcd-ca证书

 
 
 
 
  1. cfssl gencert -initca etcd-ca-csr.json | cfssljson -bare etcd-ca 
  2. # 查看证书文件 
  3. [root@etcd1 opt]# ls -al 
  4. total 36 
  5. drwxr-xr-x.  2 root root  186 May 13 21:53 . 
  6. dr-xr-xr-x. 17 root root  244 Oct 21  2020 .. 
  7. -rw-------   1 root root  294 Nov 27  2019 ca-config.json 
  8. -rw-r--r--   1 root root 1005 May 13 21:53 etcd-ca.csr 
  9. -rw-------   1 root root  212 Nov 27  2019 etcd-ca-csr.json 
  10. -rw-------   1 root root 1675 May 13 21:53 etcd-ca-key.pem 
  11. -rw-r--r--   1 root root 1371 May 13 21:53 etcd-ca.pem 
  12. -rw-------   1 root root  374 May 13 21:48 etcd-csr.json 

4.生成etcd证书

 
 
 
 
  1. cfssl gencert -ca=etcd-ca.pem -ca-key=etcd-ca-key.pem -config=ca-config.json -profile=kubernetes etcd-csr.json | cfssljson -bare etcd 
  2. # 查看证书 
  3. ls -al 
  4. total 36 
  5. drwxr-xr-x.  2 root root  186 May 13 21:53 . 
  6. dr-xr-xr-x. 17 root root  244 Oct 21  2020 .. 
  7. -rw-------   1 root root  294 Nov 27  2019 ca-config.json 
  8. -rw-r--r--   1 root root 1005 May 13 21:53 etcd-ca.csr 
  9. -rw-------   1 root root  212 Nov 27  2019 etcd-ca-csr.json 
  10. -rw-------   1 root root 1675 May 13 21:53 etcd-ca-key.pem 
  11. -rw-r--r--   1 root root 1371 May 13 21:53 etcd-ca.pem 
  12. -rw-r--r--   1 root root 1078 May 13 21:53 etcd.csr 
  13. -rw-------   1 root root  374 May 13 21:48 etcd-csr.json 
  14. -rw-------   1 root root 1679 May 13 21:53 etcd-key.pem 
  15. -rw-r--r--   1 root root 1456 May 13 21:53 etcd.pem 

5.复制到etcd的证书到证书目录

 
 
 
 
  1. mkdir -pv /etc/etcd/ssl && cp etcd*.pem /etc/etcd/ssl 
  2. # 复制证书目录到其他节点 
  3. scp -r /etc/etcd root@etcd2 
  4. scp -r /etc/etcd root@etcd3 

6.配置成系统服务

 
 
 
 
  1. cat etcd.service # 要根据每个节点进行修改IP和name 
  2. [Unit] 
  3. Description=Etcd Server 
  4. After=network.target 
  5. After=network-online.target 
  6. Wants=network-online.target 
  7. Documentation=https://github.com/coreos 
  8. [Service] 
  9. Type=notify 
  10. WorkingDirectory=/var/lib/etcd/ 
  11. EnvironmentFile=-/etc/etcd/etcd.conf 
  12. ExecStart=/usr/local/bin/etcd \ 
  13. --name=etcd1 \ 
  14. --cert-file=/etc/etcd/ssl/etcd.pem \ 
  15. --key-file=/etc/etcd/ssl/etcd-key.pem \ 
  16. --peer-cert-file=/etc/etcd/ssl/etcd.pem \ 
  17. --peer-key-file=/etc/etcd/ssl/etcd-key.pem \ 
  18. --trusted-ca-file=/etc/etcd/ssl/etcd-ca.pem \ 
  19. --peer-trusted-ca-file=/etc/etcd/ssl/etcd-ca.pem \ 
  20. --initial-advertise-peer-urls=https://10.211.55.50:2380 \ 
  21. --listen-peer-urls=https://10.211.55.50:2380 \ 
  22. --listen-client-urls=https://10.211.55.50:2379,http://127.0.0.1:2379 \ 
  23. --advertise-client-urls=https://10.211.55.50:2379 \ 
  24. --initial-cluster-token=etcd-cluster-0 \ 
  25. --initial-cluster=etcd1=https://10.211.55.50:2380,etcd2=https://10.211.55.51:2380,etcd3=https://10.211.55.52:2380 \ 
  26. --initial-cluster-state=new \ 
  27. --data-dir=/var/lib/etcd 
  28. Restart=on-failure 
  29. RestartSec=5 
  30. LimitNOFILE=65536 
  31. [Install] 
  32. WantedBy=multi-user.target 

