CC00028.CloudKubernetes——|KuberNetes二进制部署.V06|5台Server|——|etcd配置|
2024-06-06 17:06:13
一、kubernetes系统组件配置
### --- k8s-master01节点etcd.yaml配置~~~ etcd配置大致相同,注意修改每个Master节点的etcd配置的主机名和IP地址### --- k8s-master01.etcd.yaml配置文件[root@k8s-master01 ~]# vim /etc/etcd/etcd.config.yml
name: 'k8s-master01'
data-dir: /var/lib/etcd
wal-dir: /var/lib/etcd/wal
snapshot-count: 5000
heartbeat-interval: 100
election-timeout: 1000
quota-backend-bytes: 0
listen-peer-urls: 'https://192.168.1.11:2380'
listen-client-urls: 'https://192.168.1.11:2379,http://127.0.0.1:2379'
max-snapshots: 3
max-wals: 5
cors:
initial-advertise-peer-urls: 'https://192.168.1.11:2380'
advertise-client-urls: 'https://192.168.1.11:2379'
discovery:
discovery-fallback: 'proxy'
discovery-proxy:
discovery-srv:
initial-cluster: 'k8s-master01=https://192.168.1.11:2380,k8s-master02=https://192.168.1.12:2380,k8s-master03=https://192.168.1.13:2380'
initial-cluster-token: 'etcd-k8s-cluster'
initial-cluster-state: 'new'
strict-reconfig-check: false
enable-v2: true
enable-pprof: true
proxy: 'off'
proxy-failure-wait: 5000
proxy-refresh-interval: 30000
proxy-dial-timeout: 1000
proxy-write-timeout: 5000
proxy-read-timeout: 0
client-transport-security:cert-file: '/etc/kubernetes/pki/etcd/etcd.pem'key-file: '/etc/kubernetes/pki/etcd/etcd-key.pem'client-cert-auth: truetrusted-ca-file: '/etc/kubernetes/pki/etcd/etcd-ca.pem'auto-tls: true
peer-transport-security:cert-file: '/etc/kubernetes/pki/etcd/etcd.pem'key-file: '/etc/kubernetes/pki/etcd/etcd-key.pem'peer-client-cert-auth: truetrusted-ca-file: '/etc/kubernetes/pki/etcd/etcd-ca.pem'auto-tls: true
debug: false
log-package-levels:
log-outputs: [default]
force-new-cluster: false### --- k8s-master02节点etcd.yaml配置:k8s-master02.etcd.yaml配置文件[root@k8s-master02 ~]# vim /etc/etcd/etcd.config.yml
name: 'k8s-master02'
data-dir: /var/lib/etcd
wal-dir: /var/lib/etcd/wal
snapshot-count: 5000
heartbeat-interval: 100
election-timeout: 1000
quota-backend-bytes: 0
listen-peer-urls: 'https://192.168.1.12:2380'
listen-client-urls: 'https://192.168.1.12:2379,http://127.0.0.1:2379'
max-snapshots: 3
max-wals: 5
cors:
initial-advertise-peer-urls: 'https://192.168.1.12:2380'
advertise-client-urls: 'https://192.168.1.12:2379'
discovery:
discovery-fallback: 'proxy'
discovery-proxy:
discovery-srv:
initial-cluster: 'k8s-master01=https://192.168.1.11:2380,k8s-master02=https://192.168.1.12:2380,k8s-master03=https://192.168.1.13:2380'
initial-cluster-token: 'etcd-k8s-cluster'
initial-cluster-state: 'new'
strict-reconfig-check: false
enable-v2: true
enable-pprof: true
proxy: 'off'
proxy-failure-wait: 5000
proxy-refresh-interval: 30000
proxy-dial-timeout: 1000
proxy-write-timeout: 5000
proxy-read-timeout: 0
client-transport-security:cert-file: '/etc/kubernetes/pki/etcd/etcd.pem'key-file: '/etc/kubernetes/pki/etcd/etcd-key.pem'client-cert-auth: truetrusted-ca-file: '/etc/kubernetes/pki/etcd/etcd-ca.pem'auto-tls: true
peer-transport-security:cert-file: '/etc/kubernetes/pki/etcd/etcd.pem'key-file: '/etc/kubernetes/pki/etcd/etcd-key.pem'peer-client-cert-auth: truetrusted-ca-file: '/etc/kubernetes/pki/etcd/etcd-ca.pem'auto-tls: true
debug: false
log-package-levels:
log-outputs: [default]
force-new-cluster: false### --- k8s-master03节点etcd.yaml配置:k8s-master03.etcd.yaml配置文件[root@k8s-master03 ~]# vim /etc/etcd/etcd.config.yml
name: 'k8s-master03'
data-dir: /var/lib/etcd
