上一篇进行了手动安装etcd集群,此篇利用自动化工具ansible为三个节点构建etcd集群
环境:
master:192.168.101.14,node1:192.168.101.15,node2:192.168.101.19
1、首先查看该role(etcd集群)的目录树结构:
[iyunv@master ansible]# tree
.
├── ansible.cfg
├── hosts
├── roles
│ └── etcd
│ ├── files
│ │ ├── etcd
│ │ └── etcdctl
│ ├── handlers
│ ├── meta
│ ├── tasks
│ │ └── main.yaml
│ ├── templates
│ │ └── etcd.service.j2
│ └── vars
└── work_dir
├── install_etcd_cluster.retry
└── install_etcd_cluster.yaml
首先在hosts文件中定义节点:
[iyunv@master ansible]# egrep -v "^#|^$" hosts
[etcd_cluster]
192.168.101.14
192.168.101.15
192.168.101.19
在roles目录下面创建了etcd这个角色,角色目录下面为个节点提供了命令文件etcd、etcdctl,然后查看tasks下面的main.yaml:
[iyunv@master ansible]# cat roles/etcd/tasks/main.yaml
- name: copy etcd to nodes copy:
src: ..
/files/etcd dest:
/usr/local/bin/etcd mode:
0750
- name: copy etcdctl to nodes
copy:
src: ../files/etcdctl
dest: /usr/local/bin/etcdctl
mode: 0750
- name: create data directory for etcd
file:
path: /var/lib/etcd
state: directory
- name: provide etcd.service to nodes
template:
src: etcd.service.j2
dest: /usr/lib/systemd/system/etcd.service
register: result
- name: start etcd service
systemd:
daemon_reload: true
name: etcd
state: started
enabled: true
when: result|success
前面三个任务是copy命令文件到各节点,和在各节点上创建数据目录,在下面的任务中定义了template,首先查看template下面的j2文件:
[iyunv@master ansible]# cat roles/etcd/templates/etcd.service.j2
[Unit]
Description
=etcd server
After
=network.target
After
=network-online.target
Wants
=network-online.target
[Service]
Type
=notify
WorkingDirectory
=/var/lib/etcd/
EnvironmentFile
=-/etc/etcd/etcd.conf
ExecStart
=/usr/local/bin/etcd --name {{ ansible_hostname }} --initial-advertise-peer-urls http://{{ ansible_ens33.ipv4.address }}:2380 --listen-peer-urls http://{{ ansible_ens33.ipv4.address }}:2380 --listen-client-urls http://{{ ansible_ens33.ipv4.address }}:2379,http://127.0.0.1:2379 --advertise-client-urls http://{{ ansible_ens33.ipv4.address }}:2379 --initial-cluster-token etcd-cluster-1 --initial-cluster master=http://192.168.101.14:2380,node1=http://192.168.101.15:2380,node2=http://192.168.101.19:2380 --initial-cluster-state new --data-dir=/var/lib/etcd
Restart=on-failure
RestartSec=5
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
可以看见上面的j2文件里面运用了变量{{ ansible_hostname }}和{{ ansible_ens33.ipv4.address }},这两个变量可以根据模块setup进行获得(获取各节点的hostname和ip地址)
在运用了template模板下面,在j2文件中定义了变量,于是ansible将该j2文件分发给各节点上,然后各节点根据自己的hostname和ip进行相应修改,于是创建的配置文件与自己的hostname和ip是一一对应的
在配置文件中使用变量可以使用template模块,创建对应的j2文件
[iyunv@master ansible]# cat work_dir/install_etcd_cluster.yaml
- hosts: etcd_cluster remote_user: root
roles:
- etcd
[iyunv@master ansible]# ansible-playbook work_dir/install_etcd_cluster.yaml
PLAY [etcd_cluster]
***********************************************************************************************************************************
TASK [Gathering Facts]
********************************************************************************************************************************
ok: [
192.168.101.19]
ok: [
192.168.101.14]
ok: [
192.168.101.15]
TASK [etcd : copy etcd to nodes]
*********************************************************************************************************************
ok: [
192.168.101.15]
ok: [
192.168.101.19]
ok: [
192.168.101.14]
TASK [etcd : copy etcdctl to nodes]
*******************************************************************************************************************
ok: [
192.168.101.15]
ok: [
192.168.101.19]
ok: [
192.168.101.14]
TASK [etcd : create data directory
for etcd] **********************************************************************************************************
ok: [
192.168.101.15]
ok: [
192.168.101.19]
ok: [
192.168.101.14]
TASK [etcd : provide etcd.service to nodes]
