etcd TLS 部署 flanneld

[Unit]
Description=Etcd Server
[Service]
Type=notify
#WorkingDirectory=/home/etcd_data
#EnvironmentFile=-/root/etcd-v3.3.9-linux-amd64/etcd.conf
ExecStart=/root/etcd-v3.3.9-linux-amd64/etcd --name infra0         --initial-advertise-peer-urls https://xxx.xxx.xxx.xxx:2380         --listen-peer-urls https://xxx.xxx.xxx.xxx:2380         --listen-client-urls https://xxx.xxx.xxx.xxx:2379,https://127.0.0.1:2379         --advertise-client-urls https://xxx.xxx.xxx.xxx:2379         --initial-cluster infra0=https://xxx.xxx.xxx.xxx:2380,infra1=https://xxx.xxx.xxx.xxx:2380,infra2=https://xxx.xxx.xxx.xxx2380         --initial-cluster-token etcd-cluster-0         --initial-cluster-state new         --data-dir=/home/etcd_data         --debug=true         --client-cert-auth         --trusted-ca-file=/root/etcd_ssl/ca.pem        --cert-file=/root/etcd_ssl/server.pem         --key-file=/root/etcd_ssl/server-key.pem         --peer-client-cert-auth         --peer-trusted-ca-file=/root/etcd_ssl/ca.pem         --peer-cert-file=/root/etcd_ssl/infra0.pem         --peer-key-file=/root/etcd_ssl/infra0-key.pem

Restart=on-failure
RestartSec=5
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target

[Unit]
Description=flannel
After=network.target
After=network-online.target
Wants=network-online.target
After=etcd.service
Before=docker.service
[Service]
ExecStart=/opt/flannel/flanneld --ip-masq=true --iface=eno1 --etcd-endpoints=https://xxx.xxx.xxx.xxx:2379,https://xx.xxx.xxx.xxx:2379,https://xx.xxx.xxx.xxx:2379 --etcd-keyfile=/root/etcd_ssl/client-key.pem --etcd-certfile=/root/etcd_ssl/client.pem --etcd-cafile=/root/etcd_ssl/ca.pem
[Install]
WantedBy=multi-user.target
RequiredBy=docker.service

ETCDCTL_API=2 ./etcdctl     --endpoints https://10.110.158.181:2379,https://10.110.158.182:2379,https://10.110.158.183:2379 --ca-file /root/etcd_ssl/ca.pem --cert-file  /root/etcd_ssl/client.pem  --key-file /root/etcd_ssl/client-key.pem  $@