etcd二进制部署流程:
1、下载二进制包
2、准备https证书
3、准备配置文件,不同节点名称\ip地址
4、systemd管理服务
5、启动并设置开机启动
[root@k8s-master2 ~]# mkdir ansible-etcd-cluster-deploy
[root@k8s-master2 ~]# cd ansible-etcd-cluster-deploy/
[root@k8s-master2 ansible-etcd-cluster-deploy]# mkdir files
[root@k8s-master2 ansible-etcd-cluster-deploy]# mkdir tls
[root@k8s-master2 ansible-etcd-cluster-deploy]# ll
总用量 0
drwxr-xr-x 2 root root 6 12月 20 21:18 files
drwxr-xr-x 2 root root 6 12月 20 21:19 tls
[root@k8s-master2 ansible-etcd-cluster-deploy]# cd tls/
[root@k8s-master2 tls]# ll
总用量 5732
-rw-r--r-- 1 root root 287 2月 20 2020 ca-config.json.j2
-rw-r--r-- 1 root root 209 2月 20 2020 ca-csr.json.j2
-rw-r--r-- 1 root root 5850685 11月 25 2019 cfssl.tar.gz
-rw-r--r-- 1 root root 517 3月 19 2020 generate_etcd_cert.sh
-rw-r--r-- 1 root root 499 3月 9 2020 server-csr.json.j2
[root@k8s-master2 tls]# mkdir cert
[root@k8s-master2 tls]# ls
ca-config.json.j2 ca-csr.json.j2 cert cfssl.tar.gz generate_etcd_cert.sh server-csr.json.j2
[root@k8s-master2 tls]# cd cert/
[root@k8s-master2 cert]# pwd
/root/ansible-etcd-cluster-deploy/tls/cert
[root@k8s-master2 ansible-etcd-cluster-deploy]# vim tls.yaml
[root@k8s-master2 ansible-etcd-cluster-deploy]# ll
总用量 0
drwxr-xr-x 2 root root 6 12月 20 21:18 files
drwxr-xr-x 3 root root 140 12月 20 22:03 tls
-rw-r--r-- 1 root root 0 12月 20 22:07 tls.yaml
[root@k8s-master2 ansible-etcd-cluster-deploy]# vim hosts
[root@k8s-master2 ansible-etcd-cluster-deploy]# more hosts 本地执行,自己指定host
[etcd]
192.168.20.41
192.168.20.42
192.168.20.43
[root@k8s-master2 ansible-etcd-cluster-deploy]#
[root@k8s-master2 ansible-etcd-cluster-deploy]# ansible-playbook -i hosts tls.yaml
[root@k8s-master2 ansible-etcd-cluster-deploy]# cd tls
[root@k8s-master2 tls]# ls
ca-config.json.j2 ca-csr.json.j2 cert cfssl.tar.gz generate_etcd_cert.sh server-csr.json.j2
[root@k8s-master2 tls]# mv ca-config.json.j2 cert/ca-config.json
[root@k8s-master2 tls]# mv ca-csr.json.j2 cert/ca-csr.json
[root@k8s-master2 tls]# cp server-csr.json.j2 cert/
root@k8s-master2 ansible-etcd-cluster-deploy]# ansible-playbook -i hosts tls.yaml
查看证书是否生成
[root@k8s-master2 ansible-etcd-cluster-deploy]# ls tls/cert/
ca-config.json ca.csr ca-csr.json ca-key.pem ca.pem server.csr server-csr.json server-key.pem server.pem
查看是否渲染成功有host的IP
二、配置etcd.yaml
root@k8s-master2 ansible-etcd-cluster-deploy]# ansible-playbook etcd.yaml