Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
etcd v3の設定メモ

etcd01:/etc/etcd/etcd.yaml

debug: true
name: etcd01
data-dir: /var/lib/etcd
initial-advertise-peer-urls: https://10.155.92.228:2380
listen-peer-urls: https://10.155.92.228:2380
advertise-client-urls: https://10.155.92.228:2379
listen-client-urls: https://10.155.92.228:2379
#discovery: https://10.155.92.228/v2/keys/discovery/6c90d140b3a449f0a0aac72767679d35
initial-cluster-token: etcd-cluster-1
initial-cluster: etcd01=https://10.155.92.228:2380,etcd02=https://10.155.92.232:2380,etcd03=https://10.155.92.211:2380
initial-cluster-state: new
client-transport-security:
  client-cert-auth: false
  ca-file: /usr/local/etc/etcd/ca.pem
  cert-file: /usr/local/etc/etcd/etcd01-peer.pem
  key-file: /usr/local/etc/etcd/etcd01-peer-key.pem
peer-transport-security:
  client-cert-auth: true
  ca-file: /usr/local/etc/etcd/ca.pem
  cert-file: /usr/local/etc/etcd/etcd01-peer.pem
  key-file: /usr/local/etc/etcd/etcd01-peer-key.pem

gen-certs.sh

echo '{"CN":"etcd01","hosts":[""],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server -hostname="10.155.92.228" - | cfssljson -bare etcd01-server
echo '{"CN":"etcd02","hosts":[""],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server -hostname="10.155.92.232" - | cfssljson -bare etcd02-server
echo '{"CN":"etcd03","hosts":[""],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server -hostname="10.155.92.211" - | cfssljson -bare etcd03-server
[root@etcd01 ~]# etcd --version
etcd Version: 3.2.0-rc.1
Git SHA: 9d7ed0e
Go Version: go1.8.3
Go OS/Arch: linux/amd64

/usr/lib/systemd/system/etcd.service

[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target

[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
User=etcd
ExecStart=/usr/bin/etcd --config-file=/etc/etcd/etcd.yml
Restart=on-failure
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target
@hnakamur

This comment has been minimized.

Copy link
Owner Author

commented Jul 3, 2017

試行錯誤してこれでとりあえず動きましたが、これが正しいのかは不明です。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.