7.启动etcd

 
 
 
 
  1. # 三个节点启动etcd服务 
  2. systemctl daemon-reload && systemctl enable etcd && systemctl start etcd 

8.检查集群状态

 
 
 
 
  1. # 检查member 
  2. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.52:2379 member list -w table 
  3. +------------------+---------+-------+---------------------------+---------------------------+------------+ 
  4. |        ID        | STATUS  | NAME  |        PEER ADDRS         |       CLIENT ADDRS        | IS LEARNER | 
  5. +------------------+---------+-------+---------------------------+---------------------------+------------+ 
  6. |  ca2cb14b2acc776 | started | etcd3 | https://10.211.55.52:2380 | https://10.211.55.52:2379 |      false | 
  7. | 31f517c6aefb1a37 | started | etcd1 | https://10.211.55.50:2380 | https://10.211.55.50:2379 |      false | 
  8. | ad1ee26f89ef12f4 | started | etcd2 | https://10.211.55.51:2380 | https://10.211.55.51:2379 |      false | 
  9. +------------------+---------+-------+---------------------------+---------------------------+------------+ 
  10.  
  11. # 查看是否有LD 
  12. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379,https://10.211.55.52:2379 endpoint status -w table 
  13. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 
  14. |         ENDPOINT          |        ID        | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS | 
  15. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 
  16. | https://10.211.55.50:2379 | 31f517c6aefb1a37 |  3.4.16 |   25 kB |      true |      false |       645 |         54 |                 54 |        | 
  17. | https://10.211.55.51:2379 | ad1ee26f89ef12f4 |  3.4.16 |   20 kB |     false |      false |       645 |         54 |                 54 |        | 
  18. | https://10.211.55.52:2379 |  ca2cb14b2acc776 |  3.4.16 |   20 kB |     false |      false |       645 |         54 |                 54 |        | 
  19. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 
  20.  
  21. # 尝试写入数据 
  22. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379,https://10.211.55.52:2379  put foo4 bar4 
  23.  
  24. # 读取数据 
  25. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379,https://10.211.55.52:2379 get  foo4 
  26. foo4 
  27. bar4 
  28.  
  29. # 获取所有key 
  30. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379,https://10.211.55.52:2379 get --prefix  --keys-only '' 
  31. foo 
  32. foo2 
  33. foo3 
  34. foo4 
  35.  
  36. # 只获取value 
  37. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379,https://10.211.55.52:2379 get  --print-value-only --prefix=true '' 
  38. bar 
  39. bar2 
  40. bar3 
  41. bar 
  42.  
  43. # 获取指定key、rev的数据 
  44. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379,https://10.211.55.52:2379 get  foo4 -w json 
  45. {"header":{"cluster_id":9218922165880849559,"member_id":910513364439713654,"revision":10,"raft_term":645},"kvs":[{"key":"Zm9vNA==","create_revision":7,"mod_revision":10,"version":4,"value":"eGl5YW5neGl4aQ=="}],"count":1} 
  46.  
  47. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379,https://10.211.55.52:2379 get  foo4 -w json --rev=8 
  48. {"header":{"cluster_id":9218922165880849559,"member_id":3599809619259234871,"revision":10,"raft_term":645},"kvs":[{"key":"Zm9vNA==","create_revision":7,"mod_revision":8,"version":2,"value":"eGl5YW5neGl4aWE="}],"count":1} 

二、成员变更

删除成员

因为我的资源有限,所以先模拟删除成员再添加成员。

 
 
 
 
