网站首页 > 博客文章 正文
环境信息
名称 | IP |
master-01 | 10.32.30.88 |
node-01 | 10.33.60.50 |
node-02 | 10.32.30.215 |
下载证书生成工具
下载cfssl工具,主要用于生成证书
//在master-01节点下载证书
cd /root
mkdir ~/bin
curl -s -L -o ~/bin/cfssl https://pkg.cfssl.org/R1.2/cfssl_linux-amd64
curl -s -L -o ~/bin/cfssljson https://pkg.cfssl.org/R1.2/cfssljson_linux-amd64
chmod +x ~/bin/{cfssl,cfssljson}
export PATH=$PATH:~/bin生成自签名CA
//在master-01节点操作
cd /root
mkdir cfssl
cd cfssl
cfssl print-defaults config > ca-config.json //生成CA配置文件
cfssl print-defaults csr > ca-csr.json //CA csr请求文件ca-config.json
{
"signing": {
"default": {
"expiry": "43800h"
},
"profiles": {
"server": {
"expiry": "43800h",
"usages": [
"signing",
"key encipherment",
"server auth"
]
},
"client": {
"expiry": "43800h",
"usages": [
"signing",
"key encipherment",
"client auth"
]
},
"peer": {
"expiry": "43800h",
"usages": [
"signing",
"key encipherment",
"server auth",
"client auth"
]
}
}
}
}三个profile的含义
server,作为服务器与客户端通信时的服务器证书
client,作为服务器与客户端通信时的客户端证书,一般etcdctl, etcd proxy或者 docker 客户端使用
peer,作为服务器间通信时用的证书,既认证服务器也认证客户端
ca-csr.json 请求文件
{
"CN": "ETCD-CA",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"L": "CA",
"O": "company",
"ST": "BJ",
"OU": "OP",
"OU": "QA"
}
]
}生成CA
////在master-01节点操作执行命令后会生成三个文件
cfssl gencert -initca ca-csr.json | cfssljson -bare ca -
ca-key.pem
ca.csr //我们后续不会使用这个文件
ca.pem //自签名的CA证书文件,后续用这个文件对sever peer client的证书进行签发Server证书和Peer证书使用统一的证书方式部署ETCD
创建server证书CSR请求文件 server.json
//生成配置文件在master-01节点操作
cfssl print-defaults csr > server.json
//修改server.json配置文件
{
"CN": "etcd",
"hosts": [
"10.32.30.88",
"10.32.30.215",
"10.33.60.50",
"127.0.0.1"
],
"key": {
"algo": "ecdsa",
"size": 256
},
"names": [
{
"C": "CN",
"L": "BJ",
"ST": "BJ"
}
]
}
hosts里面需要包含所有节点的IP地址
生成ETCD Server证书和Peer证书
//在master-01节点操作会生成三个文件server.pem server-key.pem server.csr
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server server.json | cfssljson -bare server
//在master-01节点操作会生成三个文件 peer.pem peer-key.pem peer.csr
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=peer server.json | cfssljson -bare peer
生成拷贝 Server证书和Peer证书到node-01和node-02 节点
//node-01和node-02节点新建目录
mkdir /root/cfssl
//将server.pem、server-key.pem、 peer.pem、peer-key.pem 四个文件从master-01拷贝到节点node-01和node-02
cd /root/cfssl
scp ca.pem server.pem server-key.pem peer.pem peer-key.pem root@10.33.60.50:/root/cfssl/
scp ca.pem server.pem server-key.pem peer.pem peer-key.pem root@10.32.30.215:/root/cfssl/生成ETCDCTL工具使用的client证书
//生成配置文件
cfssl print-defaults csr > client.json
//设置配置文件
vim client.json
{
"CN": "etcd",
"hosts": [""
],
"key": {
"algo": "ecdsa",
"size": 256
},
"names": [
{
"O": "autogenerated",
"OU": "etcd cluster",
"L": "the internet"
}
]
}
//生成客户端证书
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=client client.json | cfssljson -bare client
//拷贝客户端证书到node-01和node-02节点
scp client.pem client-key.pem root@10.33.60.50:/root/cfssl/
scp client.pem client-key.pem root@10.32.30.215:/root/cfssl/下载ETCD安装包
//在master01 node-01 node-02 节点执行
cd /root
wget https://github.com/etcd-io/etcd/releases/download/v3.5.2/etcd-v3.5.2-linux-amd64.tar.gz
tar xf etcd-v3.5.2-linux-amd64.tar.gz
cd etcd-v3.5.2-linux-amd64
cp etcd etcdctl /usr/bin/配置ETCD集群
配置etcd为系统服务,也可以配置为命令行启动,命令行可以用于测试,本例中使用的是作为系统服务
master-01配置为系统服务
//编辑系统文件
vim /usr/lib/systemd/system/etcd.service
[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target
[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
