k8s-etcd

发表于 更新于 分类于 Waline:

etcd/中文

etcd是一种高度一致的分布式键值存储,它提供了一种可靠的方式来存储需要由分布式系统或机器集群访问的数据。它在网络分区期间优雅地处理领导者选举,并且可以容忍机器故障,即使在领导者节点中也是如此。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
#存数据
etcdctl put keyName "I am value"
#获取数据
etcdctl get keyName
#kk安装的etcd环境变量文件
cat /etc/etcd.env
#临时设置别名,简化命令,endpoints要设置所有集群ip才能检测健康状态,不然只检查填写的ip的
alias etcdctl='etcdctl --endpoints=https://192.168.14.16:2379,https://192.168.14.17:2379,https://192.168.14.18:2379  --cacert=/etc/ssl/etcd/ssl/ca.pem --cert=/etc/ssl/etcd/ssl/admin-node1.pem --key=/etc/ssl/etcd/ssl/admin-node1-key.pem'
#查看成员
etcdctl member list 
#移除成员
/usr/local/bin/etcdctl --endpoints=https://192.168.14.16:2379,https://192.168.14.17:2379 member list 
/usr/local/bin/etcdctl --endpoints=https://192.168.14.16:2379,https://192.168.14.17:2379 member remove cab52e8fded2eefe
#查看集群健康状态
etcdctl endpoint health
#kk查看集群状态命令
export ETCDCTL_API=2;
export ETCDCTL_CERT_FILE='/etc/ssl/etcd/ssl/admin-node1.pem';
export ETCDCTL_KEY_FILE='/etc/ssl/etcd/ssl/admin-node1-key.pem';
export ETCDCTL_CA_FILE='/etc/ssl/etcd/ssl/ca.pem';
/usr/local/bin/etcdctl --endpoints=https://192.168.14.16:2379,https://192.168.14.17:2379 cluster-health

etcd解决替换,可以先remove,然后通过kk安装新的节点。

etcd容器安装 vs 虚拟机master节点安装 vs 独立虚拟机安装

etcd备份

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
#查看证书路径
[root@master home]# cat /etc/systemd/system/etcd.service
EnvironmentFile=/etc/etcd.env 可以看到这一行
[root@master home]# cat /etc/etcd.env
# CLI settings
ETCDCTL_ENDPOINTS=https://127.0.0.1:2379
ETCDCTL_CACERT=/etc/ssl/etcd/ssl/ca.pem
ETCDCTL_KEY=/etc/ssl/etcd/ssl/admin-master-key.pem
ETCDCTL_CERT=/etc/ssl/etcd/ssl/admin-master.pem
#替换证书进行备份
[root@master home]# ETCDCTL_API=3 etcdctl snapshot save /home/etcd-snapshot.db \
--endpoints=https://127.0.0.1:2379 \
--cert=/etc/ssl/etcd/ssl/admin-master.pem \
--key=/etc/ssl/etcd/ssl/admin-master-key.pem \
--cacert=/etc/ssl/etcd/ssl/ca.pem