Inventaire
- Node-etcd01
- IP : 192.168.1.40/24
- OS : Rocky Linux 8.5
- RAM : 2Go
- CPU : 1
- Disk : 32Go
- Node-etcd02
- IP : 192.168.1.41/24
- OS : Rocky Linux 8.5
- RAM : 2Go
- CPU : 1
- Disk : 32Go
- Node-etcd03
- IP : 192.168.1.42/24
- OS : Rocky Linux 8.5
- RAM : 2Go
- CPU : 1
- Disk : 32Go
Pool des machines du cluster ETCD
1. Prérequis des machines du Pool ETCD
Mise à jour de la machine (3 nodes)
[root@node-etcd0x ~]# dnf update -y
Ajout des Hosts (pas de DNS)
[root@node-etcd01 ~]# echo "192.168.1.40 node-etcd01 " >> /etc/hosts [root@node-etcd01 ~]# echo "192.168.1.41 node-etcd02 " >> /etc/hosts [root@node-etcd01 ~]# echo "192.168.1.42 node-etcd03 " >> /etc/hosts
[root@node-etcd01 ~]# scp /etc/hosts root@node-etcd02:/etc/hosts [root@node-etcd01 ~]# scp /etc/hosts root@node-etcd03:/etc/hosts
[root@node-etcd01 ~]# ping -c 2 node-etcd01 [root@node-etcd01 ~]# ping -c 2 node-etcd02 [root@node-etcd01 ~]# ping -c 2 node-etcd03
Désactiver SELinux (3 nodes)
[root@node-etcd0x ~]# getenforce Enforcing [root@node-etcd0x ~]# setenforce 0 [root@node-etcd0x ~]# getenforce Permissive [root@node-etcd0x ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
Synchroniser DateTime sur le fuseau de PARIS (3 nodes)
[root@node-etcd0x ~]# timedatectl
[root@node-etcd0x ~]# timedatectl set-timezone Europe/Paris [root@node-etcd0x ~]# timedatectl
Installation des middlewares utiles (3 nodes)
[root@node-etcd0x ~]# dnf install epel-release net-tools nmap wget tar -y
2. Récupération « latest » etcd (3 nodes)
[root@node-etcd0x ~]# echo "ETCD_RELEASE=$(curl -s https://api.github.com/repos/etcd-io/etcd/releases/latest|grep tag_name | cut -d '"' -f 4)" >> ~/.bashrc [root@node-etcd0x ~]# source ~/.bashrc [root@node-etcd0x ~]# echo $ETCD_RELEASE v3.5.7 [root@node0x-psql tmp]# cd /tmp && wget https://github.com/etcd-io/etcd/releases/download/${ETCD_RELEASE}/etcd-${ETCD_RELEASE}-linux-amd64.tar.gz [root@node-etcd0x tmp]# ls -al |grep etc -rw-r--r--. 1 root root 18458320 20 janv. 11:23 etcd-v3.5.7-linux-amd64.tar.gz
3. Installation des binaires etcd (3 nodes)
[root@node-etcd0x tmp]# tar -xzvf etcd-${ETCD_RELEASE}-linux-amd64.tar.gz [root@node-etcd0x tmp]# cd etcd-${ETCD_RELEASE}-linux-amd64/
[root@node-etcd0x etcd-v3.5.7-linux-amd64]# ls -al
[root@node-etcd0x etcd-v3.5.7-linux-amd64]# mv etcd* /usr/local/bin [root@node-etcd0x etcd-v3.5.7-linux-amd64]# ls /usr/local/bin etcd etcdctl etcdutl
[root@node-etcd0x etcd-v3.5.7-linux-amd64]# etcdutl version [root@node-etcd0x etcd-v3.5.7-linux-amd64]# etcdctl version [root@node-etcd0x etcd-v3.5.7-linux-amd64]# etcd --version
4. Installation/création du service etcd (3 nodes)
Création de la strucure etcd (3 nodes)
[root@node-etcd0x etcd-v3.5.7-linux-amd64]# cd ~ [root@node-etcd0x ~]# mkdir -p /var/lib/etcd/ [root@node-etcd0x ~]# mkdir /etc/etcd
Création droit user/group etcd (3 nodes)
[root@node-etcd0x ~]# groupadd --system etcd [root@node-etcd0x ~]# useradd -s /sbin/nologin --system -g etcd etcd
Ajout des droits user/group etcd sur la structure (3 nodes)
[root@node-etcd0x ~]# chown -R etcd:etcd /var/lib/etcd/ [root@node-etcd0x ~]# chmod -R 0700 /var/lib/etcd
Ouverture des rules Firewall (3 nodes)
[root@node-etcd0x ~]# firewall-cmd --zone=public --permanent --add-port={2379,2380}/tcp [root@node-etcd0x ~]# firewall-cmd --remove-service={cockpit,dhcpv6-client} --permanent [root@node-etcd0x ~]# firewall-cmd --reload [root@node-etcd0x ~]# firewall-cmd --list-port 2379/tcp 2380/tcp
5. Configuration du cluster etcd
Service etcd node-etcd01
[root@node-etcd01 ~]# systemctl stop etcd.service
