Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
etcd v3の設定メモ

etcd01:/etc/etcd/etcd.yaml

debug: true
name: etcd01
data-dir: /var/lib/etcd
initial-advertise-peer-urls: https://10.155.92.228:2380
listen-peer-urls: https://10.155.92.228:2380
advertise-client-urls: https://10.155.92.228:2379
listen-client-urls: https://10.155.92.228:2379
#discovery: https://10.155.92.228/v2/keys/discovery/6c90d140b3a449f0a0aac72767679d35
initial-cluster-token: etcd-cluster-1
initial-cluster: etcd01=https://10.155.92.228:2380,etcd02=https://10.155.92.232:2380,etcd03=https://10.155.92.211:2380
initial-cluster-state: new
client-transport-security:
  client-cert-auth: false
  ca-file: /usr/local/etc/etcd/ca.pem
  cert-file: /usr/local/etc/etcd/etcd01-peer.pem
  key-file: /usr/local/etc/etcd/etcd01-peer-key.pem
peer-transport-security:
  client-cert-auth: true
  ca-file: /usr/local/etc/etcd/ca.pem
  cert-file: /usr/local/etc/etcd/etcd01-peer.pem
  key-file: /usr/local/etc/etcd/etcd01-peer-key.pem

gen-certs.sh

echo '{"CN":"etcd01","hosts":[""],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server -hostname="10.155.92.228" - | cfssljson -bare etcd01-server
echo '{"CN":"etcd02","hosts":[""],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server -hostname="10.155.92.232" - | cfssljson -bare etcd02-server
echo '{"CN":"etcd03","hosts":[""],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server -hostname="10.155.92.211" - | cfssljson -bare etcd03-server
[root@etcd01 ~]# etcd --version
etcd Version: 3.2.0-rc.1
Git SHA: 9d7ed0e
Go Version: go1.8.3
Go OS/Arch: linux/amd64

/usr/lib/systemd/system/etcd.service

[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target

[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
User=etcd
ExecStart=/usr/bin/etcd --config-file=/etc/etcd/etcd.yml
Restart=on-failure
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target
@hnakamur

This comment has been minimized.

Copy link
Owner Author

@hnakamur hnakamur commented Jul 3, 2017

試行錯誤してこれでとりあえず動きましたが、これが正しいのかは不明です。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment