Here the ETCD cluster is multiplexed with the 3 nodes that we tested, 3 node to install and start, note to modify the configuration file
1, TLS certification file distribution: ETCD cluster authentication, in addition to the native, distributed to other node nodes
SCP ca.pem KUBERNETES-KEY.PEM Kubernetes.pem [email protected]10.10. 90.106:/etc/kubernetes/SSLSCP ca.pem KUBERNETES-KEY.PEM Kubernetes.pem [email protected] 10.10. 90.107:/etc/kubernetes/ssl
2. Install the ETCD, the Yum installation method used here
#查询版本是否合适, I am here 3.2.9 Version Yum Info ETCD #安装 Yum Install ETCD
If using Yum installation, the default ETCD command will be in the /usr/bin
directory, notice that the 的etcd.service
Start command address in the following file is modified to/usr/bin/etcd
3. Create ETCD systemd Unit file (CENTOS7 service definition file)
File location:/usr/lib/systemd/system/etcd.service, default this file exists, delete rebuild.
[Unit]description=ETCD Serverafter=Network.targetafter=network-online.targetwants=network-online.targetdocumentation=https://Github.com/coreos[Service]type=notifyworkingdirectory=/var/lib/etcd/Environmentfile=-/etc/etcd/Etcd.confexecstart=/usr/bin/Etcd--name etcd-host0--cert-file=/etc/kubernetes/ssl/Kubernetes.pem--key-file=/etc/kubernetes/ssl/kubernetes-Key.pem--peer-cert-file=/etc/kubernetes/ssl/Kubernetes.pem--peer-key-file=/etc/kubernetes/ssl/kubernetes-Key.pem--trusted-ca-file=/etc/kubernetes/ssl/Ca.pem--peer-trusted-ca-file=/etc/kubernetes/ssl/Ca.pem--initial-advertise-peer-urls https://10.10.90.105:2380 \--listen-peer-urls https://10.10.90.105:2380 \--listen-client-urls https://10.10.90.105:2379,http://127.0.0.1: 2379 \--advertise-client-urls https://10.10.90.105:2379 \--initial-cluster-token etcd-cluster-0 --initial-cluster Etcd-host0=https://10.10.90.105:2380,etcd-host1=https://10.10.90.106: 2380,etcd-host2=https://10.10.90.107: 2380 \--initial-cluster-State New--data-dir=/var/lib/Etcdrestart=on-failurerestartsec=5Limitnofile=65536[Install]wantedby=multi-user.target
Configuration considerations: All nodes must be configured with this file, and note the following 4 considerations.
1, IP address in addition to the Initial-cluster configuration item is configured in the cluster 3 IP address, the other IP is native IP.
2, configuration under the--name must and--initial-cluster configuration items in the corresponding, than the configuration is my master configuration, name is ETCD-HOST0, the following IP corresponding name is also this.
3. Software installed in different ways Execstart program start command path under configuration item Note Modify
4, workingdirectory working directory needs to be created, or start will error.
4. Create ETCD environment variable file
File location:/etc/etcd/etcd.conf,yum The file will exist after installation, and you can delete the rebuild.
# [Member]etcd_name=Infra1etcd_data_dir="/var/lib/etcd"Etcd_listen_peer_urls="https://10.10.90.105:2380"Etcd_listen_client_urls="https://10.10.90.105:2379"#[cluster]etcd_initial_advertise_peer_urls="https://10.10.90.105:2380"Etcd_initial_cluster_token="Etcd-cluster"Etcd_advertise_client_urls="https://10.10.90.105:2379"
Precautions:
1, again remind Etcd_data_dir must exist, the other IP address is replaced by the local, maser and node nodes need to be configured
2, Etcd_name according to ETCD system service inside the configuration one by one corresponds, respectively is INFRA1,INFRA2,INFRA3
5. Set boot and start ETCD
Systemctl daemon-reloadsystemctl enable etcdsystemctl start Etcdsystemctl status Etcd
6, detection of cluster work
At any node, either master or node, execute the following command
Etcdctl --ca-file=/etc/kubernetes/ssl/ca.pem --cert-file=/etc/kubernetes/ssl/ Kubernetes.pem --key-file=/etc/kubernetes/ssl/kubernetes-key.pem cluster- Health
If the output resembles the following as in the case, it represents success:
As a result, the last behavior cluster is healthy
indicates that the Cluster service is healthy
Precautions:
1, it is recommended that all nodes are run once for testing, I maser inspection when the detection of the master itself is linked to a few points, reported unhealthy errors, to see the error after the discovery is using the proxy Internet settings
Originally for the online software set up the Internet agent, need to close the agent, cancel configuration parameters, restart the server to detect success.
Kubernetes (k8s) Installation deployment Process (iii)--Create a highly available ETCD cluster