[root@node-etcd01 ~]# vi /etc/systemd/system/etcd.service [Unit] Description=etcd key-value store Documentation=https://github.com/etcd-io/etcd After=network.target [Service] User=etcd Type=notify ExecStart=/usr/local/bin/etcd \ --name node-etcd01 \ --data-dir /var/lib/etcd/node-etcd01 \ --initial-advertise-peer-urls http://192.168.1.40:2380 \ --listen-peer-urls http://192.168.1.40:2380 \ --listen-client-urls http://192.168.1.40:2379,http://127.0.0.1:2379 \ --advertise-client-urls http://192.168.1.40:2379 \ --initial-cluster-token clusterpsql \ --initial-cluster node-etcd01=http://192.168.1.40:2380 \ --initial-cluster-state new \ --heartbeat-interval 1000 \ --election-timeout 5000 Restart=always RestartSec=10s LimitNOFILE=40000 [Install] WantedBy=multi-user.target
On recharge le service
[root@node-etcd01 ~]# systemctl daemon-reload
Service etcd node-etcd02
[root@node-etcd02 ~]# systemctl stop etcd.service
[root@node-etcd02 ~]# vi /etc/systemd/system/etcd.service [Unit] Description=etcd key-value store Documentation=https://github.com/etcd-io/etcd After=network.target [Service] User=etcd Type=notify ExecStart=/usr/local/bin/etcd \ --name node-etcd02 \ --data-dir /var/lib/etcd/node-etcd02 \ --initial-advertise-peer-urls http://192.168.1.41:2380 \ --listen-peer-urls http://192.168.1.41:2380 \ --listen-client-urls http://192.168.1.41:2379,http://127.0.0.1:2379 \ --advertise-client-urls http://192.168.1.41:2379 \ --initial-cluster-token clusterpsql \ --initial-cluster node-etcd01=http://192.168.1.40:2380,node-etcd02=http://192.168.1.41:2380\ --initial-cluster-state existing \ --heartbeat-interval 1000 \ --election-timeout 5000 Restart=always RestartSec=10s LimitNOFILE=40000 [Install] WantedBy=multi-user.target
On recharge le service
[root@node-etcd02 ~]# systemctl daemon-reload
Service etcd node-etcd03
[root@node-etcd03 ~]# systemctl stop etcd.service
[root@node-etcd03 ~]# vi /etc/systemd/system/etcd.service [Unit] Description=etcd key-value store Documentation=https://github.com/etcd-io/etcd After=network.target [Service] User=etcd Type=notify ExecStart=/usr/local/bin/etcd \ --name node-etcd03 \ --data-dir /var/lib/etcd/node-etcd03 \ --initial-advertise-peer-urls http://192.168.1.42:2380 \ --listen-peer-urls http://192.168.1.42:2380 \ --listen-client-urls http://192.168.1.42:2379,http://127.0.0.1:2379 \ --advertise-client-urls http://192.168.1.42:2379 \ --initial-cluster-token clusterpsql \ --initial-cluster node-etcd01=http://192.168.1.40:2380,node-etcd02=http://192.168.1.41:2380,node-etcd03=http://192.168.1.42:2380 \ --initial-cluster-state existing \ --heartbeat-interval 1000 \ --election-timeout 5000 Restart=always RestartSec=10s LimitNOFILE=40000 [Install] WantedBy=multi-user.target
On recharge le service
[root@node-etcd03 ~]# systemctl daemon-reload
6. Lancement du cluster etcd
Lancement etcd node-etcd01
[root@node-etcd01 ~]# rm -rf /var/lib/etcd/node-etcd01 [root@node-etcd01 ~]# systemctl start etcd.service
[root@node-etcd01 ~]# systemctl status etcd.service
[root@node-etcd01 ~]# ls -al /var/lib/etcd/node-etcd01 [root@node-etcd01 ~]# ls -al /var/lib/etcd/node-etcd01/member/
Ajout des membres au cluster sur node-etcd01
[root@node-etcd02 ~]# systemctl start --now etcd.service [root@node-etcd01 ~]# etcdctl member add node-etcd02 --peer-urls=http://192.168.1.41:2380
[root@node-etcd03 ~]# systemctl start --now etcd.service [root@node-etcd01 ~]# etcdctl member add node-etcd03 --peer-urls=http://192.168.1.42:2380
Démarrage/Création du Cluster ETCD
[root@node-etcd01 ~]# systemctl start --now etcd [root@node-etcd01 ~]# systemctl enable etcd.service
[root@node-etcd01 ~]# systemctl status etcd
Lancement etcd node-etcd02
[root@node-etcd02 ~]# systemctl start --now etcd [root@node-etcd02 ~]# systemctl enable etcd.service
[root@node-etcd02 ~]# systemctl status etcd
Lancement etcd node-etcd03
[root@node-etcd03 ~]# systemctl start --now etcd [root@node-etcd03 ~]# systemctl enable etcd.service
[root@node-etcd03 ~]# systemctl status etcd
7. Check du Cluster ETCD
Check « Status » des membres (node01)
[root@node-etcd01 ~]# etcdctl member list
[root@node-etcd01 ~]# etcdctl -w table member list
Check « Health » des membres (node01)
