1. etcd安装
etcd在生产环境中一般推荐集群方式部署。本文定位为入门,主要讲讲单节点安装和基本使用。
etcd目前默认使用2379端口提供HTTP API服务,2380端口和peer通信(这两个端口已经被IANA官方预留给etcd);在之前的版本中可能会分别使用4001和7001,在使用的过程中需要注意这个区别。
因为etcd是go语言编写的,安装只需要下载对应的二进制文件,并放到合适的路径就行。
1.1 mac安装
brew search etcd
brew install etcd
1.2 linux安装
1.2.1 脚本方式(推荐)
ETCD_VER=v3.4.17
# choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
运行测试
# start a local etcd server
/tmp/etcd-download-test/etcd
# write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo
1.2.2 源码安装
wget https://github.com/etcd-io/etcd/releases/download/v3.4.17/etcd-v3.4.17-linux-amd64.tar.gz
tar xzvf etcd-v3.4.17-linux-amd64.tar.gz
mv etcd-v3.4.17-linux-amd64 /opt/etcd
build_etcd.sh
#!/usr/bin/env bash
wget -c https://github.com/coreos/etcd/releases/download/v3.2.0/etcd-v3.2.0-linux-amd64.tar.gz
tar xzf etcd-v3.2.0-linux-amd64.tar.gz
cd etcd-v3.2.0-linux-amd64
./etcd &> /dev/null &
解压后是一些文档和两个二进制文件etcd和etcdctl。etcd是server端,etcdctl是客户端。
ls
Documentation etcd etcdctl README-etcdctl.md README.md READMEv2-etcdctl.md
创建systemd服务
- 建立相关目录
mkdir -p /var/lib/etcd/
mkdir -p /opt/etcd/config/
- 创建etcd配置文件
cat <<EOF | sudo tee /opt/etcd/config/etcd.conf
#节点名称
ETCD_NAME=$(hostname -s)
#数据存放位置
ETCD_DATA_DIR=/var/lib/etcd
EOF
- 创建systemd配置文件
cat <<EOF | sudo tee /etc/systemd/system/etcd.service
[Unit]
Description=Etcd Server
Documentation=https://github.com/coreos/etcd
After=network.target
[Service]
User=root
Type=notify
EnvironmentFile=-/opt/etcd/config/etcd.conf
ExecStart=/opt/etcd/etcd
Restart=on-failure
RestartSec=10s
LimitNOFILE=40000
[Install]
WantedBy=multi-user.target
EOF
- 启动etcd
systemctl daemon-reload && systemctl enable etcd && systemctl start etcd
1.3 运行(mac模式)
# 启动某个应用,这里用 etcd 做演示
brew services start etcd
# 停止某个应用
brew services stop etcd
# 查看当前应用列表
brew services list
etcd
{"level":"info","ts":"2021-10-12T16:31:30.685+0800","caller":"etcdmain/etcd.go:72","msg":"Running: ","args":["etcd"]}
{"level":"info","ts":"2021-10-12T16:31:30.686+0800","caller":"etcdmain/etcd.go:99","msg":"failed to detect default host","error":"default host not supported on darwin_amd64"}
{"level":"warn","ts":"2021-10-12T16:31:30.686+0800","caller":"etcdmain/etcd.go:104","msg":"'data-dir' was empty; using default","data-dir":"default.etcd"}
{"level":"info","ts":"2021-10-12T16:31:30.686+0800","caller":"embed/etcd.go:131","msg":"configuring peer listeners","listen-peer-urls":["http://localhost:2380"]}
{"level":"info","ts":"2021-10-12T16:31:30.686+0800","caller":"embed/etcd.go:367","msg":"closing etcd server","name":"default","data-dir":"default.etcd","advertise-peer-urls":["http://localhost:2380"],"advertise-client-urls":["http://localhost:2379"]}
{"level":"info","ts":"2021-10-12T16:31:30.686+0800","caller":"embed/etcd.go:369","msg":"closed etcd server","name":"default","data-dir":"default.etcd","advertise-peer-urls":["http://localhost:2380"],"advertise-client-urls":["http://localhost:2379"]}
{"level":"warn","ts":"2021-10-12T16:31:30.686+0800","caller":"etcdmain/etcd.go:145","msg":"failed to start etcd","error":"listen tcp 127.0.0.1:2380: bind: address already in use"}
{"level":"fatal","ts":"2021-10-12T16:31:30.686+0800","caller":"etcdmain/etcd.go:203","msg":"discovery failed","error":"listen tcp 127.0.0.1:2380: bind: address already in use","stacktrace":"go.etcd.io/etcd/server/v3/etcdmain.startEtcdOrProxyV2\n\t/private/tmp/etcd-20210616-70326-6ud3hj/server/etcdmain/etcd.go:203\ngo.etcd.io/etcd/server/v3/etcdmain.Main\n\t/private/tmp/etcd-20210616-70326-6ud3hj/server/etcdmain/main.go:40\nmain.main\n\t/private/tmp/etcd-20210616-70326-6ud3hj/server/main.go:32\nruntime.main\n\t/usr/local/Cellar/go/1.16.5/libexec/src/runtime/proc.go:225"}
从执行结果中可以看出:
- etcdserver: name = default, name表示节点名称,默认为default。
- etcdserver: data dir = default.etcd,data-dir保存日志和快照的目录,默认为当前工作目录“./default.etcd/”。
- etcdserver: initial advertise peer URLs = http://localhost:2380,通过http://localhost:2380,和集群中其他节点通信。
- etcdserver: advertise client URLs = http://localhost:2379,通过http://localhost:2379,对外提供HTTP API服务,供客户端交互。如果配置webui,就使用这个地址。
- etcdserver: heartbeat = 100ms leader发送心跳到followers的间隔时间。
- etcdserver: election = 1000ms 重新投票的超时时间,如果follow在该时间间隔没有收到心跳包,会触发重新投票,默认为1000ms
- 集群和每个节点都会生成一个 uuid。
- 启动的时候,会运行 raft协议,选举出 leader。
~|⇒ etcdctl -h
NAME:
etcdctl - A simple command line client for etcd3.
