helm repo add bitnami https://charts.bitnami.com/bitnami

带快照安装

helm install new-release bitnami/etcd \
  --set statefulset.replicaCount=3 \
  --set persistence.enabled=true \
  --set persistence.size=8Gi \
  --set startFromSnapshot.enabled=true \
  --set startFromSnapshot.existingClaim=my-claim \
  --set startFromSnapshot.snapshotFilename=my-snapshot.db

简单安装

helm install etcd bitnami/etcd \
  --set replicaCount=3 \
  --set persistence.enabled=true \
  --set global.storageClass=rook-ceph-block \
  --set persistence.size=2Gi \
  --set service.type=NodePort

或者自定义安装

helm pull  bitnami/etcd --untar
vim values.yaml 添加更多参数
运行
[root@node60 es]# helm install etcd etcd/
NAME: etcd
LAST DEPLOYED: Mon Dec  6 00:07:50 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: etcd
CHART VERSION: 6.10.4
APP VERSION: 3.5.1

** Please be patient while the chart is being deployed **

etcd can be accessed via port 2379 on the following DNS name from within your cluster:

    etcd.default.svc.cluster.local

To create a pod that you can use as a etcd client run the following command:

    kubectl run etcd-client --restart='Never' --image marketplace.azurecr.io/bitnami/etcd:3.5.1-debian-10-r31 --env ROOT_PASSWORD=$(kubectl get secret --namespace default etcd -o jsonpath="{.data.etcd-root-password}" | base64 --decode) --env ETCDCTL_ENDPOINTS="etcd.default.svc.cluster.local:2379" --namespace default --command -- sleep infinity

Then, you can set/get a key using the commands below:

    kubectl exec --namespace default -it etcd-client -- bash
    etcdctl --user root:$ROOT_PASSWORD put /message Hello
    etcdctl --user root:$ROOT_PASSWORD get /message

To connect to your etcd server from outside the cluster execute the following commands:

    kubectl port-forward --namespace default svc/etcd 2379:2379 &
    echo "etcd URL: http://127.0.0.1:2379"

 * As rbac is enabled you should add the flag `--user root:$ETCD_ROOT_PASSWORD` to the etcdctl commands. Use the command below to export the password:

    export ETCD_ROOT_PASSWORD=$(kubectl get secret --namespace default etcd -o jsonpath="{.data.etcd-root-password}" | base64 --decode)
测试
I have no name!@etcd-client:/opt/bitnami/etcd$ etcdctl --user root:$ROOT_PASSWORD get /message
/message
Hello

I have no name!@etcd-client:/opt/bitnami/etcd$  etcdctl --user root:$ROOT_PASSWORD put /message jb 
#####################
I have no name!@etcd-client:/opt/bitnami/etcd$ etcdctl --user root:$ROOT_PASSWORD get /message jb
/message
jb
cli客户端测试
### 获取密码
kubectl get secret --namespace default etcd -o jsonpath="{.data.etcd-root-password}" | base64 -d

[root@node60 etcd-v3.5.1-linux-amd64]# kubectl get svc | grep etcd
etcd            NodePort    10.111.45.140   <none>        2379:40488/TCP,2380:60630/TCP   7h14m
etcd-headless   ClusterIP   None            <none>        2379/TCP,2380/TCP               7h14m