# set GOMAXPROCS to number of processors
ExecStart=/usr/bin/etcd --name master-01 --initial-advertise-peer-urls https://10.32.30.88:2380 \
--listen-peer-urls https://10.32.30.88:2380 \
--listen-client-urls https://10.32.30.88:2379,http://127.0.0.1:2379 \
--advertise-client-urls https://10.32.30.88:2379 \
--initial-cluster-token etcd-cluster-1 \
--initial-cluster master-01=https://10.32.30.88:2380,node-01=https://10.33.60.50:2380,node-02=https://10.32.30.215:2380 \
--initial-cluster-state new \
--trusted-ca-file=/root/cfssl/ca.pem \
--cert-file=/root/cfssl/server.pem --key-file=/root/cfssl/server-key.pem \
--peer-trusted-ca-file=/root/cfssl/ca.pem \
--peer-cert-file=/root/cfssl/peer.pem --peer-key-file=/root/cfssl/peer-key.pem \
--data-dir=/var/lib/etcd
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
//重新加载配置文件
systemctl daemon-reload
//启动服务
systemctl start etcd配置master-01 节点命令行启动
//命令行方式启动
/usr/bin/etcd --name master-01 --initial-advertise-peer-urls https://10.32.30.88:2380 \
--listen-peer-urls https://10.32.30.88:2380 \
--listen-client-urls https://10.32.30.88:2379,http://127.0.0.1:2379 \
--advertise-client-urls https://10.32.30.88:2379 \
--initial-cluster-token etcd-cluster-1 \
--initial-cluster master-01=https://10.32.30.88:2380,node-01=https://10.33.60.50:2380,node-02=https://10.32.30.215:2380 \
--initial-cluster-state new \
--trusted-ca-file=/root/cfssl/ca.pem \
--cert-file=/root/cfssl/server.pem --key-file=/root/cfssl/server-key.pem \
--peer-trusted-ca-file=/root/cfssl/ca.pem \
--peer-cert-file=/root/cfssl/peer.pem --peer-key-file=/root/cfssl/peer-key.pem \
--data-dir=/var/lib/etcd参数说明
//名称,默认为default,集群内唯一,这里使用hostname
name master-01
//通告给集群其他成员的地址,主要用于集群间通信的地址,会通告给集群的其他成员。这个地址用来传输集群数据。这个地址必须是可以被集群中所有的成员访问
initial-advertise-peer-urls https://10.32.30.88:2380
//本地使用的集群地址,集群监听地址
listen-peer-urls https://10.32.30.88:2380
// 客户端监听地址
listen-client-urls https://10.32.30.88:2379,http://127.0.0.1:2379
//对外通告的客户端监听地址
advertise-client-urls https://10.32.30.88:2379
//创建集群的 token,这个值每个集群保持唯一。这样的话,如果你要重新创建集群,即使配置和之前一样,也会再次生成新的集群和节点 uuid;否则会导致多个集群之间的冲突,造成未知的错误
initial-cluster-token etcd-cluster-1
// 初始化所有节点的集群信息
initial-cluster master-01=https://10.32.30.88:2380,node-01=https://10.33.60.50:2380,node-02=https://10.32.30.215:2380
//新建集群状态为new,如果是节点加入已经存在的集群状态为existing,比如新增节点到集群中会用到这个参数
initial-cluster-state new
//客户端到服务器通信使用的受信任的证书颁发机构
trusted-ca-file=/root/cfssl/ca.pem
//客户端到服务端通信用于与etcd 进行 SSL/TLS 连接的证书和密钥
cert-file=/root/cfssl/server.pem --key-file=/root/cfssl/server-key.pem
//集群间节点通信使用的受信任的证书颁发机构
peer-trusted-ca-file=/root/cfssl/ca.pem
//集群间用于对等点之间的 SSL/TLS 连接的证书和密钥
peer-cert-file=/root/cfssl/peer.pem --peer-key-file=/root/cfssl/peer-key.pem
//数据存储目录
data-dir=/var/lib/etcd
node-01配置作为系统服务
//编辑系统文件
vim /usr/lib/systemd/system/etcd.service
[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target
[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
# set GOMAXPROCS to number of processors
ExecStart=/usr/bin/etcd --name node-01 --initial-advertise-peer-urls https://10.33.60.50:2380 \
--listen-peer-urls https://10.33.60.50:2380 \
--listen-client-urls https://10.33.60.50:2379,http://127.0.0.1:2379 \
--advertise-client-urls https://10.33.60.50:2379 \
--initial-cluster-token etcd-cluster-1 \
--initial-cluster master-01=https://10.32.30.88:2380,node-01=https://10.33.60.50:2380,node-02=https://10.32.30.215:2380 \