wal-dir: /var/lib/etcd/wal
snapshot-count: 5000
heartbeat-interval: 100
election-timeout: 1000
quota-backend-bytes: 0
listen-peer-urls: 'https://192.168.1.13:2380'
listen-client-urls: 'https://192.168.1.13:2379,http://127.0.0.1:2379'
max-snapshots: 3
max-wals: 5
cors:
initial-advertise-peer-urls: 'https://192.168.1.13:2380'
advertise-client-urls: 'https://192.168.1.13:2379'
discovery:
discovery-fallback: 'proxy'
discovery-proxy:
discovery-srv:
initial-cluster: 'k8s-master01=https://192.168.1.11:2380,k8s-master02=https://192.168.1.12:2380,k8s-master03=https://192.168.1.13:2380'
initial-cluster-token: 'etcd-k8s-cluster'
initial-cluster-state: 'new'
strict-reconfig-check: false
enable-v2: true
enable-pprof: true
proxy: 'off'
proxy-failure-wait: 5000
proxy-refresh-interval: 30000
proxy-dial-timeout: 1000
proxy-write-timeout: 5000
proxy-read-timeout: 0
client-transport-security:cert-file: '/etc/kubernetes/pki/etcd/etcd.pem'key-file: '/etc/kubernetes/pki/etcd/etcd-key.pem'client-cert-auth: truetrusted-ca-file: '/etc/kubernetes/pki/etcd/etcd-ca.pem'auto-tls: true
peer-transport-security:cert-file: '/etc/kubernetes/pki/etcd/etcd.pem'key-file: '/etc/kubernetes/pki/etcd/etcd-key.pem'peer-client-cert-auth: truetrusted-ca-file: '/etc/kubernetes/pki/etcd/etcd-ca.pem'auto-tls: true
debug: false
log-package-levels:
log-outputs: [default]
force-new-cluster: false二、为etcd创建service并启动
### --- 创建etcd.service
~~~ # 所有etcd节点创建etcd.service.yaml并启动[root@k8s-master01 ~]# vim /usr/lib/systemd/system/etcd.service
[Unit]
Description=Etcd Service
Documentation=https://coreos.com/etcd/docs/latest/
After=network.target[Service]
Type=notify
ExecStart=/usr/local/bin/etcd --config-file=/etc/etcd/etcd.config.yml
Restart=on-failure
RestartSec=10
LimitNOFILE=65536[Install]
WantedBy=multi-user.target
Alias=etcd3.service### --- 所有Master节点创建etcd的证书目录
~~~ # 创建etcd启动目录[root@k8s-master01 ~]# mkdir /etc/kubernetes/pki/etcd~~~ # 创建软连接
[root@k8s-master01 ~]# ln -s /etc/etcd/ssl/* /etc/kubernetes/pki/etcd/~~~ # 启动etcd
[root@k8s-master01 ~]# systemctl daemon-reload
[root@k8s-master01 ~]# systemctl enable --now etcd
~~~ 注:输出结果:
Created symlink from /etc/systemd/system/etcd3.service to /usr/lib/systemd/system/etcd.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/etcd.service to /usr/lib/systemd/system/etcd.service.### --- 查看etcd状态
~~~ # 进入etcdctl.3版本[root@k8s-master01 ~]# export ETCDCTL_API=3~~~ # 查看etcd状态[root@k8s-master01 ~]# etcdctl --endpoints="192.168.1.13:2379,192.168.1.12:2379,192.168.1.11:2379" --cacert=/etc/kubernetes/pki/etcd/etcd-ca.pem --cert=/etc/kubernetes/pki/etcd/etcd.pem --key=/etc/kubernetes/pki/etcd/etcd-key.pem endpoint status --write-out=table
+-------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS |
+-------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
| 192.168.1.13:2379 | 40ba37809e1a423f | 3.4.13 | 20 kB | false | false | 3 | 9 | 9 | |
| 192.168.1.12:2379 | ac7e57d44f030e8 | 3.4.13 | 20 kB | false | false | 3 | 9 | 9 | |
| 192.168.1.11:2379 | ace8d5b0766b3d92 | 3.4.13 | 25 kB | true | false | 3 | 9 | 9 | |
+-------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+CC00028.CloudKubernetes——|KuberNetes二进制部署.V06|5台Server|——|etcd配置|相关推荐
- CC00053.CloudKubernetes——|KuberNetes二进制部署.V06|3台Server|——|etcd配置|
一.kubernetes系统组件配置:ETCD配置 ### --- k8s-master01节点etcd.yaml配置~~~ etcd配置大致相同,注意修改每个Master节点的etcd配置的主机名和 ...
