etcd集群移除/添加节点

###

一、etcd集群移除节点

1、查看集群节点

[root@linux-node1 ~]# etcdctl --endpoints=https://192.168.56.11:2379 --ca-file=/opt/kubernetes/ssl/ca.pem --cert-file=/opt/kubernetes/ssl/etcd.pem --key-file=/opt/kubernetes/ssl/etcd-key.pem    member list  
435fb0a8da627a4c: name=etcd-node2 peerURLs=https://192.168.56.12:2380 clientURLs=https://192.168.56.12:2379 isLeader=false
6566e06d7343e1bb: name=etcd-node1 peerURLs=https://192.168.56.11:2380 clientURLs=https://192.168.56.11:2379 isLeader=true
65421783297483vb: name=etcd-node3 peerURLs=https://192.168.56.13:2380 clientURLs=https://192.168.56.13:2379 isLeader=false

2、删除节点

etcdctl member remove 65421783297483vb

3、再次查看集群,此节点已删除

[root@linux-node1 ~]# etcdctl --endpoints=https://192.168.56.11:2379 --ca-file=/opt/kubernetes/ssl/ca.pem --cert-file=/opt/kubernetes/ssl/etcd.pem --key-file=/opt/kubernetes/ssl/etcd-key.pem    member list  
435fb0a8da627a4c: name=etcd-node2 peerURLs=https://192.168.56.12:2380 clientURLs=https://192.168.56.12:2379 isLeader=false
6566e06d7343e1bb: name=etcd-node1 peerURLs=https://192.168.56.11:2380 clientURLs=https://192.168.56.11:2379 isLeader=true
修改配置文件etcd.conf,修改参数ETCD_INITIAL_CLUSTER并移除节点信息,重启etcd服务

二、etcd集群添加节点(带安装认证)  

1、查看集群状态

[root@uat-master02 ssl]# etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem   --endpoints="https://192.168.100.241:2379" member list
3c76e8c4b45726d7: name=etcd3 peerURLs=https://192.168.100.243:2380 clientURLs=https://192.168.100.243:2379 isLeader=false
95f01613d6ad24f5: name=etcd2 peerURLs=https://192.168.100.242:2380 clientURLs=https://192.168.100.242:2379 isLeader=true
a44b7472fb6879b5: name=etcd1 peerURLs=https://192.168.100.241:2380 clientURLs=https://192.168.100.241:2379 isLeader=false

2、重新生成server证书

#########因为在创建旧集群时etcd.json里面写了证书认证的hosts要添加新节点须添加进去。重新生成证书
vim etcd.json
{
  "CN": "etcd",
  "hosts": [
        "192.168.100.241",
        "192.168.100.242",
        "192.168.100.243",
        # 这下面为新添加(一次把要添加的都写上)
        "192.168.100.244",  
   ],
  "key": {
  "algo": "rsa",
  "size": 2048
  },
  "names": [
    {
      "C": "CN",
      "ST": "BeiJing",
      "L": "BeiJing",
      "O": "k8s",
      "OU": "System"
    }
  ]
}
####################生成新证书
cfssl gencert -ca=/opt/kubernetes/ssl/ca.pem -ca-key=/opt/kubernetes/ssl/ca-key.pem -config=/opt/kubernetes/ssl/ca-config.json -profile=kubernetes etcd.json | cfssljson -bare etcd
####################复制证书到所有节点
scp etcd*.pem  192.168.100.241:/opt/kubernetes/ssl
scp etcd*.pem  192.168.100.242:/opt/kubernetes/ssl
scp etcd*.pem  192.168.100.243:/opt/kubernetes/ssl
scp etcd*.pem  192.168.100.244:/opt/kubernetes/ssl
#############重启现有节点etcd
systemctl restart etcd

3、添加新节点

# etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem   --endpoints="https://192.168.100.241:2379"   member add etcd4 https://192.168.100.244

Added member named etcd4 with ID e4af0c810ebe26da to cluster

ETCD_NAME="etcd4"
ETCD_INITIAL_CLUSTER="etcd1=https://192.168.100.241:2380,etcd2=https://192.168.100.242:2380,etcd3=https://192.168.100.243:2380,etcd4=https://192.168.100.244:2380"
ETCD_INITIAL_CLUSTER_STATE="existing"

