kubernetes etcd 节点扩容

@Jestin  June 24, 2022

kubernetes etcd 节点扩容

需要原ca证书、ca配置文件
ca.pem ca-key.pem ca-config

修改证书配置文件
etcd-peer-req-csr.json
hosts字段中添加节点ip和主机名

生成peer证书
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config -profile=peer etcd-peer-req-csr.json | cfssljson -bare peer

生成client证书
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config -profile=client etcd-client-req-csr.json | cfssljson -bare client

把证书cp到新节点 /data/s/services/etcd/etcd_2381/cert
ca-key.pem
ca.pem
client-key.pem
client.pem
peer-key.pem
peer.pem

修改新节点etcd.conf配置文件
name
listen-peer-urls
listen-client-urls
initial-cluster
initial-cluster-state: 'existing'

添加新节点
/data/s/services/etcd/etcd_2381/bin/etcdctl --endpoints="https://dayu01v.ops.shjt2.qianxin-inc.cn:2381" --cacert=/data/s/services/etcd/etcd_2381/cert/ca.pem --cert=/data/s/services/etcd/etcd_2381/cert/peer.pem --key=/data/s/services/etcd/etcd_2381/cert/peer-key.pem member add dayu02v.ops.shjt2.qianxin-inc.cn --peer-urls="https://dayu02v.ops.shjt2.qianxin-inc.cn:2382"

启动新节点



添加新评论