码字不易,转载请附原链,搬砖繁忙回复不及时见谅,技术交流请加QQ群:909211071,或关注公众号:程序猿AirGo
Docker 相关命令
docker常用组合命令和环境搭建_程序猿的世界-CSDN博客
下载安装
复制代码
1
2
3
4
5$wget https://github.com/etcd-io/etcd/releases/download/v3.5.0/etcd-v3.5.0-linux-amd64.tar.gz $tar xf etcd-v3.5.0-linux-amd64.tar.gz $cd etcd-v3.5.0-linux-amd64
打包镜像
编写 Dockerfile:
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14FROM alpine ADD etcd /usr/local/bin/ ADD etcdctl /usr/local/bin/ ADD etcdutl /usr/local/bin/ RUN mkdir -p /var/etcd/ RUN mkdir -p /var/lib/etcd/ # https://github.com/etcd-io/etcd/blob/main/Dockerfile-release.amd64 RUN echo 'hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4' >> /etc/nsswitch.conf EXPOSE 2379 2380 CMD ["/usr/local/bin/etcd"]
构建镜像:
复制代码
1
2
3
4
5
6$docker build -t etcd_v3.5.0 . $docker images REPOSITORY TAG IMAGE ID CREATED SIZE etcd_v3.5.0 latest 1d52ee1d698e About an hour ago 63.2MB alpine latest 021b3423115f 13 days ago 5.6MB
集群容器编排
搭建、配置、运维参考:Operations guide | etcd
使用参考:Developer guide | etcd
编写 docker-compose.yml:
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57version: "3.7" services: etcd0: image: "etcd_v3.5.0" container_name: etcd0 ports: - "23800:2380" #前宿主后容器 - "23790:2379" environment: - ALLOW_NONE_AUTHENTICATION=yes - ETCD_NAME=etcd0 - ETCD_DATA_DIR=/var/etcd/etcd0 - ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380 #集群内节点数据交换监听地址 - ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379 #本节点访问地址 - ETCD_ADVERTISE_CLIENT_URLS=http://192.168.1.105:23790 #通知其他节点,客户端接入本节点的监听地址 - ETCD_INITIAL_ADVERTISE_PEER_URLS=http://etcd0:2380 #通知其他节点与本节点进行数据交换的地址 - ETCD_INITIAL_CLUSTER_TOKEN=etcd-cluster #集群唯一标识 - ETCD_INITIAL_CLUSTER=etcd0=http://etcd0:2380,etcd1=http://etcd1:2380,etcd2=http://etcd2:2380 #集群所有节点配置,逗号分隔 - ETCD_INITIAL_CLUSTER_STATE=new #new-不存在对应集群时创建新集群,existing-不存在对应集群时节点创建失败 etcd1: image: "etcd_v3.5.0" container_name: etcd1 ports: - "23801:2380" - "23791:2379" environment: - ALLOW_NONE_AUTHENTICATION=yes - ETCD_NAME=etcd1 - ETCD_DATA_DIR=/var/etcd/etcd1 - ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380 - ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379 - ETCD_ADVERTISE_CLIENT_URLS=http://192.168.1.105:23791 - ETCD_INITIAL_ADVERTISE_PEER_URLS=http://etcd1:2380 - ETCD_INITIAL_CLUSTER_TOKEN=etcd-cluster - ETCD_INITIAL_CLUSTER=etcd0=http://etcd0:2380,etcd1=http://etcd1:2380,etcd2=http://etcd2:2380 - ETCD_INITIAL_CLUSTER_STATE=new etcd2: image: "etcd_v3.5.0" container_name: etcd2 ports: - "23802:2380" - "23792:2379" environment: - ALLOW_NONE_AUTHENTICATION=yes - ETCD_NAME=etcd2 - ETCD_DATA_DIR=/var/etcd/etcd2 - ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380 - ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379 - ETCD_ADVERTISE_CLIENT_URLS=http://192.168.1.105:23792 - ETCD_INITIAL_ADVERTISE_PEER_URLS=http://etcd2:2380 - ETCD_INITIAL_CLUSTER_TOKEN=etcd-cluster - ETCD_INITIAL_CLUSTER=etcd0=http://etcd0:2380,etcd1=http://etcd1:2380,etcd2=http://etcd2:2380 - ETCD_INITIAL_CLUSTER_STATE=new
容器编排:
复制代码
1$docker-compose up -d
复制代码
1
2
3
4
5$docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 9a73c85484ac etcd_v3.5.0 "/usr/local/bin/etcd" 39 minutes ago Up 38 minutes 0.0.0.0:23792->2379/tcp, 0.0.0.0:23802->2380/tcp etcd2 3efce60c3a58 etcd_v3.5.0 "/usr/local/bin/etcd" 39 minutes ago Up 38 minutes 0.0.0.0:23790->2379/tcp, 0.0.0.0:23800->2380/tcp etcd0 929f8cf3f14f etcd_v3.5.0 "/usr/local/bin/etcd" 39 minutes ago Up 38 minutes 0.0.0.0:23791->2379/tcp, 0.0.0.0:23801->2380/tcp etcd1
