etcd 集群
Name | Address | Hostname |
|---|---|---|
infra0 | 172.16.59.31 | infra0.example.com |
infra1 | 172.16.59.32 | infra1.example.com |
infra2 | 172.16.59.33 | infra2.example.com |
https://etcd.io/docs/v3.5/install/
As we know the cluster members, their addresses and the size of the cluster before starting, we can use an offline bootstrap configuration by setting the initial-cluster flag. Each machine will get either the following environment variables or command line:
由于我们在启动之前了解了集群成员、它们的地址和集群的大小,因此我们可以通过设置初始集群标志来使用脱机引导配置。每台计算机都将获取以下环境变量或命令行:
代码语言:javascript复制ETCD_INITIAL_CLUSTER="infra0=http://172.16.59.33:2380,infra1=http://172.16.59.34:2380,infra2=http://172.16.59.35:2380"
ETCD_INITIAL_CLUSTER_STATE=new--initial-cluster infra0=http://172.16.59.33:2380,infra1=http://172.16.59.34:2380,infra2=http://172.16.59.35:2380
--initial-cluster-state newNote that the URLs specified in initial-cluster are the advertised peer URLs, i.e. they should match the value of initial-advertise-peer-urls on the respective nodes.
请注意,在初始群集中指定的 URL 是播发的对等 URL,即它们应与相应节点上初始播发对等 URL 的值匹配。
If spinning up multiple clusters (or creating and destroying a single cluster) with same configuration for testing purpose, it is highly recommended that each cluster is given a unique initial-cluster-token. By doing this, etcd can generate unique cluster IDs and member IDs for the clusters even if they otherwise have the exact same configuration. This can protect etcd from cross-cluster-interaction, which might corrupt the clusters.
如果出于测试目的使用相同的配置启动多个集群(或创建和销毁单个集群),则强烈建议为每个集群提供唯一的初始集群令牌。通过这样做,etcd 可以为集群生成唯一的集群 ID 和成员 ID,即使它们具有完全相同的配置。这可以保护 etcd 免受跨集互的影响,这可能会损坏集群。
etcd listens on listen-client-urls to accept client traffic. etcd member advertises the URLs specified in advertise-client-urls to other members, proxies, clients. Please make sure the advertise-client-urls are reachable from intended clients. A common mistake is setting advertise-client-urls to localhost or leave it as default if the remote clients should reach etcd.
On each machine, start etcd with these flags:
etcd 侦听侦听客户端 URL 以接受客户端流量。etcd 成员将广告客户端 URL 中指定的 URL 通告给其他成员、代理、客户端。请确保广告客户端 URL 可从目标客户端访问。一个常见的错误是将 advertise-client-urls 设置为 localhost,或者如果远程客户端应访问 etcd,则将其保留为默认值。
在每台机器上,用以下标志启动 etcd:
代码语言:javascript复制$etcd --name infra0 --initial-advertise-peer-urls http://172.16.59.33:2380
--listen-peer-urls http://172.16.59.33:2380
--listen-client-urls http://172.16.59.33:2379,http://127.0.0.1:2379
--advertise-client-urls http://172.16.59.33:2379
--initial-cluster-token etcd-cluster-1
--initial-cluster infra0=http://172.16.59.33:2380,infra1=http://172.16.59.34:2380,infra2=http://172.16.59.35:2380
--initial-cluster-state new
$etcd --name infra1 --initial-advertise-peer-urls http://172.16.59.34:2380
--listen-peer-urls http://172.16.59.34:2380
--listen-client-urls http://172.16.59.34:2379,http://127.0.0.1:2379
--advertise-client-urls http://172.16.59.34:2379
--initial-cluster-token etcd-cluster-1
--initial-cluster infra0=http://172.16.59.33:2380,infra1=http://172.16.59.34:2380,infra2=http://172.16.59.35:2380
--initial-cluster-state new
$etcd --name infra3 --initial-advertise-peer-urls http://172.16.59.35:2380
--listen-peer-urls http://172.16.59.35:2380
--listen-client-urls http://172.16.59.35:2379,http://127.0.0.1:2379
--advertise-client-urls http://172.16.59.35:2379
--initial-cluster-token etcd-cluster-1
--initial-cluster infra0=http://172.16.59.33:2380,infra1=http://172.16.59.34:2380,infra2=http://172.16.59.35:2380
--initial-cluster-state newThe command line parameters starting with --initial-cluster will be ignored on subsequent runs of etcd. Feel free to remove the environment variables or command line flags after the initial bootstrap process. If the configuration needs changes later (for example, adding or removing members to/from the cluster), see the runtime configuration guide.