--initial-cluster-state new \
--trusted-ca-file=/root/cfssl/ca.pem \
--cert-file=/root/cfssl/server.pem --key-file=/root/cfssl/server-key.pem \
--peer-trusted-ca-file=/root/cfssl/ca.pem \
--peer-cert-file=/root/cfssl/peer.pem --peer-key-file=/root/cfssl/peer-key.pem \
--data-dir=/var/lib/etcd
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
//重新加载配置文件
systemctl daemon-reload
//启动服务
systemctl start etcd也可以配置为node-01命令行启动
/usr/bin/etcd --name node-01 --initial-advertise-peer-urls https://10.33.60.50:2380 \
--listen-peer-urls https://10.33.60.50:2380 \
--listen-client-urls https://10.33.60.50:2379,http://127.0.0.1:2379 \
--advertise-client-urls https://10.33.60.50:2379 \
--initial-cluster-token etcd-cluster-1 \
--initial-cluster master-01=https://10.32.30.88:2380,node-01=https://10.33.60.50:2380,node-02=https://10.32.30.215:2380 \
--initial-cluster-state new \
--trusted-ca-file=/root/cfssl/ca.pem \
--cert-file=/root/cfssl/server.pem --key-file=/root/cfssl/server-key.pem \
--peer-trusted-ca-file=/root/cfssl/ca.pem \
--peer-cert-file=/root/cfssl/peer.pem --peer-key-file=/root/cfssl/peer-key.pem \
--data-dir=/var/lib/etcdnode-02配置作为系统服务
//编辑系统文件
vim /usr/lib/systemd/system/etcd.service
[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target
[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
# set GOMAXPROCS to number of processors
ExecStart= /usr/bin/etcd --name node-02 --initial-advertise-peer-urls https://10.32.30.215:2380 \
--listen-peer-urls https://10.32.30.215:2380 \
--listen-client-urls https://10.32.30.215:2379,http://127.0.0.1:2379 \
--advertise-client-urls https://10.32.30.215:2379 \
--initial-cluster-token etcd-cluster-1 \
--initial-cluster master-01=https://10.32.30.88:2380,node-01=https://10.33.60.50:2380,node-02=https://10.32.30.215:2380 \
--initial-cluster-state new \
--trusted-ca-file=/root/cfssl/ca.pem \
--cert-file=/root/cfssl/server.pem --key-file=/root/cfssl/server-key.pem \
--peer-trusted-ca-file=/root/cfssl/ca.pem \
--peer-cert-file=/root/cfssl/peer.pem --peer-key-file=/root/cfssl/peer-key.pem \
--data-dir=/var/lib/etcd
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
//重新加载配置文件
systemctl daemon-reload
//启动服务
systemctl start etcdnode-02配置为命令行启动
/usr/bin/etcd --name node-02 --initial-advertise-peer-urls https://10.32.30.215:2380 \
--listen-peer-urls https://10.32.30.215:2380 \
--listen-client-urls https://10.32.30.215:2379,http://127.0.0.1:2379 \
--advertise-client-urls https://10.32.30.215:2379 \
--initial-cluster-token etcd-cluster-1 \
--initial-cluster master-01=https://10.32.30.88:2380,node-01=https://10.33.60.50:2380,node-02=https://10.32.30.215:2380 \
--initial-cluster-state new \
--trusted-ca-file=/root/cfssl/ca.pem \
--cert-file=/root/cfssl/server.pem --key-file=/root/cfssl/server-key.pem \
--peer-trusted-ca-file=/root/cfssl/ca.pem \
--peer-cert-file=/root/cfssl/peer.pem --peer-key-file=/root/cfssl/peer-key.pem \
--data-dir=/var/lib/etcd查看ETCD集群状态
//查看endpoint
ETCDCTL_API=3 etcdctl --cacert=/root/cfssl/ca.pem --cert=/root/cfssl/client.pem --key=/root/cfssl/client-key.pem --endpoints=https://10.32.30.88:2379,https://10.32.30.215:2379,https://10.33.60.50:2379 endpoint status -w table
+---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS |
+---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
| https://10.32.30.88:2379 | 622636bc416dde5b | 3.5.2 | 25 kB | true | false | 2 | 9 | 9 | |
