freelizhun/etcd-manage
A web-based arm64 image for etcd web management
21
该镜像通过项目编译后生成etcd-manage后制作,Dockerfile,为arm64版本,用于etcd的web界面,x86版本请用 shiguanghuxian/etcd-manage:latest镜像。
重点在于镜像内的/app/config/cfg.toml配置文件,以及/etc/etcd/etcdSSL目录下的证书文件,需通过docker run挂载进入容器镜像。其中cfg.toml文件内容如下:
# debug模式
debug = true
# 日志文件路径
log_path = ""
# http 监听端口
[http]
# 监听地址
address = "0.0.0.0"
# 监听端口
port = 10280
# 使用 Let's Encrypt 证书 - tls_enable为true优先使用本地证书模式
tls_encrypt_enable = false
# 域名列表
tls_encrypt_domain_names = ["shiguanghuxian.com"]
# 是否启用tls
tls_enable = false
# tls证书文件
[http.tls_config]
cert_file = "cert_file"
key_file = "key_file"
## 一下每一个server为一个etcd服务 ##
[[server]]
# 显示名称
title = "k8s_ha_etcd_cluster"
# 标识名 - 只能是字母数字或下划线
name = "k8s_ha_etcd_cluster"
# etcd连接地址 如果为集群请填写全部地址
address = ["123.0.1.23:2379","123.0.1.13:2379","123.0.1.12:2379"]
#address = ["123.0.1.23:2379"]
# 查看的key前缀
key_prefix = "/"
# 简述信息
desc = "这是k8s 的高可用etcd集群"
# 可访问服务器角色列表 - 不写则为所有用户可访问
roles = ["admin"]
# 是否启用tls连接
tls_enable = true
# tls证书配置,对应etcd集群的证书配置,对于高可用部署的k8s集群可以通过/etc/etcd.env文件获取,ETCD_CERT_FILE,ETCD_KEY_FILE,ETCD_TRUSTED_CA_FILE文件与下述对应,将其拷贝到/etc/etcd/etcdSSL/即可
[server.tls_config]
cert_file = "/etc/etcd/etcdSSL/etcd.pem"
key_file = "/etc/etcd/etcdSSL/etcd-key.pem"
ca_file = "/etc/etcd/etcdSSL/etcd-root-ca.pem"
#[[server]]
#title = "make docker_run"
#name = "docker_run"
#address = ["etcd:2379"]
#key_prefix = "/"
#desc = "docker方式etcd非集群方式"
#roles = ["admin","dev"]
#[[server]]
#title = "本地etcd"
#name = "local"
#address = ["127.0.0.1:2379"]
#key_prefix = "/"
#desc = "本机环境"
#roles = ["admin","dev"]
## 以下为用户列表 ##
[[user]]
username = "admin"
password = "123456"
role = "admin"
[[user]]
username = "dev_user"
password = "123456"
role = "dev"
ls config/
cfg.toml
cp /etc/ssl/etcd/ssl/ca.pem /etc/etcd/etcdSSL/etcd-root-ca.pem
cp /etc/ssl/etcd/ssl/member-master1.pem /etc/etcd/etcdSSL/etcd.pem
cp /etc/ssl/etcd/ssl/member-master1-key.pem /etc/etcd/etcdSSL/etcd-key.pem
ls /etc/etcd/etcdSSL/
etcd-key.pem etcd.pem etcd-root-ca.pem
docker run --name etcd-manage -d -v /home/lz/etcd-manager/config:/app/config -v /home/lz/etcd-manager/logs:/app/logs -v /etc/etcd/etcdSSL:/etc/etcd/etcdSSL -p 10280:10280 freelizhun/etcd-manage:v1
直接用docker容器运行
docker run -d --name Etcd-server-kylin-shop --restart always --publish 23790:2379 --publish 23800:2380 -v /home/lz/etcd:/var/lib/etcd:rw -e ETCD_DATA_DIR=/var/lib/etcd --env ALLOW_NONE_AUTHENTICATION=yes --env ETCD_ADVERTISE_CLIENT_URLS=http://0.0.0.0:2379 -e ETCD_UNSUPPORTED_ARCH=arm64 -e ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379 registryserver:4000/arm64/proxy/quay/coreos/etcd:v3.4.13-arm64
或者用docker-compose
[root@node2 lz]# ls
default.etcd docker-compose.yml test
[root@node2 lz]# tree test/
test/
├── config
│ └── cfg.toml
└── logs
2 directories, 1 file
docker-compose.yml如下:
version: '3'
services:
etcd:
image: "registryserver:4000/arm64/proxy/quay/coreos/etcd:v3.4.13-arm64"
container_name: "etcdv3.4.13"
environment:
ETCD_ADVERTISE_CLIENT_URLS: "http://0.0.0.0:2379"
ETCD_LISTEN_CLIENT_URLS: "http://0.0.0.0:2379"
ETCD_UNSUPPORTED_ARCH: "arm64"
ETCDCTL_API: "3"
volumes:
- ./default.etcd:/default.etcd
ports:
- 2379:2379
- 2380:2380
- 4001:4001
etcd-manage:
# build: .
image: "freelizhun/etcd-manage:v1"
volumes:
- ./test/config/cfg.toml:/app/config/cfg.toml
- ./test/logs:/app/logs
ports:
- "10280:10280"
depends_on:
- etcd
cfg.toml内容如下:
# debug模式
debug = true
# 日志文件路径
log_path = ""
# http 监听端口
[http]
# 监听地址
address = "0.0.0.0"
# 监听端口
port = 10280
# 使用 Let's Encrypt 证书 - tls_enable为true优先使用本地证书模式
tls_encrypt_enable = false
# 域名列表
tls_encrypt_domain_names = ["shiguanghuxian.com"]
# 是否启用tls
tls_enable = false
# tls证书文件
[http.tls_config]
cert_file = "cert_file"
key_file = "key_file"
## 一下每一个server为一个etcd服务 ##
[[server]]
# 显示名称
title = "k8s_single_etcd_cluster"
# 标识名 - 只能是字母数字或下划线
name = "k8s_single_etcd_cluster"
# etcd连接地址 如果为集群请填写全部地址
#address = ["123.0.1.23:2379","123.0.1.13:2379","123.0.1.12:2379"]
address = ["123.0.1.15:2379"]
# 查看的key前缀
key_prefix = "/"
# 简述信息
desc = "这是单节点etcd数据库"
# 可访问服务器角色列表 - 不写则为所有用户可访问
roles = ["admin"]
# 是否启用tls连接
tls_enable = false
# tls证书配置
[server.tls_config]
cert_file = "/etc/etcd/etcdSSL/member-master1.pem"
key_file = "/etc/etcd/etcdSSL/member-master1-key.pem"
ca_file = "/etc/etcd/etcdSSL/ca.pem"
#[[server]]
#title = "make docker_run"
#name = "docker_run"
#address = ["etcd:2379"]
#key_prefix = "/"
#desc = "docker方式etcd非集群方式"
#roles = ["admin","dev"]
#[[server]]
#title = "本地etcd"
#name = "local"
#address = ["127.0.0.1:2379"]
#key_prefix = "/"
#desc = "本机环境"
#roles = ["admin","dev"]
## 以下为用户列表 ##
[[user]]
username = "admin"
password = "123456"
role = "admin"
[[user]]
username = "dev_user"
password = "123456"
role = "dev"
启动:
docker-compose up
docker pull freelizhun/etcd-manage