以 --initial-cluster 开头的命令行参数将在 etcd 的后续运行中被忽略。在初始引导过程之后,请随意删除环境变量或命令行标志。如果以后需要更改配置(例如,在群集中添加或删除成员),请参阅运行时配置指南。
docker
代码语言:javascript复制 151 sudo yum install -y yum-utils device-mapper-persistent-data lvm2
152 sudo yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
153 sudo sed -i 's download.docker.com mirrors.aliyun.com/docker-ce ' /etc/yum.repos.d/docker-ce.repo
154 sudo yum makecache fast
155 sudo yum -y install docker-ce
156 sudo service docker startcalico
calicoctl 配置文件,存储采用etcd
https://projectcalico.docs.tigera.io/getting-started/clis/calicoctl/configure/etcd
代码语言:javascript复制 /etc/calico/calicoctl.cfgapiVersion: projectcalico.org/v3
kind: CalicoAPIConfig
metadata:
spec:
etcdEndpoints: http://172.16.59.33:2380,http://172.16.59.34:2380,http://172.16.59.35:2380启动节点calico 节点
代码语言:javascript复制[root@172-16-59-32 calicoctl]# ./calicoctl-linux-amd64 node run --ip=172.16.59.32
Running command to load modules: modprobe -a xt_set ip6_tables
Enabling IPv4 forwarding
Enabling IPv6 forwarding
Increasing conntrack limit
Removing old calico-node container (if running).
Running the following command to start calico-node:
docker run --net=host --privileged --name=calico-node -d --restart=always -e ETCD_ENDPOINTS=http://172.16.59.33:2380,http://172.16.59.34:2380,http://172.16.59.35:2380 -e ETCD_DISCOVERY_SRV= -e NODENAME=172-16-59-32 -e CALICO_NETWORKING_BACKEND=bird -e IP=172.16.59.32 -v /var/log/calico:/var/log/calico -v /var/run/calico:/var/run/calico -v /var/lib/calico:/var/lib/calico -v /lib/modules:/lib/modules -v /run:/run quay.io/calico/node:latest
Image may take a short time to download if it is not available locally.
Container started, checking progress logs.
2022-03-29 07:53:30.455 [INFO][10] startup/startup.go 396: Early log level set to info
2022-03-29 07:53:30.456 [INFO][10] startup/utils.go 126: Using NODENAME environment for node name 172-16-59-32
2022-03-29 07:53:30.456 [INFO][10] startup/utils.go 138: Determined node name: 172-16-59-32
2022-03-29 07:53:30.456 [INFO][10] startup/startup.go 98: Starting node 172-16-59-32 with version v3.21.1
2022-03-29 07:53:30.456 [INFO][10] startup/startup.go 110: Skipping datastore connection test
2022-03-29 07:53:30.481 [INFO][10] startup/startup.go 439: Building new node resource Name="172-16-59-32"
2022-03-29 07:53:30.481 [INFO][10] startup/startup.go 454: Initialize BGP data
2022-03-29 07:53:30.482 [INFO][10] startup/startup.go 1329: Including CIDR information from host interface. CIDR="172.16.59.32/24"
2022-03-29 07:53:30.482 [INFO][10] startup/startup.go 554: Using IPv4 address from environment: IP=172.16.59.32/24
2022-03-29 07:53:30.482 [INFO][10] startup/startup.go 530: Node IPv4 changed, will check for conflicts
2022-03-29 07:53:30.486 [INFO][10] startup/startup.go 790: No AS number configured on node resource, using global value
2022-03-29 07:53:30.546 [INFO][10] startup/startup.go 906: Selected default IP pool is '192.168.0.0/16'
2022-03-29 07:53:30.546 [INFO][10] startup/startup.go 651: CALICO_IPV4POOL_NAT_OUTGOING is true (defaulted) through environment variable
2022-03-29 07:53:30.546 [INFO][10] startup/startup.go 992: Ensure default IPv4 pool is created. IPIP mode: Never, VXLAN mode: Never
2022-03-29 07:53:30.555 [INFO][10] startup/startup.go 1002: Created default IPv4 pool (192.168.0.0/16) with NAT outgoing true. IPIP mode: Never, VXLAN mode: Never
2022-03-29 07:53:30.555 [INFO][10] startup/startup.go 651: FELIX_IPV6SUPPORT is true (defaulted) through environment variable
2022-03-29 07:53:30.555 [INFO][10] startup/startup_linux.go 99: IPv6 supported on this platform: true
2022-03-29 07:53:30.555 [INFO][10] startup/startup.go 651: CALICO_IPV6POOL_NAT_OUTGOING is false (defaulted) through environment variable
2022-03-29 07:53:30.555 [INFO][10] startup/startup.go 992: Ensure default IPv6 pool is created. IPIP mode: Never, VXLAN mode: Never
2022-03-29 07:53:30.566 [INFO][10] startup/startup.go 1002: Created default IPv6 pool (fd69:9dec:d5c4::/48) with NAT outgoing false. IPIP mode: Never, VXLAN mode: Never
2022-03-29 07:53:30.589 [INFO][10] startup/startup.go 208: Using node name: 172-16-59-32
Calico node started successfully
