etcdクラスタ構築(etcd discovery方式)

1.構成

2 etcd discoveryの設定内容

2.1 master1の設定

ここで得られる結果をmaster1とmaster2の-discoveryパラメータとして指定する。
[root@master1 2way-dns]# curl https://discovery.etcd.io/new?size=2
https://discovery.etcd.io/84c3b5edcc6203c46ac147d7fa6522bf[root@master1 2way-dns]#

[root@master1 2way-dns]# cat start.sh
#!/usr/bin/bash
etcd -name master1 \
     -initial-advertise-peer-urls http://192.168.0.10:2380 \
     -listen-peer-urls http://192.168.0.10:2380 \
     -listen-client-urls http://0.0.0.0:2379 \
     -advertise-client-urls http://192.168.0.10:2379 \
     -discovery https://discovery.etcd.io/84c3b5edcc6203c46ac147d7fa6522bf &

[root@master1 2way-dns]# ls -la start.sh
-rwxr--r--. 1 root root 328 11月 13 22:13 start.sh

[root@master1 2way-dns]# cat /etc/kubernetes/kubelet |grep -v ^#|grep -v '^\s*$'
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_HOSTNAME="--hostname-override=master1"
KUBELET_API_SERVER="--api-servers=http://192.168.0.10:8080"
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
[root@master1 2way-dns]#

[root@master1 2way-dns]# cat /etc/kubernetes/config |grep -v ^#|grep -v '^\s*$'
KUBE_LOGTOSTDERR="--logtostderr=true"
KUBE_LOG_LEVEL="--v=0"
KUBE_ALLOW_PRIV="--allow-privileged=false"
KUBE_MASTER="--master=http://192.168.0.10:8080"


[root@master1 2way-dns]# cat /etc/kubernetes/apiserver |grep -v ^#|grep -v '^\s*$'
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
KUBE_API_PORT="--insecure-port=8080"
KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.0.10:2379"
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
KUBE_API_ARGS=""
[root@master1 2way-dns]#

2.2 master2の設定

[root@master2 2way-dns]# cat start.sh
#!/usr/bin/bash
etcd -name master2 \
     -initial-advertise-peer-urls http://192.168.0.20:2380 \
     -listen-peer-urls http://192.168.0.20:2380 \
     -listen-client-urls http://0.0.0.0:2379 \
     -advertise-client-urls http://192.168.0.20:2379 \
     -discovery https://discovery.etcd.io/84c3b5edcc6203c46ac147d7fa6522bf &

[root@master2 2way-dns]# ls -la start.sh
-rwxr--r--. 1 root root 328 11月 13 22:14 start.sh


[root@master2 2way-dns]# cat /etc/kubernetes/kubelet |grep -v ^#|grep -v '^\s*$'
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_HOSTNAME="--hostname-override=master2"
KUBELET_API_SERVER="--api-servers=http://192.168.0.20:8080"
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
[root@master2 2way-dns]#


[root@master2 2way-dns]# cat /etc/kubernetes/config |grep -v ^#|grep -v '^\s*$'
KUBE_LOGTOSTDERR="--logtostderr=true"
KUBE_LOG_LEVEL="--v=0"
KUBE_ALLOW_PRIV="--allow-privileged=false"
KUBE_MASTER="--master=http://192.168.0.20:8080"
[root@master2 2way-dns]#


[root@master2 2way-dns]# cat /etc/kubernetes/apiserver |grep -v ^#|grep -v '^\s*$'
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
KUBE_API_PORT="--insecure-port=8080"
KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.0.20:2379"
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
KUBE_API_ARGS=""
[root@master2 2way-dns]#

3 etcdの起動

3.1 master1側のetcd起動

もしかしたら、etcd起動前に、kubeleの再起動が必要かもしれない。
[root@master1 2way-dns]# systemctl restart kubelet

etcdを起動する。
[root@master1 2way-dns]# ./start.sh

etcdデーモンの状態を確認する。
[root@master1 2way-dns]# ps axu|grep etcd
root       8882  5.6  1.7  35884 17832 pts/0    Sl   22:14   0:08 etcd -name master1 -initial-advertise-peer-urls http://192.168.0.10:2380 -listen-peer-urls http://192.168.0.10:2380 -listen-client-urls http://0.0.0.0:2379 -advertise-client-urls http://192.168.0.10:2379 -discovery https://discovery.etcd.io/84c3b5edcc6203c46ac147d7fa6522bf
root       9112  0.0  0.0 112656   972 pts/0    S+   22:17   0:00 grep --color=auto etcd
[root@master1 2way-dns]#


クラスタの状態を確認する。
[root@master1 2way-dns]# etcdctl cluster-health
member 35b6213ea6d07e50 is healthy: got healthy result from http://192.168.0.10:2379
member d7c94195a25a1ab6 is healthy: got healthy result from http://192.168.0.20:2379
cluster is healthy

リーダを確認する。
[root@master1 2way-dns]# etcdctl member list
35b6213ea6d07e50: name=master1 peerURLs=http://192.168.0.10:2380 clientURLs=http://192.168.0.10:2379 isLeader=true
d7c94195a25a1ab6: name=master2 peerURLs=http://192.168.0.20:2380 clientURLs=http://192.168.0.20:2379 isLeader=false
[root@master1 2way-dns]#

3.2 master2側のetcd起動

[root@master2 2way-dns]# ./start.sh
[root@master2 2way-dns]# ps aux|grep etcd
root       9391  4.4  1.7  35884 17716 pts/0    Sl   22:14   0:10 etcd -name master2 -initial-advertise-peer-urls http://192.168.0.20:2380 -listen-peer-urls http://192.168.0.20:2380 -listen-client-urls http://0.0.0.0:2379 -advertise-client-urls http://192.168.0.20:2379 -discovery https://discovery.etcd.io/84c3b5edcc6203c46ac147d7fa6522bf
root       9698  0.0  0.0 112656   972 pts/0    S+   22:18   0:00 grep --color=auto etcd
[root@master2 2way-dns]#


[root@master2 2way-dns]# etcdctl cluster-health
member 35b6213ea6d07e50 is healthy: got healthy result from http://192.168.0.10:2379
member d7c94195a25a1ab6 is healthy: got healthy result from http://192.168.0.20:2379
cluster is healthy
[root@master2 2way-dns]# etcdctl member list
35b6213ea6d07e50: name=master1 peerURLs=http://192.168.0.10:2380 clientURLs=http://192.168.0.10:2379 isLeader=true
d7c94195a25a1ab6: name=master2 peerURLs=http://192.168.0.20:2380 clientURLs=http://192.168.0.20:2379 isLeader=false
[root@master2 2way-dns]#

5 参考情報

Building High-Availability Clusters
kubernetes/kubernetes.github.io
GET STARTED ORCHESTRATING CONTAINERS WITH KUBERNETES