********新节点的etcd配置文件必须包括以上输出内容*********

4、修改新节点配置并启动

############启动新节点, 注意新节点必须指定 --initial-cluster-state[--initial-cluster-state=existing]
[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target
Documentation=https://github.com/coreos
[Service]
Type=notify
WorkingDirectory=/data/etcd/
ExecStart=/data/etcd/bin/etcd 
  --name=etcd2 
  --cert-file=/data/etcd/ssl/server.pem 
  --key-file=/data/etcd/ssl/server-key.pem 
  --peer-cert-file=/data/etcd/ssl/peer.pem 
  --peer-key-file=/data/etcd/ssl/peer-key.pem 
  --trusted-ca-file=/data/etcd/ssl/ca.pem 
  --peer-trusted-ca-file=/data/etcd/ssl/ca.pem 
  --initial-advertise-peer-urls=https://192.168.100.244:2380 
  --listen-peer-urls=https://192.168.100.244:2380 
  --listen-client-urls=https://192.168.100.244:2379 
  --advertise-client-urls=https://192.168.100.244:2379 
  --initial-cluster-token=etcd-cluster-0 
  --initial-cluster=etcd1=https://192.168.100.241:2380,etcd2=https://192.168.100.242:2380,etcd3=https://192.168.100.243:2380,etcd4=https://192.168.100.244:2380, 
  --initial-cluster-state=existing 
  --data-dir=/data/etcd 
  --snapshot-count=50000 
  --auto-compaction-retention=1 
  --max-request-bytes=10485760 
  --quota-backend-bytes=8589934592
Restart=always
RestartSec=15
LimitNOFILE=65536
OOMScoreAdjust=-999

[Install]
WantedBy=multi-user.target
################################启动
systemctl start etcd
systemctl enable etcd

5、查看节点信息

[root@uat-master02 ssl]# ../bin/etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem   --endpoints="https://192.168.100.241:2379" member list
3c76e8c4b45726d7: name=etcd3 peerURLs=https://192.168.100.243:2380 clientURLs=https://192.168.100.243:2379 isLeader=false
95f01613d6ad24f5: name=etcd2 peerURLs=https://192.168.100.242:2380 clientURLs=https://192.168.100.242:2379 isLeader=true
a44b7472fb6879b5: name=etcd1 peerURLs=https://192.168.100.241:2380 clientURLs=https://192.168.100.241:2379 isLeader=false
e4af0c810ebe26da: name=etcd4 peerURLs=https://192.168.100.244:2380 clientURLs=https://192.168.100.244:2379 isLeader=false
***修改所有节点启动文件
***所有节点启动文件都修改–initial-cluster
***把所有节点都添加进去,以后重启服务还能直接生效

  

三、etcd集群添加节点(不带安装认证)

1、查看当前集群节点信息

# etcdctl member list --write-out=table
+------------------+---------+--------------------+--------------------------------+-----------------------------------------------------+------------+
|        ID        | STATUS  |        NAME        |           PEER ADDRS           |                    CLIENT ADDRS                     | IS LEARNER |
+------------------+---------+--------------------+--------------------------------+-----------------------------------------------------+------------+
| 44d8bc3300880bcd | started | sht-sgmhadoopdn-01 | http://sht-sgmhadoopdn-01:2380 | http://10.0.0.1:2379,http://sht-sgmhadoopdn-01:2379 |      false |
| d446fbe3296eb85a | started | sht-sgmhadoopdn-03 | http://sht-sgmhadoopdn-03:2380 | http://10.0.0.1:2379,http://sht-sgmhadoopdn-02:2379 |      false |
| e9136c1ad1754783 | started | sht-sgmhadoopdn-02 | http://sht-sgmhadoopdn-02:2380 | http://10.0.0.1:2379,http://sht-sgmhadoopdn-02:2379 |      false |
+------------------+---------+--------------------+--------------------------------+-----------------------------------------------------+------------+

2、添加新节点sht-sgmhadoopdn-04(172.16.101.66)

######添加集群节点对应hosts文件解析
# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.101.58    sht-sgmhadoopdn-01
172.16.101.59    sht-sgmhadoopdn-02
172.16.101.60    sht-sgmhadoopdn-03
172.16.101.66    sht-sgmhadoopdn-04
######在现有集群接点添加新节点
# etcdctl member add sht-sgmhadoopdn-04 --peer-urls="http://sht-sgmhadoopdn-04:2380"
Member 7796493c3943f891 added to cluster 69bef0b9ccf44365

ETCD_NAME="sht-sgmhadoopdn-04"
ETCD_INITIAL_CLUSTER="sht-sgmhadoopdn-01=http://sht-sgmhadoopdn-01:2380,sht-sgmhadoopdn-04=http://sht-sgmhadoopdn-04:2380,sht-sgmhadoopdn-03=http://sht-sgmhadoopdn-03:2380,sht-sgmhadoopdn-02=http://sht-sgmhadoopdn-02:2380"
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://sht-sgmhadoopdn-04:2380"
ETCD_INITIAL_CLUSTER_STATE="existing"

