hnakamur/etcd-config-memo.md

## etcd-config-memo.md

      
    Raw
  

              etcd-config-memo.md
            
          
    etcd01:/etc/etcd/etcd.yaml
debug: true
name: etcd01
data-dir: /var/lib/etcd
initial-advertise-peer-urls: https://10.155.92.228:2380
listen-peer-urls: https://10.155.92.228:2380
advertise-client-urls: https://10.155.92.228:2379
listen-client-urls: https://10.155.92.228:2379
#discovery: https://10.155.92.228/v2/keys/discovery/6c90d140b3a449f0a0aac72767679d35
initial-cluster-token: etcd-cluster-1
initial-cluster: etcd01=https://10.155.92.228:2380,etcd02=https://10.155.92.232:2380,etcd03=https://10.155.92.211:2380
initial-cluster-state: new
client-transport-security:
  client-cert-auth: false
  ca-file: /usr/local/etc/etcd/ca.pem
  cert-file: /usr/local/etc/etcd/etcd01-peer.pem
  key-file: /usr/local/etc/etcd/etcd01-peer-key.pem
peer-transport-security:
  client-cert-auth: true
  ca-file: /usr/local/etc/etcd/ca.pem
  cert-file: /usr/local/etc/etcd/etcd01-peer.pem
  key-file: /usr/local/etc/etcd/etcd01-peer-key.pem

gen-certs.sh
echo '{"CN":"etcd01","hosts":[""],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server -hostname="10.155.92.228" - | cfssljson -bare etcd01-server
echo '{"CN":"etcd02","hosts":[""],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server -hostname="10.155.92.232" - | cfssljson -bare etcd02-server
echo '{"CN":"etcd03","hosts":[""],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server -hostname="10.155.92.211" - | cfssljson -bare etcd03-server

[root@etcd01 ~]# etcd --version
etcd Version: 3.2.0-rc.1
Git SHA: 9d7ed0e
Go Version: go1.8.3
Go OS/Arch: linux/amd64

/usr/lib/systemd/system/etcd.service
[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target

[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
User=etcd
ExecStart=/usr/bin/etcd --config-file=/etc/etcd/etcd.yml
Restart=on-failure
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target