etcd 学习笔记
在一个分布式系统中, ETCD 可以:
- 分布式的高度一致性的 Key-Value 存储.
- 支持 Service 自动发现.
- 高并发 每秒10000次写.
- 支持双向认证.
- 2379 客户请求, 2380 peer 通信.
CAP理论: The CAP theorem states that distributed systems can have at most two out of three of the following properties: high levels of data consistency, high availability of access to the data, and tolerance of network partitions. Networks cannot be assumed to be reliable, so distributed systems need to account for network partitions. Hence, in terms of the CAP theorem, distributed systems can either be AP or CP.
docker 安装 单实例
文档 https://etcd.io/docs/v2.3/docker_guide/ 命令稍有差别 1)改版本, 2) 改etcd 的命令路径
$ export HostIP="10.249.64.103"
$ docker run -d --restart always -v /usr/share/ca-certificates/:/etc/ssl/certs -p 4001:4001 -p 2380:2380 -p 2379:2379 \
--name etcd quay.io/coreos/etcd /usr/local/bin/etcd \
-name etcd0 \
-advertise-client-urls http://${HostIP}:2379,http://${HostIP}:4001 \
-listen-client-urls http://0.0.0.0:2379,http://0.0.0.0:4001 \
-initial-advertise-peer-urls http://${HostIP}:2380 \
-listen-peer-urls http://0.0.0.0:2380 \
-initial-cluster-token etcd-cluster-1 \
-initial-cluster etcd0=http://${HostIP}:2380 \
-initial-cluster-state new
登录测试:
$ docker exec -it etcd sh
$ etcdctl
$ etcdctl --endpoints=http://localhost:2379 member list
认证
参考: https://etcd.io/docs/v3.5/demo/auth
, user
, rule
版本差别
如果你发现你的 etcdctl
的命令比较少, 那有可能是你使用的版本是V2的命令行, 虽然你的 etcdctl
是 V3 的. 要显示设置使用 v3 的命令 (If using released versions earlier than v3.4, set ETCDCTL_API=3 to use v3 API.):
$ ETCDCTL_API=3 ./etcdctl --endpoints=http://127.0.0.1:2379 get "" --prefix
证书认证参数
这4个global 参数可以通过环境变量设置: --dial-timeout
, --cacert
, --cert
, --key
ETCDCTL_DIAL_TIMEOUT=3s
ETCDCTL_CACERT=/tmp/ca.pem
ETCDCTL_CERT=/tmp/cert.pem
ETCDCTL_KEY=/tmp/key.pem
ETCDCTL_API=3 /usr/local/bin/etcdctl --endpoints=https://localhost:2379 \
--cert=/etc/etcdtls/etcd-client.crt \
--key=/etc/etcdtls/etcd-client.key \
--cacert=/etc/etcdtls/etcd-client-ca.crt get mykey
KV 命令
$ etcdctl put name eric --lease 2e128a4084e72b83
OK
$ etcdctl put name yuan --lease 2e128a4084e72b83 --prev-kv
OK
name
eric
lease 命令
增: grant
, 删: revoke
, 改: keep-alive
, 查: list
, timetolive
.
$ etcdctl lease grant 10
lease 2e128a4084e7269c granted with TTL(10s)
$ etcdctl lease revoke 2e128a4084e7269c
lease 2e128a4084e7269c revoked
$ etcdctl lease timetolive 2e128a4084e7269f
lease 2e128a4084e7269f already expired
$ etcdctl lease timetolive 2d8257079fa1bc0c --keys
# lease 2d8257079fa1bc0c granted with TTL(500s), remaining(472s), attached keys([foo2 foo1])
$ etcdctl lease list
32695410dcc0ca06
$ /etcdctl lease keep-alive 32695410dcc0ca0
lock 命令
$ etcdctl lock mylock
# mylock/1234534535445
$ etcdctl lock mylock1 --ttl 10
mylock1/2e128a4084e72b61
$ etcdctl lock mylock echo lock acquired
# lock acquired
$ etcdctl lock mylock ./etcdctl put foo bar
# OK
elect
candidate or observer
$ etcdctl elect president biden
president/2e128a4084e72b68
biden
$ etcdctl elect president -
president/2e128a4084e72b68
biden
$ etcdctl elect president trump
endpoint
查询 revision
etcdctl endpoint status
watch
etcdctl watch --rev=123 /foo