Etcd-v3.4.27集群部署

下载etcd


# wget  https://storage.googleapis.com/etcd/v3.4.27/etcd-v3.4.27-linux-amd64.tar.gz
--2024-07-16 09:46:54--  https://storage.googleapis.com/etcd/v3.4.27/etcd-v3.4.27-linux-amd64.tar.gz
Resolving storage.googleapis.com (storage.googleapis.com)... 142.251.43.27, 172.217.163.59, 172.217.160.123, ...
Connecting to storage.googleapis.com (storage.googleapis.com)|142.251.43.27|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 16171146 (15M) [application/x-tar]
Saving to: ‘etcd-v3.4.27-linux-amd64.tar.gz’
 
100%[===========================================================================================================================>] 16,171,146  8.40MB/s   in 1.8s   
 
2024-07-16 09:46:56 (8.40 MB/s) - ‘etcd-v3.4.27-linux-amd64.tar.gz’ saved [16171146/16171146]

如果是下载其他版本。则可以用如下脚本，修改版本号


ETCD_VER=v3.4.27
 
# choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
 
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
 
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
 
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version

新增配置文件etcd.conf.yml


# cat etcd.conf.yml 
# 节点名称，不能重复，需要和initial-cluster配置项中每个服务器ip对应的节点名对齐
name: etcd02
# etcd  data和wal存储路径，按实际部署目录修改
data-dir: /data/dataos/modo/etcd-v3.4.27/data
wal-dir: /data/dataos/modo/etcd-v3.4.27/wal
# # 客户端监听端口 IP和占用端口按实际部署情况修改
listen-client-urls: http://10.200.207.2:2379,http://127.0.0.1:2379
advertise-client-urls: http://10.200.207.2:2379,http://127.0.0.1:2379
# etcd集群通信端口配置，IP和占用端口按实际部署情况修改
listen-peer-urls: http://10.200.207.2:2380
initial-advertise-peer-urls: http://10.200.207.2:2380
# 集群配置，三个节点的 节点名=ip:端口 按实际部署情况修改
initial-cluster: etcd01=http://10.200.207.1:2380,etcd02=http://10.200.207.2:2380,etcd03=http://10.200.207.3:2380
initial-cluster-token: etcd-cluster-token
initial-cluster-state: new

启动etcd


# cat start_etcd.sh 
#!/bin/bash
nohup ./etcd --config-file=etcd.conf.yml  > ./logs/etcd.log 2>&1  &

查看etcd


# etcdctl
-bash: etcdctl: command not found

命令未找到，添加配置


# ll /usr/local/bin/
total 0
# cp /data/dataos/modo/etcd-v3.4.27/etcd /usr/local/bin/
# cp /data/dataos/modo/etcd-v3.4.27/etcdctl /usr/local/bin/
# vi /etc/profile
# source /etc/profile
# etcdctl version
etcdctl version: 3.4.27
API version: 3.4

