etcd作为一个高可用强一致性的服务发现存储仓库,在Kubernetes等开源项目中用的很多,这里简单记录下安装和常用命令以及api
安装
安装包可以从 https://github.com/etcd-io/etcd/releases 选择对应的版本和架构,下载后解压即可,里面有安装包和相关文档,安装和使用其实都可以看这些文档。
为了方便管理弄成了服务,加了一个etcd.service文件
[Unit] Description=Etcd Server After=network.target After=network-online.target Wants=network-online.target [Service] Type=notify WorkingDirectory=/var/lib/etcd/ EnvironmentFile=-/etc/etcd/etcd.conf User=etcd # set GOMAXPROCS to number of processors ExecStart=/bin/bash -c "GOMAXPROCS=$(nproc) /usr/bin/etcd --name=\"${ETCD_NAME}\" --data-dir=\"${ETCD_DATA_DIR}\" --listen-client-urls=\"${ETCD_LISTEN_CLIENT_URLS}\" --listen-peer-urls=\"${ETCD_LISTEN_PEER_URLS}\" --advertise-client-urls=\"${ETCD_ADVERTISE_CLIENT_URLS}\" --initial-advertise-peer-urls=\"${ETCD_INITIAL_ADVERTISE_PEER_URLS}\" --initial-cluster=\"${ETCD_INITIAL_CLUSTER}\" --initial-cluster-state=\"${ETCD_INITIAL_CLUSTER_STATE}\"" Restart=on-failure LimitNOFILE=65536 [Install] WantedBy=multi-user.target
etcd.conf配置文件类似下面这样,每个节点只要修改name和ip就可以,其他的不用动,ETCD_INITIAL_CLUSTER_TOKEN同一各集群值一样,不同集群不能重复。
## 配置文件每个节点只要修改name和ip地址即可
#[Member]
ETCD_NAME=node1
ETCD_DATA_DIR=/var/lib/etcd/data
ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380
ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379
#[cluster]
ETCD_INITIAL_ADVERTISE_PEER_URLS=http://192.168.19.136:2380
ETCD_ADVERTISE_CLIENT_URLS=http://192.168.19.136:2379
ETCD_INITIAL_CLUSTER=node1=http://192.168.19.136:2380,node2=http://192.168.19.137:2380,node3=http://192.168.19.138:2380
ETCD_INITIAL_CLUSTER_STATE=new
#创建集群的 token,这个值每个集群保持唯一
ETCD_INITIAL_CLUSTER_TOKEN=etcd-1
安装方式都差不多,放个例子,都差不多,配置文件那部分自己根据实际情况处理就行了。
## 创建用户和用户组 groupadd etcd; useradd -c "Etcd user" -g etcd -s /sbin/nologin -r etcd; service firewalld stop; ## 创建安装文件夹 mkdir -p /usr/bin/etcd3.3.13/; mkdir -p /etc/etcd/; mkdir -p /var/lib/etcd/data; ## 将文件etcd.service、etcd、etcdctl、etcd.conf上传到/usr/bin/etcd3.3.13/ chmod +x /usr/bin/etcd3.3.13/*; mv /usr/bin/etcd3.3.13/etcd.service /usr/lib/systemd/system/; mv /usr/bin/etcd3.3.13/etcd /usr/bin/; mv /usr/bin/etcd3.3.13/etcdctl /usr/bin/; ## 每个节点配置文件ip地址不一样 mv /usr/bin/etcd3.3.13/etcd1.conf /etc/etcd/etcd.conf; mv /usr/bin/etcd3.3.13/etcd2.conf /etc/etcd/etcd.conf; mv /usr/bin/etcd3.3.13/etcd3.conf /etc/etcd/etcd.conf; chown etcd:etcd -R /var/lib/etcd/data /etc/etcd*; systemctl enable etcd.service; systemctl start etcd.service;
后台命令
etcd命令可以通过etcdctl来执行,具体命令可以查看官方文档,或者 etcdctl -h 来查看。
[root@mmciu0ey-etcd-1wozknhx ~]# etcdctl -h NAME: etcdctl - A simple command line client for etcd. WARNING: Environment variable ETCDCTL_API is not set; defaults to etcdctl v2. Set environment variable ETCDCTL_API=3 to use v3 API or ETCDCTL_API=2 to use v2 API. USAGE: etcdctl [global options] command [command options] [arguments...] VERSION: 3.3.13 COMMANDS: backup backup an etcd directory cluster-health check the health of the etcd cluster mk make a new key with a given value mkdir make a new directory rm remove a key or a directory