| https://10.32.30.215:2379 | 77c1f23c3446ed7b | 3.5.2 | 20 kB | false | false | 2 | 9 | 9 | |
| https://10.33.60.50:2379 | a7bc600857e256c8 | 3.5.2 | 20 kB | false | false | 2 | 9 | 9 | |
+---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
//查看member
ETCDCTL_API=3 etcdctl --cacert=/root/cfssl/ca.pem --cert=/root/cfssl/client.pem --key=/root/cfssl/client-key.pem --endpoints=https://10.32.30.88:2379,https://10.32.30.215:2379,https://10.33.60.50:2379 member list -w table
+------------------+---------+-----------+---------------------------+---------------------------+------------+
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS | IS LEARNER |
+------------------+---------+-----------+---------------------------+---------------------------+------------+
| 622636bc416dde5b | started | master-01 | https://10.32.30.88:2380 | https://10.32.30.88:2379 | false |
| 77c1f23c3446ed7b | started | node-02 | https://10.32.30.215:2380 | https://10.32.30.215:2379 | false |
| a7bc600857e256c8 | started | node-01 | https://10.33.60.50:2380 | https://10.33.60.50:2379 | false |
+------------------+---------+-----------+---------------------------+---------------------------+------------+添加一个新节点到已有集群中
新添加节点为node-03 IP地址为:10.33.60.70
需要提前下载etcd 二进制文件到/usr/bin目录中
在leader(master-01)节点添加新节点node-03
ETCDCTL_API=3 etcdctl --cacert=/root/cfssl/ca.pem --cert=/root/cfssl/client.pem --key=/root/cfssl/client-key.pem --endpoints=https://10.32.30.88:2379,https://10.32.30.215:2379,https://10.33.60.50:2379 member add node-03 --peer-urls=https://10.33.60.70:2380
Member fe3f502dd5a0549c added to cluster 24c59effa3b6af15
ETCD_NAME="node-03"
ETCD_INITIAL_CLUSTER="master-01=https://10.32.30.88:2380,node-02=https://10.32.30.215:2380,node-01=https://10.33.60.50:2380,node-03=https://10.33.60.70:2380"
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://10.33.60.70:2380"
ETCD_INITIAL_CLUSTER_STATE="existing"
//查看member,新增的节点node-03 状态为unstarted
ETCDCTL_API=3 etcdctl --cacert=/root/cfssl/ca.pem --cert=/root/cfssl/client.pem --key=/root/cfssl/client-key.pem --endpoints=https://10.32.30.88:2379,https://10.32.30.215:2379,https://10.33.60.50:2379 member list -w table
+------------------+-----------+-----------+---------------------------+---------------------------+------------+
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS | IS LEARNER |
+------------------+-----------+-----------+---------------------------+---------------------------+------------+
| 622636bc416dde5b | started | master-01 | https://10.32.30.88:2380 | https://10.32.30.88:2379 | false |
| 77c1f23c3446ed7b | started | node-02 | https://10.32.30.215:2380 | https://10.32.30.215:2379 | false |
| a7bc600857e256c8 | started | node-01 | https://10.33.60.50:2380 | https://10.33.60.50:2379 | false |
| fe3f502dd5a0549c | unstarted | | https://10.33.60.70:2380 | | false |
+------------------+-----------+-----------+---------------------------+---------------------------+------------+
Server证书和Peer证书新增node-03节点IP
新增IP
//生成配置文件在master-01节点操作
vim server.json
//修改server.json配置文件
{
"CN": "etcd",
"hosts": [
"10.32.30.88",
"10.32.30.215",
"10.33.60.50",
"10.33.60.70", //新增加IP地址
"127.0.0.1"
],
"key": {
"algo": "ecdsa",
"size": 256
},
"names": [
{
"C": "CN",
"L": "BJ",
"ST": "BJ"
}
]
}master-01节点重新生成server 证书和peer证书
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server server.json | cfssljson -bare server
