etcd二进制部署流程：

1、下载二进制包

2、准备https证书

3、准备配置文件，不同节点名称\ip地址

4、systemd管理服务

5、启动并设置开机启动

 

[root@k8s-master2 ~]# mkdir ansible-etcd-cluster-deploy

[root@k8s-master2 ~]# cd ansible-etcd-cluster-deploy/

[root@k8s-master2 ansible-etcd-cluster-deploy]# mkdir files

[root@k8s-master2 ansible-etcd-cluster-deploy]# mkdir tls

[root@k8s-master2 ansible-etcd-cluster-deploy]# ll

总用量 0

drwxr-xr-x 2 root root 6 12月 20 21:18 files

drwxr-xr-x 2 root root 6 12月 20 21:19 tls

[root@k8s-master2 ansible-etcd-cluster-deploy]# cd tls/

[root@k8s-master2 tls]# ll

总用量 5732

-rw-r--r-- 1 root root     287 2月  20 2020 ca-config.json.j2

-rw-r--r-- 1 root root     209 2月  20 2020 ca-csr.json.j2

-rw-r--r-- 1 root root 5850685 11月 25 2019 cfssl.tar.gz

-rw-r--r-- 1 root root     517 3月  19 2020 generate_etcd_cert.sh

-rw-r--r-- 1 root root     499 3月   9 2020 server-csr.json.j2

 

[root@k8s-master2 tls]# mkdir cert

[root@k8s-master2 tls]# ls

ca-config.json.j2  ca-csr.json.j2  cert  cfssl.tar.gz  generate_etcd_cert.sh  server-csr.json.j2

[root@k8s-master2 tls]# cd cert/

[root@k8s-master2 cert]# pwd

/root/ansible-etcd-cluster-deploy/tls/cert

 

[root@k8s-master2 ansible-etcd-cluster-deploy]# vim tls.yaml

[root@k8s-master2 ansible-etcd-cluster-deploy]# ll

总用量 0

drwxr-xr-x 2 root root   6 12月 20 21:18 files

drwxr-xr-x 3 root root 140 12月 20 22:03 tls

-rw-r--r-- 1 root root   0 12月 20 22:07 tls.yaml

[root@k8s-master2 ansible-etcd-cluster-deploy]# vim hosts

[root@k8s-master2 ansible-etcd-cluster-deploy]# more hosts 本地执行，自己指定host

[etcd]

192.168.20.41

192.168.20.42

192.168.20.43

[root@k8s-master2 ansible-etcd-cluster-deploy]#

[root@k8s-master2 ansible-etcd-cluster-deploy]# ansible-playbook  -i hosts tls.yaml

[root@k8s-master2 ansible-etcd-cluster-deploy]# cd tls

[root@k8s-master2 tls]# ls

ca-config.json.j2  ca-csr.json.j2  cert  cfssl.tar.gz  generate_etcd_cert.sh  server-csr.json.j2

[root@k8s-master2 tls]# mv ca-config.json.j2 cert/ca-config.json

[root@k8s-master2 tls]# mv ca-csr.json.j2 cert/ca-csr.json

[root@k8s-master2 tls]# cp server-csr.json.j2 cert/

root@k8s-master2 ansible-etcd-cluster-deploy]# ansible-playbook  -i hosts tls.yaml

查看证书是否生成

[root@k8s-master2 ansible-etcd-cluster-deploy]# ls tls/cert/

ca-config.json  ca.csr  ca-csr.json  ca-key.pem  ca.pem  server.csr  server-csr.json  server-key.pem  server.pem

查看是否渲染成功有host的IP

二、配置etcd.yaml

root@k8s-master2 ansible-etcd-cluster-deploy]# ansible-playbook  etcd.yaml