etcd集群新增节点和删除节点
现在的集群信息是:
新增节点
1、下载etcd二进制包
wget https://github.com/etcd-io/etcd/releases/download/v3.5.15/etcd-v3.5.15-linux-amd64.tar.gz
2、创建etcd目录
mkdir -p /data/etcd/{data,ssl,bin}
3、解压并移动etcd命令至etcd目录
tar zxf etcd-v3.5.15-linux-amd64.tar.gz
cp etcd-v3.5.15-linux-amd64/etcd* /data/etcd/bin/
4、配置环境变量
echo "export PATH=/data/etcd/bin:\$PATH" > /etc/profile.d/etcd.sh source /etc/profile.d/etcd.sh
5、cp证书文件
scp etcd1:/data/etcd/ssl/*.pem /data/etcd/ssl/
6、复制配置文件
scp etcd1:/usr/lib/systemd/system/etcd.service /usr/lib/systemd/system/
7、修改配置文件
vim /usr/lib/systemd/system/etcd.service
[Service] Type=notify ExecStart=/data/etcd/bin/etcd \ --name=etcd4 \ --cert-file=/data/etcd/ssl/server.pem \ --key-file=/data/etcd/ssl/server-key.pem \ --peer-cert-file=/data/etcd/ssl/server.pem \ --peer-key-file=/data/etcd/ssl/server-key.pem \ --trusted-ca-file=/data/etcd/ssl/ca.pem \ --peer-trusted-ca-file=/data/etcd/ssl/ca.pem \ --peer-client-cert-auth \ --client-cert-auth \ --initial-advertise-peer-urls=https://192.168.110.17:2380 \ --listen-peer-urls=https://192.168.110.17:2380 \ --listen-client-urls=https://192.168.110.17:2379,https://127.0.0.1:2379 \ --advertise-client-urls=https://192.168.110.17:2379 \ --initial-cluster-token=etcd-cluster-1 \ --initial-cluster=etcd1=https://192.168.110.12:2380,etcd2=https://192.168.110.13:2380,etcd3=https://192.168.110.15:2380,etcd4=https://192.168.110.17:2380 \ --initial-cluster-state=existing \ --data-dir=/data/etcd/dataRestart=on-failure RestartSec=5[Install] WantedBy=multi-user.target EOF
红色位置为需要修改的配置,绿色位置为新增配置。
8、配置防火墙信息
etcd1-3
firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.110.17" port protocol="tcp" port="2379" accept' firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.110.17" port protocol="tcp" port="2380" accept firewall-cmd --reload
etcd4
firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.110.12" port protocol="tcp" port="2379" accept' firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.110.12" port protocol="tcp" port="2380" accept firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.110.13" port protocol="tcp" port="2379" accept' firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.110.13" port protocol="tcp" port="2380" accept firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.110.15" port protocol="tcp" port="2379" accept' firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.110.15" port protocol="tcp" port="2380" accept firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.110.17" port protocol="tcp" port="2379" accept' firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.110.17" port protocol="tcp" port="2380" accept firewall-cmd --reload
9、加入新节点到集群中
在etcd1-3中任何一个节点上操作一次即可
etcdctl --endpoints=https://192.168.110.13:2379 --cacert=/data/etcd/ssl/ca.pem --cert=/data/etcd/ssl/server.pem --key=/data/etcd/ssl/server-key.pem member add etcd4 --peer-urls=https://192.168.110.17:2380
10、启动新节点
systemctl start etcd
systemctl enable etcd
11、查看集群信息
etcdctl --endpoints=https://192.168.110.12:2379 --cacert=/data/etcd/ssl/ca.pem --cert=/data/etcd/ssl/server.pem --key=/data/etcd/ssl/server-key.pem member list
移除节点
1、查看需要移除的节点ID
etcdctl --endpoints=https://192.168.110.12:2379 --cacert=/data/etcd/ssl/ca.pem --cert=/data/etcd/ssl/server.pem --key=/data/etcd/ssl/server-key.pem member list
2、根据ID移除节点
etcdctl --endpoints=https://192.168.110.12:2379 --cacert=/data/etcd/ssl/ca.pem --cert=/data/etcd/ssl/server.pem --key=/data/etcd/ssl/server-key.pem member remove 5e994a4b4e60b7c9
重新加入被之前移除的节点
1、修改节点启动配置
initial-cluster-state参数的值需要修改为:existing
2、需要清空数据目录
rm -rf /data/etcd/data/*
3、执行加入新节点命令后再启动新节点的etcd服务