集群查看
登录某个容器:
复制代码
1$docker exec -it 3efce60c3a58 /bin/sh
配置常用命令环境变量:
复制代码
1
2
3
4
5
6
7
8
9/ # vi ~/.bash_profile export ENDPOINTS=etcd0:2380,etcd1:2380,etcd1:2380 alias list='etcdctl --write-out=table --endpoints=$ENDPOINTS member list' alias status='etcdctl --write-out=table --endpoints=$ENDPOINTS endpoint status' alias health='etcdctl --write-out=table --endpoints=$ENDPOINTS endpoint health' source ~/.bash_profile
查看集群成员列表和各项指标:
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30/ # list +------------------+---------+-------+-------------------+----------------------------+------------+ | ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS | IS LEARNER | +------------------+---------+-------+-------------------+----------------------------+------------+ | ade526d28b1f92f7 | started | etcd1 | http://etcd1:2380 | http://192.168.1.105:23791 | false | | cf1d15c5d194b5c9 | started | etcd0 | http://etcd0:2380 | http://192.168.1.105:23790 | false | | d282ac2ce600c1ce | started | etcd2 | http://etcd2:2380 | http://192.168.1.105:23792 | false | +------------------+---------+-------+-------------------+----------------------------+------------+ / # status +------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ | ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS | +------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ | etcd0:2380 | cf1d15c5d194b5c9 | 3.5.0 | 25 kB | false | false | 2 | 33 | 33 | | | etcd1:2380 | ade526d28b1f92f7 | 3.5.0 | 33 kB | false | false | 2 | 33 | 33 | | | etcd1:2380 | ade526d28b1f92f7 | 3.5.0 | 33 kB | false | false | 2 | 33 | 33 | | +------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+ / # health +------------+--------+-------------+-------+ | ENDPOINT | HEALTH | TOOK | ERROR | +------------+--------+-------------+-------+ | etcd1:2380 | true | 9.294369ms | | | etcd0:2380 | true | 17.445272ms | | | etcd1:2380 | true | 24.301921ms | | +------------+--------+-------------+-------+
相关命令
可执行 etcdctl 查看支持的命令
复制代码
1/ # etcdctl
简单 key 操作:
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22/ # etcdctl put why 1 OK / # etcdctl get why why 1 # 查看 /test 开头的所有key / # etcdctl --user=root get /test --prefix /test/a { "a":a } /test/b { "why":1 } # 查看 /test 开头的所有key,只返回key不返回值 / # etcdctl --user=root get /test --prefix --keys-only /test/a /test/b
权限相关:
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39# 添加root用户才可以开启权限校验 $ etcdctl user add root # 开启权限校验 $ etcdctl auth enable # 关闭权限校验 $ etcdctl auth disable # 添加test前缀的读角色 $ etcdctl --user=root role add test_r # 添加test前缀的读写角色 $ etcdctl --user=root role add test_rw # 查看角色列表 $ etcdctl --user=root role list # 添加test前缀的读用户 $ etcdctl --user=root user add test_r # 给test_r角色授予/test/前缀key的读权限 $ etcdctl --user=root role grant-permission test_r read /test/ --prefix=true # 给test_rw角色授予/test/前缀key的读写权限 $ etcdctl --user=root role grant-permission test_rw readwrite /test/ --prefix=true # 添加test前缀的读写用户 $ etcdctl --user=root user add test_rw # 查看用户列表 $ etcdctl --user=root user list # 为test_r用户添加test_r角色 $ etcdctl --user=root user grant-role test_r test_r # 为test_rw用户添加test_rw角色 etcdctl --user=root user grant-role test_rw test_rw
最后
以上就是忧虑鸵鸟最近收集整理的关于基于 Docker 搭建 etcd 集群和命令权限管理的全部内容,更多相关基于内容请搜索靠谱客的其他文章。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复