Docker环境下的etcd集群的搭建

2024-01-20 18:29:22

基于centos容器运行etcd集群,默认2379端口是客户监听端口,2380是集群监听端口

docker run –name etcd_1 –p 12379:2379 –p 12380:2380 –it centos /bin/bash
docker run –name etcd_2 –p 22379:2379 –p 22380:2380 –it centos /bin/bash
docker run –name etcd_3 –p 32379:2379 –p 32380:2380 –it centos /bin/bash

不带ssl证书的集群搭建,三个容器都要启动

./etcd -name etcd_1 \
  -advertise-client-urls https://0.0.0.0:2379 \
  -listen-client-urls https://0.0.0.0:2379 \
  -listen-peer-urls https://0.0.0.0:2380 \
  -initial-advertise-peer-urls https://0.0.0.0:12380 \
  -initial-cluster-token etcd-cluster \
  -initial-cluster "etcd_1=http://0.0.0.0:12380,etcd_2=http://0.0.0.0:22380,etcd_3=http://0.0.0.0:32380" \
  -initial-cluster-state new

带ssl证书的集群搭建,三个容器都要启动

./etcd -name etcd_1 \
  --auto-tls=true \
  --client-cert-auth=true \
  --cert-file=/ssl/server.pem \
  --key-file=/ssl/server-key.pem \
  --trusted-ca-file=/ssl/ca.pem \
  --peer-auto-tls=true \
  --peer-cert-file=/ssl/peer.pem \
  --peer-key-file=/ssl/peer-key.pem \
  --peer-client-cert-auth=true \
  --peer-trusted-ca-file=/ssl/ca.pem \
  -advertise-client-urls https://0.0.0.0:2379 \
  -listen-client-urls https://0.0.0.0:2379 \
  -listen-peer-urls https://0.0.0.0:2380 \
  -initial-advertise-peer-urls https://0.0.0.0:12380 \
  -initial-cluster-token etcd-cluster \
  -initial-cluster "etcd_1=https://0.0.0.0:12380,etcd_2=https://0.0.0.0:22380,etcd_3=https://0.0.0.0:32380" \
  -initial-cluster-state new

注意-initial-advertise-peer-urls字段,-initial-cluster字段填写宿主机的ip地址

不带证书检查集群的状态

./etcdctl endpoint status

带证书检查集群的状态

./etcdctl \
  --cacert=/ssl/ca.pem \
  --cert=/ssl/server.pem \
  --key=/ssl/server-key.pem \
  --endpoints=https://127.0.0.1:2379 \
  endpoint status
上一篇:etcd raft 处理流程图系列2-transport


下一篇:Etcd+Confd实现配置文件变化自动更新prometheus服务