kubernetes 12015 里部署etcd v350指定挂载目录单点部署并优化etcd性能。给出yaml代码
以下是针对 Kubernetes 1.20.15 部署 etcd v3.5.0 的 YAML 代码,其中包括指定挂载目录、单点部署以及优化 etcd 性能的设置:
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: etcd
spec:
serviceName: etcd
replicas: 1
selector:
matchLabels:
app: etcd
template:
metadata:
labels:
app: etcd
spec:
containers:
- name: etcd
image: quay.io/coreos/etcd:v3.5.0
command:
- "/usr/local/bin/etcd"
args:
- "--name=$(HOSTNAME)"
- "--data-dir=/var/lib/etcd"
- "--listen-client-urls=https://0.0.0.0:2379"
- "--advertise-client-urls=https://$(HOSTNAME):2379"
- "--listen-peer-urls=https://0.0.0.0:2380"
- "--initial-advertise-peer-urls=https://$(HOSTNAME):2380"
- "--initial-cluster=$(HOSTNAME)=https://$(HOSTNAME):2380"
- "--initial-cluster-token=etcd-cluster"
- "--initial-cluster-state=new"
- "--client-cert-auth"
- "--trusted-ca-file=/etc/etcd/pki/ca.crt"
- "--cert-file=/etc/etcd/pki/server.crt"
- "--key-file=/etc/etcd/pki/server.key"
- "--peer-client-cert-auth"
- "--peer-trusted-ca-file=/etc/etcd/pki/ca.crt"
- "--peer-cert-file=/etc/etcd/pki/server.crt"
- "--peer-key-file=/etc/etcd/pki/server.key"
volumeMounts:
- name: etcd-data
mountPath: /var/lib/etcd
- name: etcd-certs
mountPath: /etc/etcd/pki
readOnly: true
volumes:
- name: etcd-data
hostPath:
path: /mnt/data/etcd
type: DirectoryOrCreate
- name: etcd-certs
secret:
secretName: etcd-certs
volumeClaimTemplates:
- metadata:
name: etcd-data
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 10Gi
这个 YAML 文件包括一个名为 etcd 的 StatefulSet,该 StatefulSet 有一个副本,使用了 quay.io/coreos/etcd:v3.5.0 镜像,以及一些命令行参数和卷挂载设置,以优化 etcd 的性能和安全性。其中,etcd-data 是用于存储 etcd 数据的持久化卷,而 etcd-certs 则是用于存储 etcd TLS 证书和密钥的卷。
请注意,这个 YAML 文件是为单点部署而设计的,如果需要在 Kubernetes 集群中运行多个 etcd 实例以实现高可用性,请使用 StatefulSet 的 spec.replicas 字段来指定实例数量,并配置 etcd 集群的相关参数。
原文地址: https://www.cveoy.top/t/topic/b0TY 著作权归作者所有。请勿转载和采集!