概述
码字不易,转载请附原链,搬砖繁忙回复不及时见谅,技术交流请加QQ群:909211071,或关注公众号:程序猿AirGo
Docker 相关命令
docker常用组合命令和环境搭建_程序猿的世界-CSDN博客
下载安装
$wget https://github.com/etcd-io/etcd/releases/download/v3.5.0/etcd-v3.5.0-linux-amd64.tar.gz
$tar xf etcd-v3.5.0-linux-amd64.tar.gz
$cd etcd-v3.5.0-linux-amd64打包镜像
编写 Dockerfile:
FROM alpine
ADD etcd /usr/local/bin/
ADD etcdctl /usr/local/bin/
ADD etcdutl /usr/local/bin/
RUN mkdir -p /var/etcd/
RUN mkdir -p /var/lib/etcd/
# https://github.com/etcd-io/etcd/blob/main/Dockerfile-release.amd64
RUN echo 'hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4' >> /etc/nsswitch.conf
EXPOSE 2379 2380
CMD ["/usr/local/bin/etcd"]构建镜像:
$docker build -t etcd_v3.5.0 .
$docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
etcd_v3.5.0 latest 1d52ee1d698e About an hour ago 63.2MB
alpine latest 021b3423115f 13 days ago 5.6MB集群容器编排
搭建、配置、运维参考:Operations guide | etcd
使用参考:Developer guide | etcd
编写 docker-compose.yml:
version: "3.7"
services:
etcd0:
image: "etcd_v3.5.0"
container_name: etcd0
ports:
- "23800:2380" #前宿主后容器
- "23790:2379"
environment:
- ALLOW_NONE_AUTHENTICATION=yes
- ETCD_NAME=etcd0
- ETCD_DATA_DIR=/var/etcd/etcd0
- ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380 #集群内节点数据交换监听地址
- ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379 #本节点访问地址
- ETCD_ADVERTISE_CLIENT_URLS=http://192.168.1.105:23790 #通知其他节点,客户端接入本节点的监听地址
- ETCD_INITIAL_ADVERTISE_PEER_URLS=http://etcd0:2380 #通知其他节点与本节点进行数据交换的地址
- ETCD_INITIAL_CLUSTER_TOKEN=etcd-cluster #集群唯一标识
- ETCD_INITIAL_CLUSTER=etcd0=http://etcd0:2380,etcd1=http://etcd1:2380,etcd2=http://etcd2:2380 #集群所有节点配置,逗号分隔
- ETCD_INITIAL_CLUSTER_STATE=new #new-不存在对应集群时创建新集群,existing-不存在对应集群时节点创建失败
etcd1:
image: "etcd_v3.5.0"
container_name: etcd1
ports:
- "23801:2380"
- "23791:2379"
environment:
- ALLOW_NONE_AUTHENTICATION=yes
- ETCD_NAME=etcd1
- ETCD_DATA_DIR=/var/etcd/etcd1
- ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380
- ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379
- ETCD_ADVERTISE_CLIENT_URLS=http://192.168.1.105:23791
- ETCD_INITIAL_ADVERTISE_PEER_URLS=http://etcd1:2380
- ETCD_INITIAL_CLUSTER_TOKEN=etcd-cluster
- ETCD_INITIAL_CLUSTER=etcd0=http://etcd0:2380,etcd1=http://etcd1:2380,etcd2=http://etcd2:2380
- ETCD_INITIAL_CLUSTER_STATE=new
etcd2:
image: "etcd_v3.5.0"
container_name: etcd2
ports:
- "23802:2380"
- "23792:2379"
environment:
- ALLOW_NONE_AUTHENTICATION=yes
- ETCD_NAME=etcd2
- ETCD_DATA_DIR=/var/etcd/etcd2
- ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380
- ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379
- ETCD_ADVERTISE_CLIENT_URLS=http://192.168.1.105:23792
- ETCD_INITIAL_ADVERTISE_PEER_URLS=http://etcd2:2380
- ETCD_INITIAL_CLUSTER_TOKEN=etcd-cluster
- ETCD_INITIAL_CLUSTER=etcd0=http://etcd0:2380,etcd1=http://etcd1:2380,etcd2=http://etcd2:2380
- ETCD_INITIAL_CLUSTER_STATE=new
容器编排:
$docker-compose up -d$docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9a73c85484ac etcd_v3.5.0 "/usr/local/bin/etcd" 39 minutes ago Up 38 minutes 0.0.0.0:23792->2379/tcp, 0.0.0.0:23802->2380/tcp etcd2
3efce60c3a58 etcd_v3.5.0 "/usr/local/bin/etcd" 39 minutes ago Up 38 minutes 0.0.0.0:23790->2379/tcp, 0.0.0.0:23800->2380/tcp etcd0