/etc/profile文件中新增etcdctl的api版本，默认使用2

# 在文件最后加入变量，因为etcd默认使用V2版本，我们需要V3版本的API。 export ETCDCTL_API=3

etcd开机自启动


# vi /etc/systemd/system/etcd.service 
# systemctl daemon-reload
# systemctl enable etcd
# systemctl start etcd
# systemctl status etcd
● etcd.service - Etcd Server
   Loaded: loaded (/etc/systemd/system/etcd.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2024-07-16 10:28:48 CST; 7s ago
     Docs: https://github.com/coreos/etcd
 Main PID: 26450 (etcd)
   CGroup: /system.slice/etcd.service
           └─26450 /usr/local/bin/etcd
Jul 16 10:28:47 10.200.207.2 etcd[26450]: raft2024/07/16 10:28:47 INFO: 8e9e05c52164694d became leader at term 2
Jul 16 10:28:47 10.200.207.2 etcd[26450]: raft2024/07/16 10:28:47 INFO: raft.node: 8e9e05c52164694d elected leader 8e9e05c52164694d at term 2
Jul 16 10:28:48 10.200.207.2 etcd[26450]: sync duration of 1.384904543s, expected less than 1s
Jul 16 10:28:48 10.200.207.2 etcd[26450]: published {Name:default ClientURLs:[http://localhost:2379]} to cluster cdf818194e3a8c32
Jul 16 10:28:48 10.200.207.2 etcd[26450]: ready to serve client requests
Jul 16 10:28:48 10.200.207.2 etcd[26450]: setting up the initial cluster version to 3.4
Jul 16 10:28:48 10.200.207.2 systemd[1]: Started Etcd Server.
Jul 16 10:28:48 10.200.207.2 etcd[26450]: serving insecure client requests on 127.0.0.1:2379, this is strongly discouraged!
Jul 16 10:28:48 10.200.207.2 etcd[26450]: set the initial cluster version to 3.4
Jul 16 10:28:48 10.200.207.2 etcd[26450]: enabled capabilities for version 3.4
# netstat -antp | grep 2379
tcp        0      0 127.0.0.1:2379          0.0.0.0:*               LISTEN      26450/etcd          
tcp        0      0 127.0.0.1:35094         127.0.0.1:2379          ESTABLISHED 26450/etcd          
tcp        0      0 127.0.0.1:2379          127.0.0.1:35094         ESTABLISHED 26450/etcd


 
# 创建用户，设置密码
etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --new-user-password=auyd871477sha user add root
# 添加角色
etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --user=root:auyd871477sha role add root
# 授权角色
etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --user=root:auyd871477sha user grant-role root root
# 配置允许登录
etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --user=root:auyd871477sha auth enable
# 查询账号列表，验证root账号是否创建成功
etcdctl --endpoints http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379 --user='root' --password='auyd871477sha'  user list
# 说明
# http://10.1.27.23:2379,http://10.1.27.24:2379,http://10.1.27.25:2379  为3个节点的连接信息，具体可以看每个节点的配置
# auyd871477sha   root的密码
# 其余命令按照样例执行

etcd新增用户

前提是，主机上防火墙，iptabls关闭，要么就设置端口可以访问。


创建用户，设置密码
# etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --new-user-password=auyd871477sha user add root
User root created
 
添加角色
# etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --user=root:auyd871477sha role add root
{"level":"warn","ts":"2024-07-16T10:43:55.774319+0800","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"endpoint://client-b99c1334-e97a-4db8-a518-7daa4232f486/10.200.207.1:2379","attempt":0,"error":"rpc error: code = FailedPrecondition desc = etcdserver: authentication is not enabled"}
Role root created
 
授权角色
# etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --user=root:auyd871477sha user grant-role root root
{"level":"warn","ts":"2024-07-16T10:45:01.539572+0800","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"endpoint://client-96b7c611-46c1-4744-a997-f6c0f55dee0c/10.200.207.1:2379","attempt":0,"error":"rpc error: code = FailedPrecondition desc = etcdserver: authentication is not enabled"}
Role root is granted to user root
 
设置允许登陆
# etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --user=root:auyd871477sha auth enable
{"level":"warn","ts":"2024-07-16T10:45:24.638387+0800","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"endpoint://client-7f3bb6ef-11f0-44f1-875f-e17108e25fc8/10.200.207.1:2379","attempt":0,"error":"rpc error: code = FailedPrecondition desc = etcdserver: authentication is not enabled"}
Authentication Enabled
 
查询账号列表，验证root账号是否创建成功
# etcdctl --endpoints http://10.200.207.1:2379,http://10.200.207.2:2379,http://10.200.207.3:2379 --user='root' --password='auyd871477sha'  user list
root

相关阅读:
主流MQ对比和选型
 在线协作工具都有哪些？推荐这10款
 一文学会鉴别“套壳”ChatGPT模型
 第二期书生浦语大模型训练营第四次笔记
 1.8 打好shell基础
 Zabbix技术分享——如何配置SNMPTrap监控
 WebSocket 心跳机制如何实现
 【问题总结】为什么路由器可以互联下三层不同的协议？【从隔离冲突域和广播域的角度分析】【数据传输过程】
Datawhale团队第八期录取名单！
详解欧拉计划第622题：完美洗牌
原文地址：https://blog.csdn.net/red_sky_blue/article/details/140457478