Docker环境下的etcd集群的搭建

基于centos容器运行etcd集群,默认2379端口是客户监听端口,2380是集群监听端口

centos下的单节点etcd运行可见https://www.cnblogs.com/cn-wumo/p/15066932.html

docker run –name etcd_1 –p 12379:2379 –p 12380:2380 –it centos /bin/bash
docker run –name etcd_2 –p 22379:2379 –p 22380:2380 –it centos /bin/bash
docker run –name etcd_3 –p 32379:2379 –p 32380:2380 –it centos /bin/bash

不带ssl证书的集群搭建,三个容器都要启动

./etcd -name etcd_1 \
  -advertise-client-urls https://0.0.0.0:2379 \
  -listen-client-urls https://0.0.0.0:2379 \
  -listen-peer-urls https://0.0.0.0:2380 \
  -initial-advertise-peer-urls https://0.0.0.0:12380 \
  -initial-cluster-token etcd-cluster \
  -initial-cluster "etcd_1=http://0.0.0.0:12380,etcd_2=http://0.0.0.0:22380,etcd_3=http://0.0.0.0:32380" \
  -initial-cluster-state new

带ssl证书的集群搭建,三个容器都要启动

./etcd -name etcd_1 \
  --auto-tls=true \
  --client-cert-auth=true \
  --cert-file=/ssl/server.pem \
  --key-file=/ssl/server-key.pem \
  --trusted-ca-file=/ssl/ca.pem \
  --peer-auto-tls=true \
  --peer-cert-file=/ssl/peer.pem \
  --peer-key-file=/ssl/peer-key.pem \
  --peer-client-cert-auth=true \
  --peer-trusted-ca-file=/ssl/ca.pem \
  -advertise-client-urls https://0.0.0.0:2379 \
  -listen-client-urls https://0.0.0.0:2379 \
  -listen-peer-urls https://0.0.0.0:2380 \
  -initial-advertise-peer-urls https://0.0.0.0:12380 \
  -initial-cluster-token etcd-cluster \
  -initial-cluster "etcd_1=https://0.0.0.0:12380,etcd_2=https://0.0.0.0:22380,etcd_3=https://0.0.0.0:32380" \
  -initial-cluster-state new

注意-initial-advertise-peer-urls字段,-initial-cluster字段填写宿主机的ip地址

不带证书检查集群的状态

./etcdctl endpoint status

带证书检查集群的状态

./etcdctl \
  --cacert=/ssl/ca.pem \
  --cert=/ssl/server.pem \
  --key=/ssl/server-key.pem \
  --endpoints https://127.0.0.1:2379 \
  endpoint status

不带证书集群新增etcd节点(先添加,后启动)

./etcdctl --endpoints http://0.0.0.0:12380 member add etcd_4 http://0.0.0.0:42380

带证书集群新增etcd节点(先添加,后启动)

./etcdctl \
  --cacert=./ca.pem \
  --cert=./server.pem \
  --key=./server-key.pem \
  --endpoints http://0.0.0.0:12380 member add etcd_4 http://0.0.0.0:42380

不带证书启动etcd_4节点

./etcd -name etcd_4 \
  -advertise-client-urls https://0.0.0.0:2379 \
  -listen-client-urls https://0.0.0.0:2379 \
  -listen-peer-urls https://0.0.0.0:2380 \
  -initial-advertise-peer-urls https://0.0.0.0:42380 \
  -initial-cluster-token etcd-cluster \
  -initial-cluster "etcd_1=https://0.0.0.0:12380,etcd_2=https://0.0.0.0:22380,etcd_3=https://0.0.0.0:32380,etcd_4=https://0.0.0.0:42380" \
  -initial-cluster-state new

带证书同理

posted @ 2021-07-27 17:24  午默  阅读(599)  评论(0编辑  收藏  举报