929f8cf3f14f etcd_v3.5.0 "/usr/local/bin/etcd" 39 minutes ago Up 38 minutes 0.0.0.0:23791->2379/tcp, 0.0.0.0:23801->2380/tcp etcd1集群查看
登录某个容器:
$docker exec -it 3efce60c3a58 /bin/sh配置常用命令环境变量:
/ # vi ~/.bash_profile
export ENDPOINTS=etcd0:2380,etcd1:2380,etcd1:2380
alias list='etcdctl --write-out=table --endpoints=$ENDPOINTS member list'
alias status='etcdctl --write-out=table --endpoints=$ENDPOINTS endpoint status'
alias health='etcdctl --write-out=table --endpoints=$ENDPOINTS endpoint health'
source ~/.bash_profile查看集群成员列表和各项指标:
/ # list
+------------------+---------+-------+-------------------+----------------------------+------------+
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS | IS LEARNER |
+------------------+---------+-------+-------------------+----------------------------+------------+
| ade526d28b1f92f7 | started | etcd1 | http://etcd1:2380 | http://192.168.1.105:23791 | false |
| cf1d15c5d194b5c9 | started | etcd0 | http://etcd0:2380 | http://192.168.1.105:23790 | false |
| d282ac2ce600c1ce | started | etcd2 | http://etcd2:2380 | http://192.168.1.105:23792 | false |
+------------------+---------+-------+-------------------+----------------------------+------------+
/ # status
+------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS |
+------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
| etcd0:2380 | cf1d15c5d194b5c9 | 3.5.0 | 25 kB | false | false | 2 | 33 | 33 | |
| etcd1:2380 | ade526d28b1f92f7 | 3.5.0 | 33 kB | false | false | 2 | 33 | 33 | |
| etcd1:2380 | ade526d28b1f92f7 | 3.5.0 | 33 kB | false | false | 2 | 33 | 33 | |
+------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
/ # health
+------------+--------+-------------+-------+
| ENDPOINT | HEALTH | TOOK | ERROR |
+------------+--------+-------------+-------+
| etcd1:2380 | true | 9.294369ms | |
| etcd0:2380 | true | 17.445272ms | |
| etcd1:2380 | true | 24.301921ms | |
+------------+--------+-------------+-------+相关命令
可执行 etcdctl 查看支持的命令
/ # etcdctl简单 key 操作:
/ # etcdctl put why 1
OK
/ # etcdctl get why
why
1
# 查看 /test 开头的所有key
/ # etcdctl --user=root get /test --prefix
/test/a
{
"a":a
}
/test/b
{
"why":1
}
# 查看 /test 开头的所有key,只返回key不返回值
/ # etcdctl --user=root get /test --prefix --keys-only
/test/a
/test/b权限相关:
# 添加root用户才可以开启权限校验
$ etcdctl user add root
# 开启权限校验
$ etcdctl auth enable
# 关闭权限校验
$ etcdctl auth disable
# 添加test前缀的读角色
$ etcdctl --user=root role add test_r
# 添加test前缀的读写角色
$ etcdctl --user=root role add test_rw
# 查看角色列表
$ etcdctl --user=root role list
# 添加test前缀的读用户
$ etcdctl --user=root user add test_r
# 给test_r角色授予/test/前缀key的读权限
$ etcdctl --user=root role grant-permission test_r read /test/ --prefix=true
# 给test_rw角色授予/test/前缀key的读写权限
$ etcdctl --user=root role grant-permission test_rw readwrite /test/ --prefix=true
# 添加test前缀的读写用户
$ etcdctl --user=root user add test_rw
# 查看用户列表
$ etcdctl --user=root user list
# 为test_r用户添加test_r角色
$ etcdctl --user=root user grant-role test_r test_r
# 为test_rw用户添加test_rw角色
etcdctl --user=root user grant-role test_rw test_rw
最后
以上就是忧虑鸵鸟为你收集整理的基于 Docker 搭建 etcd 集群和命令权限管理的全部内容,希望文章能够帮你解决基于 Docker 搭建 etcd 集群和命令权限管理所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复