***********************************************************************************************************
ok: [
192.168.101.19]
ok: [
192.168.101.15]
ok: [
192.168.101.14]
TASK [etcd : start etcd service]
**********************************************************************************************************************
changed: [
192.168.101.15]
changed: [
192.168.101.19]
changed: [
192.168.101.14]
PLAY RECAP
********************************************************************************************************************************************
192.168.101.14 : ok=6 changed=1 unreachable=0 failed=0
192.168.101.15 : ok=6 changed=1 unreachable=0 failed=0
192.168.101.19 : ok=6 changed=1 unreachable=0 failed=0
执行完成后,在任意节点上查看member列表:
[iyunv@master ~]# etcdctl member list
192d36c71643c39d: name
=node2 peerURLs=http://192.168.101.19:2380 clientURLs=http://192.168.101.19:2379 isLeader=false
5f3835545a5f41e4: name=master peerURLs=http://192.168.101.14:2380 clientURLs=http://192.168.101.14:2379 isLeader=false
77c1ac60c5100363: name=node1 peerURLs=http://192.168.101.15:2380 clientURLs=http://192.168.101.15:2379 isLeader=true
验证集群的监控状态:
[iyunv@master ~]# etcdctl cluster-health
member 192d36c71643c39d is healthy: got healthy result from http:
//192.168.101.19:2379
member 5f3835545a5f41e4 is healthy: got healthy result from http://192.168.101.14:2379
member 77c1ac60c5100363 is healthy: got healthy result from http://192.168.101.15:2379
cluster is healthy
于是etcd集群基于ansible的无TSL认证的搭建成功完成
附上当配置文件change之后触发handler:
[iyunv@master ansible]# cat roles/etcd/handlers/main.yaml
- name: restart etcd systemd:
name: etcd
state: restarted
[iyunv@master ansible]# cat roles/etcd/tasks/main.yaml
- name: copy etcd to nodes copy:
src: ..
/files/etcd dest:
/usr/local/bin/etcd mode:
0750
- name: copy etcdctl to nodes
copy:
src: ../files/etcdctl
dest: /usr/local/bin/etcdctl
mode: 0750
- name: create data directory for etcd
file:
path: /var/lib/etcd
state: directory
- name: provide etcd.service to nodes
template:
src: etcd.service.j2
dest: /usr/lib/systemd/system/etcd.service
register: result
- name: start etcd service
systemd:
daemon_reload: true
name: etcd
state: started
enabled: true
when: result|success
- name: provide configfile changed to etcd
template:
src: etcd.service_https_auto.j2
dest: /usr/lib/systemd/system/etcd.service
notify: restart etcd
改变后的配置文件:
[iyunv@master ansible]# cat roles/etcd/templates/etcd.service_https_auto.j2
[Unit]
Description
=etcd server
After
=network.target
After
=network-online.target
Wants
=network-online.target
[Service]
Type
=notify
WorkingDirectory
=/var/lib/etcd/
EnvironmentFile
=-/etc/etcd/etcd.conf
ExecStart
=/usr/local/bin/etcd --name {{ ansible_hostname }} --auto-tls --peer-auto-tls --initial-advertise-peer-urls https://{{ ansible_ens33.ipv4.address }}:2380 --listen-peer-urls https://{{ ansible_ens33.ipv4.address }}:2380 --listen-client-urls https://{{ ansible_ens33.ipv4.address }}:2379,https://127.0.0.1:2379 --advertise-client-urls https://{{ ansible_ens33.ipv4.address }}:2379 --initial-cluster-token etcd-cluster-1 --initial-cluster master=https://192.168.101.14:2380,node1=https://192.168.101.15:2380,node2=https://192.168.101.19:2380 --initial-cluster-state new --data-dir=/var/lib/etcd
Restart=on-failure
RestartSec=5
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
运维网声明
1、欢迎大家加入本站运维交流群:群②:261659950 群⑤:202807635 群⑦870801961 群⑧679858003
2、本站所有主题由该帖子作者发表,该帖子作者与运维网 享有帖子相关版权
3、所有作品的著作权均归原作者享有,请您和我们一样尊重他人的著作权等合法权益。如果您对作品感到满意,请购买正版
4、禁止制作、复制、发布和传播具有反动、淫秽、色情、暴力、凶杀等内容的信息,一经发现立即删除。若您因此触犯法律,一切后果自负,我们对此不承担任何责任
5、所有资源均系网友上传或者通过网络收集,我们仅提供一个展示、介绍、观摩学习的平台,我们不对其内容的准确性、可靠性、正当性、安全性、合法性等负责,亦不承担任何法律责任
6、所有作品仅供您个人学习、研究或欣赏,不得用于商业或者其他用途,否则,一切后果均由您自己承担,我们对此不承担任何法律责任
7、如涉及侵犯版权等问题,请您及时通知我们,我们将立即采取措施予以解决
8、联系人Email:admin@iyunv.com 网址:www.yunweiku.com