etcd静态Pod配置文件

[root@dev-istio-master-001 ~]# cat /etc/kubernetes/manifests/etcd.yaml 
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    component: etcd
    tier: control-plane
  name: etcd
  namespace: kube-system
spec:
  containers:
  - command:
    - etcd
    - --advertise-client-urls=https://10.12.6.139:2379
    - --cert-file=/etc/kubernetes/pki/etcd/server.crt
    - --client-cert-auth=true
    - --data-dir=/var/lib/etcd
    - --initial-advertise-peer-urls=https://10.12.6.139:2380
    - --initial-cluster=dev-istio-master-001=https://10.12.6.139:2380
    - --key-file=/etc/kubernetes/pki/etcd/server.key
    - --listen-client-urls=https://127.0.0.1:2379,https://10.12.6.139:2379
    - --listen-peer-urls=https://10.12.6.139:2380
    - --name=dev-istio-master-001
    - --peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt
    - --peer-client-cert-auth=true
    - --peer-key-file=/etc/kubernetes/pki/etcd/peer.key
    - --peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
    - --snapshot-count=10000
    - --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
    image: k8s.gcr.io/etcd:3.3.10
    imagePullPolicy: IfNotPresent
    livenessProbe:
      exec:
        command:
        - /bin/sh
        - -ec
        - ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt
          --cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt --key=/etc/kubernetes/pki/etcd/healthcheck-client.key
          get foo
      failureThreshold: 8
      initialDelaySeconds: 15
      timeoutSeconds: 15
    name: etcd
    resources: {}
    volumeMounts:
    - mountPath: /var/lib/etcd
      name: etcd-data
    - mountPath: /etc/kubernetes/pki/etcd
      name: etcd-certs
  hostNetwork: true
  priorityClassName: system-cluster-critical
  volumes:
  - hostPath:
      path: /etc/kubernetes/pki/etcd
      type: DirectoryOrCreate
    name: etcd-certs
  - hostPath:
      path: /var/lib/etcd
      type: DirectoryOrCreate
    name: etcd-data
status: {}

其中:

  • --data-dir:指定data目录位置;
  • --wal-dir:指定wal目录位置,存放预写式日志,最大的作用是记录了整个数据变化的全部历程,在etcd中,所有数据的修改在提交前,都要先写入到WAL中。建议使用专用的磁盘,避免IO竞争。如果没有指定,则使用data目录存放wal;
  • --name:指定etcd节点名称,这里使用主机名作为节点名(非必需)。当--initial-cluster-state值为new时,--name的参数值必须位于--initial-cluster列表中;
  • --advertise-client-urls:广播给外部客户端的URL;
  • --initial-advertise-peer-urls:广播给集群内其他节点的URL;
  • ---initial-cluster:初始集群成员列表,由所有--initial-cluster-state值为new的etcd节点的--name--initial-advertise-peer-urls指定的值组成;
  • --listen-client-urls:供外部客户端使用的URL;
  • --listen-peer-urls:集群内部通讯使用的URL;
  • --snapshot-count:多少次提交的事务出发一次磁盘快照。

参考文档

  • No labels