- CC00042.CloudKubernetes——|KuberNetes二进制部署.V20|5台Server|——|kubernetes配置|生产环境关键性配置|
一.生产环境关键性配置 ### --- docker参数配置--所有节点 ~~~ docker参数:所有节点都需要更改.[root@k8s-master01 ~]# vim /etc/docker/d ...
- CC00069.CloudKubernetes——|KuberNetes二进制部署.V22|3台Server|——|TLS_Bootstrapping|自动颁发证书|
一.TLS Bootstrapping自动生成证书流程 ### --- TLS Bootstrapping初始化流程:TLS初始化流程~~~ # Kubelet启动 ~~~ # Kubelet查看ku ...
- CC00070.CloudKubernetes——|KuberNetes二进制部署.V23|3台Server|——|kubernetes部署总结|
一.kubernetes安装总结 ### --- kubernetes安装方式~~~ kubeadm ~~~ 二进制 ~~~ 自动化安装 ### --- kubernetes自动化安装方式~~~ # ...
- CC00045.CloudKubernetes——|KuberNetes二进制部署.V23|5台Server|——|TLS_Bootstrapping|自动颁发证书|
一.TLS Bootstrapping自动生成证书流程 ### --- TLS Bootstrapping初始化流程:TLS初始化流程~~~ # Kubelet启动 ~~~ # Kubelet查看ku ...
- Kubernetes二进制部署——证书的制作和ETCD的部署
Kubernetes二进制部署--证书的制作和ETCD的部署 一.实验环境 自签 SSL 证书 二.ETCD集群部署 1.环境部署 2.master节点 3.node1节点 4.node2节点 5.m ...
- Kubernetes二进制部署——Flannel网络
Kubernetes二进制部署--Flannel网络 一.Flannel简介 二.Flannel原理 三.Flannel的作用 四.Flannel 网络配置 1.node 节点安装 docker 2. ...
- 01 kubernetes二进制部署
kubernetes二进制部署文档-集群部分 文章目录 kubernetes二进制部署文档-集群部分 一.系统规划 1.1 系统组件分布 1.2 部署拓扑 1.3 系统环境 二.初始化系统环境 2.1 ...
- 【重要】kubernetes二进制部署单master节点
目录 1.安装要求 2.安装规划 3.1.分步骤操作 3.2.一键执行脚本 4.1.安装cfssl证书生成工具 4.2.创建认证中心(根CA中心) 4.3.使用自签CA签发Etcd证书 4.4.部署E ...
最新文章
- 写出python中的六种数据类型_python 数据类型1
- Android Linux下开发环境搭建
- 使用 golang 调用consul api 接口,注册user-tomcat服务
- SQLServer 清空某个库所有表
- 体二极管的原理及应用
- latex常用的公式
- SAP License:财务帐与后勤不一致情况
- 生日快乐编程代码_「世界上最好的编程语言」,刚刚度过了25周岁生日
- Mac的shell命令大全
- jmeter录制脚本及操作数据库
- 企业微信消息推送脚本
- 【原创】企业级Linux环境部署(很全、很细)
- android编码技巧_我如何使用编码技巧使航空公司取代丢失的婴儿车
- DIY成本35的自制蓝牙音响
- pandas中merge函数的用法
- Qt其实时报:一下插件错误无法被载入
- python eel_python eel打包问题解决
- opencore 启动总是在win_单双硬盘装Windows/Mac双系统用OpenCore引导菜单添加Windows引导项...
- 服务器虚拟化 魔力象限,Gartner:VMware成虚拟化魔力象限领导者
- 计量经济学计算机输出结果,计量经济学作业结果解析A.doc