k3s が稼働しているホストで etcdctl のインストール
curl -L https://github.com/etcd-io/etcd/releases/download/v3.5.5/etcd-v3.5.5-linux-arm64.tar.gz -o etcd-v3.5.5-linux-arm64.tar.gz
tar xzvf etcd-v3.5.5-linux-arm64.tar.gz
sudo mv etcd-v3.5.5-linux-arm64/etcdctl /usr/local/bin/
環境変数の設定
export ETCDCTL_API=3
export ENDPOINTS="https://127.0.0.1:2379"
export CERT="/var/lib/rancher/k3s/server/tls/etcd/server-client.crt"
export KEY="/var/lib/rancher/k3s/server/tls/etcd/server-client.key"
export CA="/var/lib/rancher/k3s/server/tls/etcd/server-ca.crt"
member 確認
sudo etcdctl --endpoints=$ENDPOINTS --cacert=$CA --cert=$CERT --key=$KEY member list
member 削除
sudo etcdctl --endpoints=$ENDPOINTS --cacert=$CA --cert=$CERT --key=$KEY member remove 6d5d3fa798257c95
leader 確認
endpoints にすべての etcd の ip を指定する
export ENDPOINTS="https://192.168.1.21:2379,https://192.168.1.22:2379,https://192.168.1.23:2379"
sudo etcdctl --endpoints=$ENDPOINTS --cacert=$CA --cert=$CERT --key=$KEY endpoint status --write-out=table
cluster-init: true
tls-san:
- 192.168.0.20
write-kubeconfig-mode: '644'
# Setting IPs for pods & services (needed for tailscale routing)
cluster-cidr: 10.42.0.0/16
service-cidr: 10.43.0.0/16
# Disable traefik & servicelb -> Will install traefik manually & using metallb/kube-vip
disable:
- traefik
- servicelb
kubelet-arg:
- "feature-gates=GracefulNodeShutdown=true"
- "feature-gates=MixedProtocolLBService=true"
- "node-status-update-frequency=4s"
kube-controller-manager-arg:
- "node-monitor-period=4s"
- "node-monitor-grace-period=16s"
- "pod-eviction-timeout=20s"
kube-apiserver-arg:
- "default-not-ready-toleration-seconds=20"
- "default-unreachable-toleration-seconds=20"
kube-scheduler-arg:
- "config=/var/lib/scheduler/scheduler-config.yaml"
etcd-expose-metrics: true