etcd安裝和簡單使用

etcd作為一個高可用強一致性的服務發現存儲倉庫，在Kubernetes等開源項目中用的很多，這里簡單記錄下安裝和常用命令以及api

安裝

安裝包可以從 https://github.com/etcd-io/etcd/releases 選擇對應的版本和架構，下載后解壓即可，里面有安裝包和相關文檔，安裝和使用其實都可以看這些文檔。

為了方便管理弄成了服務，加了一個etcd.service文件

[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target

[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
EnvironmentFile=-/etc/etcd/etcd.conf
User=etcd

# set GOMAXPROCS to number of processors
ExecStart=/bin/bash -c "GOMAXPROCS=$(nproc) /usr/bin/etcd --name=\"${ETCD_NAME}\" --data-dir=\"${ETCD_DATA_DIR}\" --listen-client-urls=\"${ETCD_LISTEN_CLIENT_URLS}\" --listen-peer-urls=\"${ETCD_LISTEN_PEER_URLS}\" --advertise-client-urls=\"${ETCD_ADVERTISE_CLIENT_URLS}\" --initial-advertise-peer-urls=\"${ETCD_INITIAL_ADVERTISE_PEER_URLS}\" --initial-cluster=\"${ETCD_INITIAL_CLUSTER}\" --initial-cluster-state=\"${ETCD_INITIAL_CLUSTER_STATE}\""
Restart=on-failure
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target

 

etcd.conf配置文件類似下面這樣，每個節點只要修改name和ip就可以，其他的不用動，ETCD_INITIAL_CLUSTER_TOKEN同一各集群值一樣，不同集群不能重復。

## 配置文件每個節點只要修改name和ip地址即可
#[Member]
ETCD_NAME=node1 ETCD_DATA_DIR=/var/lib/etcd/data ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380 ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379  #[cluster] ETCD_INITIAL_ADVERTISE_PEER_URLS=http://192.168.19.136:2380 ETCD_ADVERTISE_CLIENT_URLS=http://192.168.19.136:2379 ETCD_INITIAL_CLUSTER=node1=http://192.168.19.136:2380,node2=http://192.168.19.137:2380,node3=http://192.168.19.138:2380 ETCD_INITIAL_CLUSTER_STATE=new #創建集群的 token，這個值每個集群保持唯一 ETCD_INITIAL_CLUSTER_TOKEN=etcd-1

 

 

安裝方式都差不多，放個例子，都差不多，配置文件那部分自己根據實際情況處理就行了。

## 創建用戶和用戶組
groupadd etcd;
useradd -c "Etcd user" -g etcd -s /sbin/nologin -r etcd;
service firewalld stop;

## 創建安裝文件夾
mkdir -p /usr/bin/etcd3.3.13/;
mkdir -p /etc/etcd/;
mkdir -p /var/lib/etcd/data;

## 將文件etcd.service、etcd、etcdctl、etcd.conf上傳到/usr/bin/etcd3.3.13/
chmod +x /usr/bin/etcd3.3.13/*;

mv /usr/bin/etcd3.3.13/etcd.service /usr/lib/systemd/system/;
mv /usr/bin/etcd3.3.13/etcd /usr/bin/;
mv /usr/bin/etcd3.3.13/etcdctl /usr/bin/;

## 每個節點配置文件ip地址不一樣
mv /usr/bin/etcd3.3.13/etcd1.conf /etc/etcd/etcd.conf;
mv /usr/bin/etcd3.3.13/etcd2.conf /etc/etcd/etcd.conf;
mv /usr/bin/etcd3.3.13/etcd3.conf /etc/etcd/etcd.conf;

echo 'export ETCDCTL_API=3' >> /etc/profile
source /etc/profile

chown etcd:etcd -R /var/lib/etcd/data /etc/etcd*;
systemctl enable etcd.service;
systemctl start etcd.service;

 

后台命令

etcd命令可以通過etcdctl來執行，具體命令可以查看官方文檔，或者 etcdctl -h 來查看。

[root@nmgecqud-etcd-pufthgqf ~]# etcdctl -h
NAME:
    etcdctl - A simple command line client for etcd3.