  1. # 先检查集群状态并获取成员ID 
  2. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379,https://10.211.55.52:2379 endpoint status -w table 
  3. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 
  4. |         ENDPOINT          |        ID        | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS | 
  5. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 
  6. | https://10.211.55.50:2379 | 31f517c6aefb1a37 |  3.4.16 |   25 kB |      true |      false |       645 |         54 |                 54 |        | 
  7. | https://10.211.55.51:2379 | ad1ee26f89ef12f4 |  3.4.16 |   20 kB |     false |      false |       645 |         54 |                 54 |        | 
  8. | https://10.211.55.52:2379 |  ca2cb14b2acc776 |  3.4.16 |   20 kB |     false |      false |       645 |         54 |                 54 |        | 
  9. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 
  10.  
  11. # 通过ID删除成员,这里以删除10.211.55.52为例 
  12. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379 member remove ca2cb14b2acc776 
  13. Member  ca2cb14b2acc776 removed from cluster 7ff030ddad4d8497 
  14.  
  15. # 检查集群状态,只有两个节点了 
  16. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379,https://10.211.55.52:2379 endpoint status -w table 
  17. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 
  18. |         ENDPOINT          |        ID        | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS | 
  19. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 
  20. | https://10.211.55.50:2379 | 31f517c6aefb1a37 |  3.4.16 |   25 kB |      true |      false |       645 |         58 |                 58 |        | 
  21. | https://10.211.55.51:2379 | ad1ee26f89ef12f4 |  3.4.16 |   20 kB |     false |      false |       645 |         58 |                 58 |        | 
  22. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 
  23.  
  24. # 查看10.211.55.52 etcd状态,发现etcd 
  25. systemctl status etcd 
  26. ● etcd.service - Etcd Server 
  27.    Loaded: loaded (/etc/systemd/system/etcd.service; enabled; vendor preset: disabled) 
  28.    Active: inactive (dead) since Sun 2021-07-04 11:39:42 CST; 1min 31s ago 
  29.    ...... 
  30.     
  31. # 尝试写入数据 
  32. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379  put foo4 bar8 
  33. OK 
  34.  
  35. # 尝试获取写入的数据 
  36. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379  get  foo4  
  37. foo4 
  38. bar8 

添加成员

添加成员主要分为两步,一是通过etcdctl添加成员,二是根据第一步输出的配置修改etcd配置并启动etcd

 
 
 
 
  1. # 先通过etcdctl添加成员 
  2. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379  member add etcd3 --peer-urls="https://10.211.55.52:2380" 
  3. Member 89088d035064124d added to cluster 7ff030ddad4d8497 
  4.  
  5. ETCD_NAME="etcd3" 
  6. ETCD_INITIAL_CLUSTER="etcd1=https://10.211.55.50:2380,etcd3=https://10.211.55.52:2380,etcd2=https://10.211.55.51:2380" 
  7. ETCD_INITIAL_ADVERTISE_PEER_URLS="https://10.211.55.52:2380" 
  8. ETCD_INITIAL_CLUSTER_STATE="existing" 
  9.  
  10. # 更改etcd配置并启动etcd,注意要保证etcd数据目录为空 
  11. systemctl cat etcd 
  12. # /etc/systemd/system/etcd.service 
  13. [Unit] 
  14. Description=Etcd Server 
  15. After=network.target 
  16. After=network-online.target 
  17. Wants=network-online.target 
  18. Documentation=https://github.com/coreos 
  19. [Service] 
  20. Type=notify 
  21. WorkingDirectory=/var/lib/etcd/ 
  22. EnvironmentFile=-/etc/etcd/etcd.conf 
  23. ExecStart=/usr/local/bin/etcd \ 
  24. --name=etcd3 \ 
  25. --cert-file=/etc/etcd/ssl/etcd.pem \ 
  26. --key-file=/etc/etcd/ssl/etcd-key.pem \ 
  27. --peer-cert-file=/etc/etcd/ssl/etcd.pem \ 
  28. --peer-key-file=/etc/etcd/ssl/etcd-key.pem \ 
  29. --trusted-ca-file=/etc/etcd/ssl/etcd-ca.pem \ 
  30. --peer-trusted-ca-file=/etc/etcd/ssl/etcd-ca.pem \ 
  31. --initial-advertise-peer-urls=https://10.211.55.52:2380 \ 
  32. --listen-peer-urls=https://10.211.55.52:2380 \ 
  33. --listen-client-urls=https://10.211.55.52:2379,http://127.0.0.1:2379 \ 
  34. --advertise-client-urls=https://10.211.55.52:2379 \ 
  35. --initial-cluster-token=etcd-cluster-0 \ 
  36. --initial-cluster=etcd1=https://10.211.55.50:2380,etcd2=https://10.211.55.51:2380,etcd3=https://10.211.55.52:2380 \ 
  37. --initial-cluster-state=existing \ 
  38. --data-dir=/var/lib/etcd 
  39. Restart=on-failure 
  40. RestartSec=5 
  41. LimitNOFILE=65536 
  42. [Install] 
  43. WantedBy=multi-user.target 
  44.  
  45. # 启动etcd 
  46. systemctl start etcd && systemctl status etcd 
  47.  
  48. # 检查集群状态 
  49. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379,https://10.211.55.52:2379 endpoint status -w table 
  50. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 
  51. |         ENDPOINT          |        ID        | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS | 
  52. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 
  53. | https://10.211.55.50:2379 | 31f517c6aefb1a37 |  3.4.16 |   25 kB |      true |      false |       645 |         62 |                 62 |        | 
  54. | https://10.211.55.51:2379 | ad1ee26f89ef12f4 |  3.4.16 |   20 kB |     false |      false |       645 |         62 |                 62 |        | 
  55. | https://10.211.55.52:2379 | 89088d035064124d |  3.4.16 |   20 kB |     false |      false |       645 |         62 |                 62 |        | 
  56. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 