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=peer server.json | cfssljson -bare peernode-03 新建目录
mkdir /root/cfssl拷贝master-01节点证书到其他三个节点
cd /root/cfssl/
scp server.pem server-key.pem peer.pem peer-key.pem root@10.33.60.50:/root/cfssl/
scp server.pem server-key.pem peer.pem peer-key.pem root@10.32.30.215:/root/cfssl/
scp server.pem server-key.pem peer.pem peer-key.pem root@10.33.60.70:/root/cfssl/启动node-03节点etcd
etcd作为系统服务
//编辑系统文件
vim /usr/lib/systemd/system/etcd.service
[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target
[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
# set GOMAXPROCS to number of processors
ExecStart= /usr/bin/etcd --name node-03 --initial-advertise-peer-urls https://10.33.60.70:2380 \
--listen-peer-urls https://10.33.60.70:2380 \
--listen-client-urls https://10.33.60.70:2379,http://127.0.0.1:2379 \
--advertise-client-urls https://10.33.60.70:2379 \
--initial-cluster-token etcd-cluster-1 \
--initial-cluster node-03=https://10.33.60.70:2380,master-01=https://10.32.30.88:2380,node-01=https://10.33.60.50:2380,node-02=https://10.32.30.215:2380 \
--initial-cluster-state existing \
--trusted-ca-file=/root/cfssl/ca.pem \
--cert-file=/root/cfssl/server.pem --key-file=/root/cfssl/server-key.pem \
--peer-trusted-ca-file=/root/cfssl/ca.pem \
--peer-cert-file=/root/cfssl/peer.pem --peer-key-file=/root/cfssl/peer-key.pem \
--data-dir=/var/lib/etcd
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
//重新加载配置文件
systemctl daemon-reload
//启动服务
systemctl start etcd命令行方式用于测试,主要是在服务无法启动的情况下测试
//设置node-03 节点状态为 existing
/usr/bin/etcd --name node-03 --initial-advertise-peer-urls https://10.33.60.70:2380 \
--listen-peer-urls https://10.33.60.70:2380 \
--listen-client-urls https://10.33.60.70:2379,http://127.0.0.1:2379 \
--advertise-client-urls https://10.33.60.70:2379 \
--initial-cluster-token etcd-cluster-1 \
--initial-cluster node-03=https://10.33.60.70:2380,master-01=https://10.32.30.88:2380,node-01=https://10.33.60.50:2380,node-02=https://10.32.30.215:2380 \
--initial-cluster-state existing \
--trusted-ca-file=/root/cfssl/ca.pem \
--cert-file=/root/cfssl/server.pem --key-file=/root/cfssl/server-key.pem \
--peer-trusted-ca-file=/root/cfssl/ca.pem \
--peer-cert-file=/root/cfssl/peer.pem --peer-key-file=/root/cfssl/peer-key.pem \
--data-dir=/var/lib/etcd在master-01节点查看所有节点状态
//查看member
[root@master-01 cfssl]# ETCDCTL_API=3 etcdctl --cacert=/root/cfssl/ca.pem --cert=/root/cfssl/client.pem --key=/root/cfssl/client-key.pem --endpoints=https://10.32.30.88:2379,https://10.32.30.215:2379,https://10.33.60.50:2379 member list -w table
+------------------+---------+-----------+---------------------------+---------------------------+------------+
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS | IS LEARNER |
+------------------+---------+-----------+---------------------------+---------------------------+------------+
| 622636bc416dde5b | started | master-01 | https://10.32.30.88:2380 | https://10.32.30.88:2379 | false |
| 77c1f23c3446ed7b | started | node-02 | https://10.32.30.215:2380 | https://10.32.30.215:2379 | false |
| a7bc600857e256c8 | started | node-01 | https://10.33.60.50:2380 | https://10.33.60.50:2379 | false |
| fe3f502dd5a0549c | started | node-03 | https://10.33.60.70:2380 | https://10.33.60.70:2379 | false |
+------------------+---------+-----------+---------------------------+---------------------------+------------+