USAGE:
etcdctl [flags]
VERSION:
3.5.0
API VERSION:
3.5
COMMANDS:
alarm disarm Disarms all alarms
alarm list Lists all alarms
auth disable Disables authentication
auth enable Enables authentication
auth status Returns authentication status
check datascale Check the memory usage of holding data for different workloads on a given server endpoint.
check perf Check the performance of the etcd cluster
compaction Compacts the event history in etcd
defrag Defragments the storage of the etcd members with given endpoints
del Removes the specified key or range of keys [key, range_end)
elect Observes and participates in leader election
endpoint hashkv Prints the KV history hash for each endpoint in --endpoints
endpoint health Checks the healthiness of endpoints specified in `--endpoints` flag
endpoint status Prints out the status of endpoints specified in `--endpoints` flag
get Gets the key or a range of keys
help Help about any command
lease grant Creates leases
lease keep-alive Keeps leases alive (renew)
lease list List all active leases
lease revoke Revokes leases
lease timetolive Get lease information
lock Acquires a named lock
make-mirror Makes a mirror at the destination etcd cluster
member add Adds a member into the cluster
member list Lists all members in the cluster
member promote Promotes a non-voting member in the cluster
member remove Removes a member from the cluster
member update Updates a member in the cluster
move-leader Transfers leadership to another etcd cluster member.
put Puts the given key into the store
role add Adds a new role
role delete Deletes a role
role get Gets detailed information of a role
role grant-permission Grants a key to a role
role list Lists all roles
role revoke-permission Revokes a key from a role
snapshot restore Restores an etcd member snapshot to an etcd directory
snapshot save Stores an etcd node backend snapshot to a given file
snapshot status [deprecated] Gets backend snapshot status of a given file
txn Txn processes all the requests in one transaction
user add Adds a new user
user delete Deletes a user
user get Gets detailed information of a user
user grant-role Grants a role to a user
user list Lists all users
user passwd Changes password of user
user revoke-role Revokes a role from a user
version Prints the version of etcdctl
watch Watches events stream on keys or prefixes
OPTIONS:
--cacert="" verify certificates of TLS-enabled secure servers using this CA bundle
--cert="" identify secure client using this TLS certificate file
--command-timeout=5s timeout for short running command (excluding dial timeout)
--debug[=false] enable client-side debug logging
--dial-timeout=2s dial timeout for client connections
-d, --discovery-srv="" domain name to query for SRV records describing cluster endpoints
--discovery-srv-name="" service name to query when using DNS discovery
--endpoints=[127.0.0.1:2379] gRPC endpoints
-h, --help[=false] help for etcdctl
--hex[=false] print byte strings as hex encoded strings
--insecure-discovery[=true] accept insecure SRV records describing cluster endpoints
--insecure-skip-tls-verify[=false] skip server certificate verification (CAUTION: this option should be enabled only for testing purposes)
--insecure-transport[=true] disable transport security for client connections
--keepalive-time=2s keepalive time for client connections
--keepalive-timeout=6s keepalive timeout for client connections
--key="" identify secure client using this TLS key file
--password="" password for authentication (if this option is used, --user option shouldn't include password)
--user="" username[:password] for authentication (prompt if password is not supplied)
-w, --write-out="simple" set the output format (fields, json, protobuf, simple, table
好了, etcd 已经启动了,现在验证下,是否正确的启动:
etcdctl endpoint health
~|⇒ etcdctl endpoint health
127.0.0.1:2379 is healthy: successfully committed proposal: took = 8.816294ms
至此,etcd 已经安装完毕。
2. 简单操作
最常见的就是put、get和del命令。
# 放入一个 键值对
~ etcdctl put "name" "zyq1"
OK
#取出一个 键值对
~ etcdctl get "name"
name
zyq1
# 删除一个 键值对
~ etcdctl del "name"
1
watch
watch命令用来监测key的变化,会建立长连接,一直监听。
~ etcdctl watch "name"
PUT
name
zyq1
DELETE
name
3. 租约
租约是一段时间,可以为etcd的key授予租约。当key被附加到租约时,它的生存时间被绑定到租约的生存时间,一旦租约的TTL到期,租约就过期并且所有附带的key都将被删除。
一个租约可以绑定不止一个key。
# 创建一个20s的租约
$ ./etcdctl lease grant 20
lease 694d673115905e37 granted with TTL(20s)
# 使用租约的 id 进行 put 操作
$ ./etcdctl put --lease=694d673115905e37 "name" "zyq"
# 20s后get发现 key被删除了
$ ./etcdctl get "name"
# 空应答
租约可以被删除
# 创建一个20s的租约
$ ./etcdctl lease grant 1000
lease 694d673115905e49 granted with TTL(1000s)
# 使用租约的 id 进行 put 操作
$ ./etcdctl put --lease=694d673115905e49 "name" "zyq"
OK
# 删除租约
$ ./etcdctl lease revoke 694d673115905e49
lease 694d673115905e49 revoked
# 发现key也被删除了
$ ./etcdctl get "name"
# 空应答
租约可以自动续租
# 创建一个20s的租约
$ ./etcdctl lease grant 20
lease 694d673115905e4f granted with TTL(20s)
# 自动续租
$ ./etcdctl lease keep-alive 694d673115905e4f
lease 694d673115905e4f keepalived with TTL(20)
lease 694d673115905e4f keepalived with TTL(20)