三、数据备份

数据备份我这里直接使用snapshot人工备份好了,仅用于测试而已。

 
 
 
 
  1. # 先写入一个数据,方便后面做测试 
  2. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379,https://10.211.55.52:2379  put xiyangxixi  boys 
  3. OK 
  4.  
  5. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379,https://10.211.55.52:2379  get xiyangxixi 
  6. xiyangxixi 
  7. boys 
  8.  
  9. # 备份数据 
  10. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379 snapshot save snapshot-xiyangxixi.db 
  11. {"level":"info","ts":1625373129.2212617,"caller":"snapshot/v3_snapshot.go:119","msg":"created temporary db file","path":"snapshot-xiyangxixi.db.part"} 
  12. {"level":"info","ts":"2021-07-04T12:32:09.228+0800","caller":"clientv3/maintenance.go:200","msg":"opened snapshot stream; downloading"} 
  13. {"level":"info","ts":1625373129.2287908,"caller":"snapshot/v3_snapshot.go:127","msg":"fetching snapshot","endpoint":"https://10.211.55.50:2379"} 
  14. {"level":"info","ts":"2021-07-04T12:32:09.231+0800","caller":"clientv3/maintenance.go:208","msg":"completed snapshot read; closing"} 
  15. {"level":"info","ts":1625373129.2318149,"caller":"snapshot/v3_snapshot.go:142","msg":"fetched snapshot","endpoint":"https://10.211.55.50:2379","size":"25 kB","took":0.010441635} 
  16. {"level":"info","ts":1625373129.2318769,"caller":"snapshot/v3_snapshot.go:152","msg":"saved","path":"snapshot-xiyangxixi.db"} 
  17. Snapshot saved at snapshot-xiyangxixi.db 

四、集群数据恢复

需要使用同一个备份文件。这里以上面的snapshot-xiyangxixi.db进行模拟。

 
 
 
 