[root@node60 etcd-v3.5.1-linux-amd64]# ./etcdctl --user root:siXyhmEXLl --endpoints="http://192.168.8.62:40488" member list -w table
+------------------+---------+--------+------------------------------------------------------------+-------------------------------------------------------------------------------------------------------+------------+
|        ID        | STATUS  |  NAME  |                         PEER ADDRS                         |                                             CLIENT ADDRS                                              | IS LEARNER |
+------------------+---------+--------+------------------------------------------------------------+-------------------------------------------------------------------------------------------------------+------------+
| 45a18acb10aa275e | started | etcd-2 | http://etcd-2.etcd-headless.default.svc.cluster.local:2380 | http://etcd-2.etcd-headless.default.svc.cluster.local:2379,http://etcd.default.svc.cluster.local:2379 |      false |
| 936ce633ac273d75 | started | etcd-1 | http://etcd-1.etcd-headless.default.svc.cluster.local:2380 | http://etcd-1.etcd-headless.default.svc.cluster.local:2379,http://etcd.default.svc.cluster.local:2379 |      false |
| df3b2df95cd5fd29 | started | etcd-0 | http://etcd-0.etcd-headless.default.svc.cluster.local:2380 | http://etcd-0.etcd-headless.default.svc.cluster.local:2379,http://etcd.default.svc.cluster.local:2379 |      false |
+------------------+---------+--------+------------------------------------------------------------+-------------------------------------------------------------------------------------------------------+------------+
[root@node60 etcd-v3.5.1-linux-amd64]#  ./etcdctl --user root:siXyhmEXLl --endpoints="http://192.168.8.62:40488" member list
45a18acb10aa275e, started, etcd-2, http://etcd-2.etcd-headless.default.svc.cluster.local:2380, http://etcd-2.etcd-headless.default.svc.cluster.local:2379,http://etcd.default.svc.cluster.local:2379, false
936ce633ac273d75, started, etcd-1, http://etcd-1.etcd-headless.default.svc.cluster.local:2380, http://etcd-1.etcd-headless.default.svc.cluster.local:2379,http://etcd.default.svc.cluster.local:2379, false
df3b2df95cd5fd29, started, etcd-0, http://etcd-0.etcd-headless.default.svc.cluster.local:2380, http://etcd-0.etcd-headless.default.svc.cluster.local:2379,http://etcd.default.svc.cluster.local:2379, false


[root@node60 etcd-v3.5.1-linux-amd64]# ./etcdctl --user root:siXyhmEXLl --endpoints="http://192.168.8.62:40488" get / --prefix=true --keys-only
/message

再推荐一个etcd客户端

官网
https://etcdmanager.io/
//下载链接
https://github.com/gtamas/etcdmanager/releases/download/1.2.0/etcd-manager-1.2.0-osx.dmg

https://github.com/gtamas/etcdmanager/releases/download/1.2.0/etcd-manager-1.2.0-win64.exe

在这里插入图片描述

在这里插入图片描述

ETCD 3.5.3版启用ssl
https://docs.bitnami.com/kubernetes/infrastructure/etcd/administration/enable-security/
https://artifacthub.io/packages/helm/bitnami/etcd

helm install my-etcd \
 --set persistence.storageClass=openebs-hostpath \
 --set replicaCount=3 \
 --set persistence.size=1Gi \
 --set auth.rbac.enabled=true \
 --set auth.rbac.rootPassword="123qweasd" \
 --set auth.client.secureTransport=true \
 --set auth.client.useAutoTLS=true \
 --set auth.client.caFilename="ca.pem" \
 --set auth.client.existingSecret="etcd-client-certs" \
 --set auth.peer.secureTransport=true \
 --set auth.peer.useAutoTLS=true \
 --set auth.peer.caFilename="ca.pem" \
 --set resources.limits.cpu=2 \
 --set resources.requests.cpu=300m \
 --set resources.limits.memory=1000Mi \
 --set resources.requests.memory=156Mi \
  bitnami/etcd --version 8.0.1
# etcd # 数据库 # database
Logo
K8S/Kubernetes

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐

【深度】阿里巴巴万级规模 K8s 集群全局高可用体系之美

作者 |  韩堂、柘远、沉醉来源 | 阿里巴巴云原生公众号​前言台湾作家林清玄在接受记者采访的时候,如此评价自己 30 多年写作生涯:“第一个十年我才华横溢,‘贼光闪现’,令周边黯然失色;第二个十年,我终于‘宝光现形’,不再去抢风头,反而与身边的美丽相得益彰;进入第三个十年,繁华落尽见真醇,我进入了‘醇光初现’的阶段,真正体味到了境界之美”。​长夜有穷,真水无香。领略过了 K8s“身在江

avatar K8S/Kubernetes

如何基于 K8s 构建下一代 DevOps 平台?

作者 | 孙健波(天元)导读:当前云原生 DevOps 体系现状如何?面临哪些挑战?如何通过 OAM 解决云原生 DevOps 场景下的诸多问题?云原生开发应用模型 OAM(Open Application Model) 社区核心成员孙健波将为大家一一解答,并分享如何基于 OAM 和 Kubernetes 打造无限能力的下一代 DevOps 平台。什么是 DevOps?为什么基于 Kub

avatar K8S/Kubernetes

k8s 火了!

2020,上云之年,产品云端化成为一种趋势。在一线城市,很多公司都已经构建了自己的私有云环境,比如阿里云、网易云、华为云等。而Kubernetes 作为基于容器编排领域的王者,具备扩展...

avatar K8S/Kubernetes