********新节点的etcd配置文件必须包括以上输出内容*********

3、查看当前集群信息

# etcdctl member list --write-out=table
+------------------+-----------+--------------------+--------------------------------+-----------------------------------------------------+------------+
|        ID        |  STATUS   |        NAME        |           PEER ADDRS           |                    CLIENT ADDRS                     | IS LEARNER |
+------------------+-----------+--------------------+--------------------------------+-----------------------------------------------------+------------+
| 44d8bc3300880bcd |   started | sht-sgmhadoopdn-01 | http://sht-sgmhadoopdn-01:2380 | http://10.0.0.1:2379,http://sht-sgmhadoopdn-01:2379 |      false |
| 7796493c3943f891 | unstarted |                    | http://sht-sgmhadoopdn-04:2380 |                                                     |      false |
| d446fbe3296eb85a |   started | sht-sgmhadoopdn-03 | http://sht-sgmhadoopdn-03:2380 | http://10.0.0.1:2379,http://sht-sgmhadoopdn-02:2379 |      false |
| e9136c1ad1754783 |   started | sht-sgmhadoopdn-02 | http://sht-sgmhadoopdn-02:2380 | http://10.0.0.1:2379,http://sht-sgmhadoopdn-02:2379 |      false |
+------------------+-----------+--------------------+--------------------------------+-----------------------------------------------------+------------+

4、新节点配置etcd

###################etcd系统服务文件
# cat /usr/lib/systemd/system/etcd.service
[Unit]
Description=etcd service
Documentation=https://github.com/etcd-io/etcd
After=network.target
After=network-online.target
Wants=network-online.target
[Service]
User=tnuser
Type=notify
EnvironmentFile=/usr/local/etcd/etcd.conf
WorkingDirectory=/usr/local/etcd
ExecStart=/usr/local/etcd/etcd
Restart=always
RestartSec=10s
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
##############################etcd配置文件
# cat /usr/local/etcd/etcd.conf
ETCD_NAME="sht-sgmhadoopdn-04"
ETCD_DATA_DIR="/usr/local/etcd/data"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="existing"
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS="http://sht-sgmhadoopdn-01:2379,http://10.0.0.1:2379"
ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380"
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://sht-sgmhadoopdn-04:2380"
ETCD_INITIAL_CLUSTER="sht-sgmhadoopdn-01=http://sht-sgmhadoopdn-01:2380,sht-sgmhadoopdn-02=http://sht-sgmhadoopdn-02:2380,sht-sgmhadoopdn-03=http://sht-sgmhadoopdn-03:2380,sht-sgmhadoopdn-04=http://sht-sgmhadoopdn-04:2380"
ETCD_ENABLE_V2="true"
########################启动新节点
# systemctl start etcd

5、再次查看集群状态

# etcdctl member list --write-out=table
+------------------+---------+--------------------+--------------------------------+-----------------------------------------------------+------------+
|        ID        | STATUS  |        NAME        |           PEER ADDRS           |                    CLIENT ADDRS                     | IS LEARNER |
+------------------+---------+--------------------+--------------------------------+-----------------------------------------------------+------------+
| 44d8bc3300880bcd | started | sht-sgmhadoopdn-01 | http://sht-sgmhadoopdn-01:2380 | http://10.0.0.1:2379,http://sht-sgmhadoopdn-01:2379 |      false |
| 7796493c3943f891 | started | sht-sgmhadoopdn-04 | http://sht-sgmhadoopdn-04:2380 | http://10.0.0.1:2379,http://sht-sgmhadoopdn-01:2379 |      false |
| d446fbe3296eb85a | started | sht-sgmhadoopdn-03 | http://sht-sgmhadoopdn-03:2380 | http://10.0.0.1:2379,http://sht-sgmhadoopdn-02:2379 |      false |
| e9136c1ad1754783 | started | sht-sgmhadoopdn-02 | http://sht-sgmhadoopdn-02:2380 | http://10.0.0.1:2379,http://sht-sgmhadoopdn-02:2379 |      false |
+------------------+---------+--------------------+--------------------------------+-----------------------------------------------------+------------+
****将各节点etcd.conf配置文件的变量ETCD_INITIAL_CLUSTER添加新节点信息,然后依次重启。

 

###

【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/faithH/p/12119063.html