  1. # 注意: 
  2. # 1、最好指定一下data-dir我这里没指定,结果数据都到etcd1.etcd、etcd2.etcd、etcd3.etcd中去了,这样子还得修改etcd.service文件 
  3. # 2、恢复数据前,之前的数据目录记得备份 
  4. # 3、如果是单节点故障,可以考虑删除该节点再添加该节点 
  5. # etcd1上执行 
  6. etcdctl snapshot restore /root/snapshot-xiyangxixi.db  --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem  --name etcd1 --initial-advertise-peer-urls=https://10.211.55.50:2380 --initial-cluster-token=etcd-cluster-1 --initial-cluster=etcd1=https://10.211.55.50:2380,etcd2=https://10.211.55.51:2380,etcd3=https://10.211.55.52:2380 
  7. {"level":"info","ts":1625373977.7445557,"caller":"snapshot/v3_snapshot.go:296","msg":"restoring snapshot","path":"/root/snapshot-xiyangxixi.db","wal-dir":"etcd1.etcd/member/wal","data-dir":"etcd1.etcd","snap-dir":"etcd1.etcd/member/snap"} 
  8. {"level":"info","ts":1625373977.7477813,"caller":"membership/cluster.go:392","msg":"added member","cluster-id":"a914ec3525c16b4","local-member-id":"0","added-peer-id":"517f2ff3c4b9581b","added-peer-peer-urls":["https://10.211.55.52:2380"]} 
  9. {"level":"info","ts":1625373977.7478256,"caller":"membership/cluster.go:392","msg":"added member","cluster-id":"a914ec3525c16b4","local-member-id":"0","added-peer-id":"6856401bd8388bec","added-peer-peer-urls":["https://10.211.55.50:2380"]} 
  10. {"level":"info","ts":1625373977.7478426,"caller":"membership/cluster.go:392","msg":"added member","cluster-id":"a914ec3525c16b4","local-member-id":"0","added-peer-id":"6ea7d2ec70c556d5","added-peer-peer-urls":["https://10.211.55.51:2380"]} 
  11. {"level":"info","ts":1625373977.7509031,"caller":"snapshot/v3_snapshot.go:309","msg":"restored snapshot","path":"/root/snapshot-xiyangxixi.db","wal-dir":"etcd1.etcd/member/wal","data-dir":"etcd1.etcd","snap-dir":"etcd1.etcd/member/snap"} 
  12.  
  13. # etcd2上执行 
  14. etcdctl snapshot restore /root/snapshot-xiyangxixi.db  --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem  --name etcd2 --initial-advertise-peer-urls=https://10.211.55.51:2380 --initial-cluster-token=etcd-cluster-1 --initial-cluster=etcd1=https://10.211.55.50:2380,etcd2=https://10.211.55.51:2380,etcd3=https://10.211.55.52:2380 
  15. {"level":"info","ts":1625374104.1673598,"caller":"snapshot/v3_snapshot.go:296","msg":"restoring snapshot","path":"/root/snapshot-xiyangxixi.db","wal-dir":"etcd2.etcd/member/wal","data-dir":"etcd2.etcd","snap-dir":"etcd2.etcd/member/snap"} 
  16. {"level":"info","ts":1625374104.1709266,"caller":"membership/cluster.go:392","msg":"added member","cluster-id":"a914ec3525c16b4","local-member-id":"0","added-peer-id":"517f2ff3c4b9581b","added-peer-peer-urls":["https://10.211.55.52:2380"]} 
  17. {"level":"info","ts":1625374104.1709714,"caller":"membership/cluster.go:392","msg":"added member","cluster-id":"a914ec3525c16b4","local-member-id":"0","added-peer-id":"6856401bd8388bec","added-peer-peer-urls":["https://10.211.55.50:2380"]} 
  18. {"level":"info","ts":1625374104.1709878,"caller":"membership/cluster.go:392","msg":"added member","cluster-id":"a914ec3525c16b4","local-member-id":"0","added-peer-id":"6ea7d2ec70c556d5","added-peer-peer-urls":["https://10.211.55.51:2380"]} 
  19. {"level":"info","ts":1625374104.1741195,"caller":"snapshot/v3_snapshot.go:309","msg":"restored snapshot","path":"/root/snapshot-xiyangxixi.db","wal-dir":"etcd2.etcd/member/wal","data-dir":"etcd2.etcd","snap-dir":"etcd2.etcd/member/snap"} 