rmdir removes the key if it is an empty directory or a key-value pair get retrieve the value of a key ls retrieve a directory set set the value of a key setdir create a new directory or update an existing directory TTL update update an existing key with a given value updatedir update an existing directory watch watch a key for changes exec-watch watch a key for changes and exec an executable member member add, remove and list subcommands user user add, grant and revoke subcommands role role add, grant and revoke subcommands auth overall auth controls help, h Shows a list of commands or help for one command GLOBAL OPTIONS: --debug output cURL commands which can be used to reproduce the request --no-sync don't synchronize cluster information before sending request --output simple, -o simple output response in the given format (simple, `extended` or `json`) (default: "simple") --discovery-srv value, -D value domain name to query for SRV records describing cluster endpoints --insecure-discovery accept insecure SRV records describing cluster endpoints --peers value, -C value DEPRECATED - "--endpoints" should be used instead --endpoint value DEPRECATED - "--endpoints" should be used instead --endpoints value a comma-delimited list of machine addresses in the cluster (default: "http://127.0.0.1:2379,http://127.0.0.1:4001") --cert-file value identify HTTPS client using this SSL certificate file --key-file value identify HTTPS client using this SSL key file --ca-file value verify certificates of HTTPS-enabled servers using this CA bundle --username value, -u value provide username[:password] and prompt if password is not supplied. --timeout value connection timeout per request (default: 2s) --total-timeout value timeout for the command execution (except watch) (default: 5s) --help, -h show help --version, -v print the version
上面讲全部命令列出来了,下面简单列几个测试集群是否可用的命令
查看版本
[root@mmciu0ey-etcd-1wozknhx ~]# etcdctl -v etcdctl version: 3.3.13 API version: 2
查看集群状态和节点
[root@mmciu0ey-etcd-1wozknhx ~]# etcdctl member list 30cb389c276fa5c7: name=mmciu0ey-etcd-1wozknhx peerURLs=http://10.110.30.176:2380 clientURLs=http://10.110.30.176:2379 isLeader=false 37fc143ccb26ac52: name=mmciu0ey-etcd-3rxlbch2 peerURLs=http://10.110.30.179:2380 clientURLs=http://10.110.30.179:2379 isLeader=false 9d7e46ee039599cd: name=mmciu0ey-etcd-bxi55glw peerURLs=http://10.110.30.183:2380 clientURLs=http://10.110.30.183:2379 isLeader=true
插入一条数据
[root@mmciu0ey-etcd-1wozknhx ~]# etcdctl set foo bar
bar
根据key查询数据
[root@mmciu0ey-etcd-1wozknhx ~]# etcdctl get foo
bar
key不存在是提示错误
[root@mmciu0ey-etcd-1wozknhx ~]# etcdctl get foo1
Error: 100: Key not found (/foo1) [15]
删除一条数据
[root@mmciu0ey-etcd-1wozknhx ~]# etcdctl rm foo1 PrevNode.Value: bar
也支持通过restAPI来操作,可以测试从集群外访问是否正常,例如下面几个
查看版本get:http://10.110.30.183:2379/version
插入一个键值对put: http://10.110.30.183:2379/v2/keys/foo?value=bar
查询一个键get: http://10.110.30.179:2379/v2/keys/foo
查看集群的状态get:http://10.110.30.183:2379/v2/stats/store