[root@node-etcd01 ~]# etcdctl endpoint health --endpoints=192.168.1.40:2380 [root@node-etcd01 ~]# etcdctl endpoint health --endpoints=192.168.1.41:2380 [root@node-etcd01 ~]# etcdctl endpoint health --endpoints=192.168.1.42:2380
[root@node-etcd01 ~]# etcdctl endpoint health
root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node-etcd01:2380 endpoint status root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node-etcd02:2380 endpoint status root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node-etcd02:2380 endpoint status
Check « Transactions » des membres (node01)
root@node-etcd01 ~]# etcdctl --endpoints=192.168.1.40:2380 put user1 chris OK root@node-etcd01 ~]# etcdctl --endpoints=192.168.1.41:2380 get user1 user1 chris root@node-etcd01 ~]# etcdctl --endpoints=192.168.1.42:2380 get user1 user1 chris root@node-etcd01 ~]# etcdctl --endpoints=192.168.1.40:2380 get user1 user1 chris
Check « Create/Save DBA» des membres (node01)
[root@node-etcd01 ~]# etcdctl --endpoints=192.168.1.40:2379 snapshot save node-etcd01.db
[root@node-etcd01 ~]# etcdctl --endpoints=192.168.1.41:2379 snapshot save node-etcd02.db
[root@node-etcd01 ~]# etcdctl --endpoints=192.168.1.42:2379 snapshot save node-etcd03.db
[root@node-etcd01 ~]# ls -al |grep node
[root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node-etcd01:2380 endpoint status [root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node-etcd02:2380 endpoint status [root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node-etcd03:2380 endpoint status
[root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=192.168.1.40:2380 snapshot status node-etcd01.db [root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=192.168.1.40:2380 snapshot status node-etcd02.db [root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=192.168.1.40:2380 snapshot status node-etcd03.db
[root@node-etcd01 ~]# etcdutl snapshot status node-etcd01.db 7a62a45b, 2, 9, 20 kB [root@node-etcd01 ~]# etcdutl snapshot status node-etcd02.db 7a62a45b, 2, 9, 20 kB [root@node-etcd01 ~]# etcdutl snapshot status node-etcd03.db 7a62a45b, 2, 9, 20 kB
Change « leader» des membres (node01)
[root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node01-psql:2380 endpoint status [root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node02-psql:2380 endpoint status [root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node03-psql:2380 endpoint status
Change le leader du node01 vers le node02 (node01)
[root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node-etcd02:2380 endpoint status [root@node-etcd01 ~]# etcdctl --endpoints=node-etcd01:2380 move-leader a782ed7d378b33b3
Check nouveau leader node-etcd02 (node01)
[root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node-etcd01:2380 endpoint status [root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node-etcd02:2380 endpoint status [root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node-etcd03:2380 endpoint status
[root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node-etcd01:2380,node-etcd02:2380,node-etcd03:2380 endpoint status
Check Ecriture/Lecture de données (node01)
Ecriture d’un texte (data)
[root@node-etcd01 ~]# etcdctl --endpoints=node-etcd01:2380,node-etcd02:2380,node-etcd03:2380 put msg "Christian - Cluster ETCD" OK
[root@node-etcd01 ~]# etcdctl --write-out=table --endpoints=node-etcd01:2380,node-etcd02:2380,node-etcd03:2380 endpoint status
Lecture du texte (data)
[root@node-etcd01 ~]# etcdctl --endpoints=node-etcd01:2380,node-etcd02:2380,node-etcd03:2380 get msg
[root@node-etcd02 ~]# etcdctl --endpoints=node-etcd01:2380,node-etcd02:2380,node-etcd03:2380 get msg
[root@node-etcd03 ~]# etcdctl --endpoints=node-etcd01:2380,node-etcd02:2380,node-etcd03:2380 get msg
Effacement du texte (data)
[root@node-etcd03 ~]# etcdctl --endpoints=node-etcd01:2380,node-etcd02:2380,node-etcd03:2380 del msg 1
[root@node-etcd03 ~]# etcdctl --endpoints=node-etcd01:2380,node-etcd02:2380,node-etcd03:2380 get msg
Views: 4