Etcd:修订间差异
跳到导航
跳到搜索
此页面具有访问限制。如果您看见此消息,则说明您没有权限访问此页面。
(→DNS) |
(→DNS) |
||
第110行: | 第110行: | ||
多台etcd時可以透過[[DNS]]的<code>SRV</code> record讓client端知道有哪些服務可以用,像是這樣: | 多台etcd時可以透過[[DNS]]的<code>SRV</code> record讓client端知道有哪些服務可以用,像是這樣: | ||
<syntaxhighlight lang=" | <syntaxhighlight lang="bash"> | ||
_etcd-client._tcp.etcd.srv.example.net. 300 IN SRV 1 1 2379 etcd-1.private.example.net. | _etcd-client._tcp.etcd.srv.example.net. 300 IN SRV 1 1 2379 etcd-1.private.example.net. | ||
_etcd-client._tcp.etcd.srv.example.net. 300 IN SRV 1 1 2379 etcd-2.private.example.net. | _etcd-client._tcp.etcd.srv.example.net. 300 IN SRV 1 1 2379 etcd-2.private.example.net. |
2023年10月20日 (五) 14:27的版本
etcd是一套提供给分散式系统用的Key-Value Store。
安装
在Ubuntu下可以直接安装,但要注意目前Ubuntu 22.04还是3.3版,预设会是v2 data,在3.4以后就会是v3 data,会有转移的成本:
sudo apt install -y etcd; sudo apt clean
另外一种方式是安装官方的binary,这边的ETCD_VERSION
可以去GitHub上翻目前最新的版本:
ETCD_VERSION=3.5.9; cd /tmp; wget https://github.com/etcd-io/etcd/releases/download/v${ETCD_VERSION}/etcd-v${ETCD_VERSION}-linux-amd64.tar.gz; tar xvf etcd-v${ETCD_VERSION}-linux-amd64.tar.gz; cd etcd-v${ETCD_VERSION}-linux-amd64; sudo cp etcd etcdctl etcdutl /usr/bin
设定
如果是Ubuntu套件安装的可以先跳过这段,如果是透过binary安装的可以把systemd的设定放在/etc/systemd/system/etcd.service
下(这其实是从Ubuntu套件里捞出来的):
[Unit]
Description=etcd - highly-available key value store
Documentation=https://etcd.io/docs
Documentation=man:etcd
After=network.target
Wants=network-online.target
[Service]
Environment=DAEMON_ARGS=
Environment=ETCD_NAME=%H
Environment=ETCD_DATA_DIR=/var/lib/etcd/default
EnvironmentFile=-/etc/default/%p
Type=notify
User=etcd
PermissionsStartOnly=true
#ExecStart=/bin/sh -c "GOMAXPROCS=$(nproc) /usr/bin/etcd $DAEMON_ARGS"
ExecStart=/usr/bin/etcd $DAEMON_ARGS
Restart=on-abnormal
#RestartSec=10s
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
Alias=etcd2.service
另外建立/etc/default/etcd
(要记得改ETCD_INITIAL_ADVERTISE_PEER_URLS
、ETCD_LISTEN_PEER_URLS
与ETCD_NAME
):
#
ETCD_ADVERTISE_CLIENT_URLS="http://10.1.2.3:2379"
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://10.1.2.3:2380"
ETCD_INITIAL_CLUSTER="etcd-1-dev=http://10.1.2.3:2380,etcd-2-dev=http://10.1.2.4:2380,etcd-3-dev=http://10.1.2.5:2380"
ETCD_INITIAL_CLUSTER_STATE="new"
ETCD_INITIAL_CLUSTER_TOKEN="x"
ETCD_LISTEN_CLIENT_URLS="http://10.1.2.3:2379"
ETCD_LISTEN_PEER_URLS="http://10.1.2.3:2380"
ETCD_NAME="etcd-1-dev"
然后建立对应的使用者与群组,并且设定跑起来:
sudo groupadd -r etcd; sudo useradd -r -g etcd etcd; sudo mkdir /var/lib/etcd; sudo chown etcd:etcd /var/lib/etcd; sudo systemctl daemon-reload; sudo systemctl enable --now etcd
跑一次让cluster建立后就可以把new
改成existing
,避免其他的机器加入:
sudo sed -i 's/new/existing/' /etc/default/etcd; sudo service etcd restart
Auditing
如果有Auditing需求,目前etcd只能透过把log开到debug等级才有办法记录。透过修改/etc/default/etcd
,增加:
DAEMON_ARGS="--log-level debug"
另外开一个/etc/rsyslog.d/30-etcd.conf
:
if $programname == 'etcd' then /var/log/etcd.log
& stop
以及对应的/etc/logrotate.d/etcd
:
/var/log/etcd
{
rotate 4
weekly
missingok
notifempty
compress
delaycompress
sharedscripts
postrotate
/usr/lib/rsyslog/rsyslog-rotate
endscript
}
DNS
多台etcd时可以透过DNS的SRV
record让client端知道有哪些服务可以用,像是这样:
_etcd-client._tcp.etcd.srv.example.net. 300 IN SRV 1 1 2379 etcd-1.private.example.net.
_etcd-client._tcp.etcd.srv.example.net. 300 IN SRV 1 1 2379 etcd-2.private.example.net.
_etcd-client._tcp.etcd.srv.example.net. 300 IN SRV 1 1 2379 etcd-3.private.example.net.
这样etcdctl
就可以用-d etcd.srv.example.net
指定服务的接口:
etcdctl -d etcd.srv.example.net member list
操作
先看有哪些机器活着:
etcdctl --endpoints=10.1.2.3:2379 member list
如果DNS record已经设定好,可以用-d etcd.srv.example.net
指定cluster,而非单一服务器:
etcdctl -d etcd.srv.example.net member list
接着可以测试:
etcdctl --endpoints=10.1.2.3:2379 put foo test1234
etcdctl --endpoints=10.1.2.3:2379 get foo
etcdctl --endpoints=10.1.2.4:2379 get foo
etcdctl --endpoints=10.1.2.5:2379 get foo
etcdctl --endpoints=10.1.2.3:2379 del foo
etcdctl --endpoints=10.1.2.3:2379 get foo