USAGE:
    etcdctl

VERSION:
    3.3.13

API VERSION:
    3.3


COMMANDS:
    get            Gets the key or a range of keys
    put            Puts the given key into the store
    del            Removes the specified key or range of keys [key, range_end)
    txn            Txn processes all the requests in one transaction
    compaction        Compacts the event history in etcd
    alarm disarm        Disarms all alarms
    alarm list        Lists all alarms
    defrag            Defragments the storage of the etcd members with given endpoints
    endpoint health        Checks the healthiness of endpoints specified in `--endpoints` flag
    endpoint status        Prints out the status of endpoints specified in `--endpoints` flag
    endpoint hashkv        Prints the KV history hash for each endpoint in --endpoints
    move-leader        Transfers leadership to another etcd cluster member.
    watch            Watches events stream on keys or prefixes
    version            Prints the version of etcdctl
    lease grant        Creates leases
    lease revoke        Revokes leases
    lease timetolive    Get lease information
    lease list        List all active leases
    lease keep-alive    Keeps leases alive (renew)
    member add        Adds a member into the cluster
    member remove        Removes a member from the cluster
    member update        Updates a member in the cluster
    member list        Lists all members in the cluster
    snapshot save        Stores an etcd node backend snapshot to a given file
    snapshot restore    Restores an etcd member snapshot to an etcd directory
    snapshot status        Gets backend snapshot status of a given file
    make-mirror        Makes a mirror at the destination etcd cluster
    migrate            Migrates keys in a v2 store to a mvcc store
    lock            Acquires a named lock
    elect            Observes and participates in leader election
    auth enable        Enables authentication
    auth disable        Disables authentication
    user add        Adds a new user
    user delete        Deletes a user
    user get        Gets detailed information of a user
    user list        Lists all users
    user passwd        Changes password of user
    user grant-role        Grants a role to a user
    user revoke-role    Revokes a role from a user
    role add        Adds a new role
    role delete        Deletes a role
    role get        Gets detailed information of a role
    role list        Lists all roles
    role grant-permission    Grants a key to a role
    role revoke-permission    Revokes a key from a role
    check perf        Check the performance of the etcd cluster
    help            Help about any command

OPTIONS:
      --cacert=""                verify certificates of TLS-enabled secure servers using this CA bundle
      --cert=""                    identify secure client using this TLS certificate file
      --command-timeout=5s            timeout for short running command (excluding dial timeout)
      --debug[=false]                enable client-side debug logging
      --dial-timeout=2s                dial timeout for client connections
  -d, --discovery-srv=""            domain name to query for SRV records describing cluster endpoints
      --endpoints=[127.0.0.1:2379]        gRPC endpoints
      --hex[=false]                print byte strings as hex encoded strings
      --insecure-discovery[=true]        accept insecure SRV records describing cluster endpoints
      --insecure-skip-tls-verify[=false]    skip server certificate verification
      --insecure-transport[=true]        disable transport security for client connections
      --keepalive-time=2s            keepalive time for client connections
      --keepalive-timeout=6s            keepalive timeout for client connections
      --key=""                    identify secure client using this TLS key file
      --user=""                    username[:password] for authentication (prompt if password is not supplied)
  -w, --write-out="simple"            set the output format (fields, json, protobuf, simple, table)

 

上面講全部命令列出來了，下面簡單列幾個測試集群是否可用的命令

查看版本

[root@nmgecqud-etcd-pufthgqf ~]# etcdctl version
etcdctl version: 3.3.13
API version: 3.3

查看集群狀態和節點

[root@nmgecqud-etcd-pufthgqf ~]# etcdctl member list
1804fe6aa6e0806f, started, nmgecqud-etcd-iqqn6mxj, http://10.110.30.213:2380, http://10.110.30.213:2379
5dfebcf67955db33, started, nmgecqud-etcd-u1qyxszm, http://10.110.30.210:2380, http://10.110.30.210:2379
745835aca4e59e07, started, nmgecqud-etcd-pufthgqf, http://10.110.30.212:2380, http://10.110.30.212:2379

 

插入一條數據

  [root@nmgecqud-etcd-pufthgqf ~]# etcdctl put foo bar
  OK

根據key查詢數據

  [root@nmgecqud-etcd-pufthgqf ~]# etcdctl get foo
  foo
  bar

刪除一條數據

  [root@nmgecqud-etcd-pufthgqf ~]# etcdctl del foo1
  1

  查詢全部的key

[root@wwjaen60-etcd-sefgxiui opt]# etcdctl --prefix --keys-only=true get ""
/test/zyh

/zyh/fooa

foo

fooa

 

也支持通過restAPI來操作，可以測試從集群外訪問是否正常，例如下面幾個

查看版本get：http://10.110.30.183:2379/version
插入一個鍵值對put: http://10.110.30.183:2379/v2/keys/foo?value=bar
查詢一個鍵get: http://10.110.30.179:2379/v2/keys/foo
查看集群的狀態get：http://10.110.30.183:2379/v2/stats/store

查看全部鍵值get：http://10.110.30.183:2379/v2/keys