[root@master-01 cfssl]#
//查看endpoint
[root@master-01 cfssl]# ETCDCTL_API=3 etcdctl --cacert=/root/cfssl/ca.pem --cert=/root/cfssl/client.pem --key=/root/cfssl/client-key.pem --endpoints=https://10.32.30.88:2379,https://10.32.30.215:2379,https://10.33.60.50:2379,https://10.33.60.70:2379 endpoint status -w table
+---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS |
+---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
| https://10.32.30.88:2379 | 622636bc416dde5b | 3.5.2 | 25 kB | false | false | 3 | 12 | 12 | |
| https://10.32.30.215:2379 | 77c1f23c3446ed7b | 3.5.2 | 20 kB | true | false | 3 | 12 | 12 | |
| https://10.33.60.50:2379 | a7bc600857e256c8 | 3.5.2 | 20 kB | false | false | 3 | 12 | 12 | |
| https://10.33.60.70:2379 | fe3f502dd5a0549c | 3.5.2 | 20 kB | false | false | 3 | 12 | 12 | |
+---------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
[root@master-01 cfssl]#
移除etcd节点
//删除node-03节点
+------------------+---------+-----------+---------------------------+---------------------------+------------+
[root@master-01 cfssl]# ETCDCTL_API=3 etcdctl --cacert=/root/cfssl/ca.pem --cert=/root/cfssl/client.pem --key=/root/cfssl/client-key.pem --endpoints=https://10.32.30.88:2379,https://10.32.30.215:2379,https://10.33.60.50:2379 member remove fe3f502dd5a0549c
Member fe3f502dd5a0549c removed from cluster 24c59effa3b6af15
[root@master-01 cfssl]# ETCDCTL_API=3 etcdctl --cacert=/root/cfssl/ca.pem --cert=/root/cfssl/client.pem --key=/root/cfssl/client-key.pem --endpoints=https://10.32.30.88:2379,https://10.32.30.215:2379,https://10.33.60.50:2379 member list -w table
+------------------+---------+-----------+---------------------------+---------------------------+------------+
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS | IS LEARNER |
+------------------+---------+-----------+---------------------------+---------------------------+------------+
| 622636bc416dde5b | started | master-01 | https://10.32.30.88:2380 | https://10.32.30.88:2379 | false |
| 77c1f23c3446ed7b | started | node-02 | https://10.32.30.215:2380 | https://10.32.30.215:2379 | false |
| a7bc600857e256c8 | started | node-01 | https://10.33.60.50:2380 | https://10.33.60.50:2379 | false |
+------------------+---------+-----------+---------------------------+---------------------------+------------+
[root@master-01 cfssl]#
猜你喜欢
- 2024-11-16 Docker网络这样理解会更简单(二)(docker 网络)
- 2024-11-16 Docker 和 Kubernetes 介绍(docker与kubernetes)
- 2024-11-16 通过项目学习Go开发之系统环境搭建
- 2024-11-16 容器可视化-Kuboard(容器可视化管理平台kubesphere)
- 2024-11-16 Docker 从入门到实践(docker从入门到精通)
- 2024-11-16 Docker 容器网络番外篇-VxLan(docker的网络)
- 2024-11-16 有想学docker的吗?我来倾馕相助了,143页docker入门资料免费送
- 2024-11-16 全新一代API网关,带可视化管理,文档贼友好
- 2024-11-16 Docker网络架构是什么?包含哪些哪些核心组件与驱动?
- 2024-11-16 Docker网络优化方案,你认为哪种将引爆未来?
欢迎 你 发表评论:
- 最近发表
- 标签列表
-
- powershellfor (55)
- messagesource (56)
- aspose.pdf破解版 (56)
- promise.race (63)
- 2019cad序列号和密钥激活码 (62)
- window.performance (66)
- qt删除文件夹 (72)
- mysqlcaching_sha2_password (64)
- ubuntu升级gcc (58)
- nacos启动失败 (64)
- ssh-add (70)
- jwt漏洞 (58)
- macos14下载 (58)
- yarnnode (62)
- abstractqueuedsynchronizer (64)
- source~/.bashrc没有那个文件或目录 (65)
- springboot整合activiti工作流 (70)
- jmeter插件下载 (61)
- 抓包分析 (60)
- idea创建mavenweb项目 (65)
- vue回到顶部 (57)
- qcombobox样式表 (68)
- vue数组concat (56)
- tomcatundertow (58)
- pastemac (61)
本文暂时没有评论,来添加一个吧(●'◡'●)