CentOS7系统部署 ETCD 350 高可用采用 tls并且再部署一个etcd UI管理请给出软件的下载地址和部署步骤。

下载地址：

• ETCD 3.5.0：https://github.com/etcd-io/etcd/releases/tag/v3.5.0
• ETCD UI：https://github.com/etcd-io/etcd/releases/tag/v3.5.0

部署步骤：

1. 下载并解压ETCD 3.5.0：

wget https://github.com/etcd-io/etcd/releases/download/v3.5.0/etcd-v3.5.0-linux-amd64.tar.gz
tar -xvf etcd-v3.5.0-linux-amd64.tar.gz
cd etcd-v3.5.0-linux-amd64

2. 生成证书： 首先需要生成CA证书，然后使用CA证书签名etcd证书。

生成CA证书：

openssl genrsa -out ca-key.pem 2048
openssl req -x509 -new -nodes -key ca-key.pem -days 10000 -out ca.pem -subj "/CN=etcd-ca"

生成etcd证书：

openssl genrsa -out server-key.pem 2048
openssl req -new -key server-key.pem -out server.csr -subj "/CN=etcd-server" -config openssl.cnf
openssl x509 -req -in server.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out server.pem -days 3650 -extensions v3_req -extfile openssl.cnf

3. 配置etcd集群：

./etcd --name node1 --initial-advertise-peer-urls https://192.168.1.101:2380 \
--listen-peer-urls https://192.168.1.101:2380 \
--listen-client-urls https://192.168.1.101:2379,https://127.0.0.1:2379 \
--advertise-client-urls https://192.168.1.101:2379 \
--initial-cluster-token etcd-cluster-1 \
--initial-cluster node1=https://192.168.1.101:2380,node2=https://192.168.1.102:2380,node3=https://192.168.1.103:2380 \
--initial-cluster-state new \
--cert-file=/path/to/server.pem --key-file=/path/to/server-key.pem --trusted-ca-file=/path/to/ca.pem --peer-cert-file=/path/to/server.pem --peer-key-file=/path/to/server-key.pem --peer-trusted-ca-file=/path/to/ca.pem

注意：需要将上述命令中的IP地址和路径替换为实际情况。

4. 部署etcd UI：

wget https://github.com/etcd-io/etcd/releases/download/v3.5.0/etcd-v3.5.0-linux-amd64.tar.gz
tar -xvf etcd-v3.5.0-linux-amd64.tar.gz
cd etcd-v3.5.0-linux-amd64

修改etcd-ui的配置文件config.json：

{
  "etcd": {
    "hosts": [
      "https://192.168.1.101:2379",
      "https://192.168.1.102:2379",
      "https://192.168.1.103:2379"
    ],
    "ca": "/path/to/ca.pem",
    "cert": "/path/to/server.pem",
    "key": "/path/to/server-key.pem"
  },
  "server": {
    "port": 8080,
    "tls": {
      "ca": "/path/to/ca.pem",
      "cert": "/path/to/server.pem",
      "key": "/path/to/server-key.pem"
    }
  }
}

5. 启动etcd UI：

./etcd-ui -config-file=config.json

6. 访问etcd UI： 在浏览器中输入https://ip:8080即可访问etcd UI。