  20.  
  21. # etcd3上执行 
  22. etcdctl snapshot restore /root/snapshot-xiyangxixi.db  --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem  --name etcd3 --initial-advertise-peer-urls=https://10.211.55.52:2380 --initial-cluster-token=etcd-cluster-1 --initial-cluster=etcd1=https://10.211.55.50:2380,etcd2=https://10.211.55.51:2380,etcd3=https://10.211.55.52:2380 
  23. {"level":"info","ts":1625374158.713205,"caller":"snapshot/v3_snapshot.go:296","msg":"restoring snapshot","path":"/root/snapshot-xiyangxixi.db","wal-dir":"etcd3.etcd/member/wal","data-dir":"etcd3.etcd","snap-dir":"etcd3.etcd/member/snap"} 
  24. {"level":"info","ts":1625374158.7164843,"caller":"membership/cluster.go:392","msg":"added member","cluster-id":"a914ec3525c16b4","local-member-id":"0","added-peer-id":"517f2ff3c4b9581b","added-peer-peer-urls":["https://10.211.55.52:2380"]} 
  25. {"level":"info","ts":1625374158.7165308,"caller":"membership/cluster.go:392","msg":"added member","cluster-id":"a914ec3525c16b4","local-member-id":"0","added-peer-id":"6856401bd8388bec","added-peer-peer-urls":["https://10.211.55.50:2380"]} 
  26. {"level":"info","ts":1625374158.7165465,"caller":"membership/cluster.go:392","msg":"added member","cluster-id":"a914ec3525c16b4","local-member-id":"0","added-peer-id":"6ea7d2ec70c556d5","added-peer-peer-urls":["https://10.211.55.51:2380"]} 
  27. {"level":"info","ts":1625374158.7190611,"caller":"snapshot/v3_snapshot.go:309","msg":"restored snapshot","path":"/root/snapshot-xiyangxixi.db","wal-dir":"etcd3.etcd/member/wal","data-dir":"etcd3.etcd","snap-dir":"etcd3.etcd/member/snap"} 
  28.  
  29. # 启动etcd 
  30. systemctl daemon-reload && systemctl start etcd 
  31.  
  32. # 查看etcd集群状态 
  33. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379,https://10.211.55.52:2379 endpoint status -w table 
  34. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 
  35. |         ENDPOINT          |        ID        | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS | 
  36. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 
  37. | https://10.211.55.50:2379 | 6856401bd8388bec |  3.4.16 |   25 kB |     false |      false |         4 |          8 |                  8 |        | 
  38. | https://10.211.55.51:2379 | 6ea7d2ec70c556d5 |  3.4.16 |   25 kB |      true |      false |         4 |          8 |                  8 |        | 
  39. | https://10.211.55.52:2379 | 517f2ff3c4b9581b |  3.4.16 |   25 kB |     false |      false |         4 |          8 |                  8 |        | 
  40. +---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ 
  41.  
  42. # 获取key为xiyangxixi的数据 
  43. etcdctl --cacert /etc/etcd/ssl/etcd-ca.pem --cert /etc/etcd/ssl/etcd.pem  --key /etc/etcd/ssl/etcd-key.pem --endpoints=https://10.211.55.50:2379,https://10.211.55.51:2379,https://10.211.55.52:2379  get xiyangxixi 
  44. xiyangxixi 
  45. boys 

参考

  • https://etcd.io/docs/v3.4/op-guide/hardware/
  • https://etcd.io/docs/v3.4/op-guide/recovery/
  • https://etcd.io/docs/v3.4/op-guide/clustering/

本文转载自微信公众号「运维开发故事」,可以通过以下二维码关注。转载本文请联系运维开发故事公众号。

标题名称:一篇带给你ETCD入门指南
文章源于:http://www.csdahua.cn/qtweb/news30/76130.html

网站建设、网络推广公司-快上网,是专注品牌与效果的网站制作,网络营销seo公司;服务项目有等

广告

声明:本网站发布的内容(图片、视频和文字)以用户投稿、用户转载内容为主,如果涉及侵权请尽快告知,我们将会在第一时间删除。文章观点不代表本网站立场,如需处理请联系客服。电话:028-86922220;邮箱:631063699@qq.com。内容未经允许不得转载,或转载时需注明来源: 快上网