Skip to content

Commit

Permalink
ssl方式连接etcd测试未完成,保存
Browse files Browse the repository at this point in the history
  • Loading branch information
shiguanghuxian committed Jan 4, 2019
1 parent d26cb91 commit 4d460c9
Show file tree
Hide file tree
Showing 6 changed files with 169 additions and 8 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -19,5 +19,6 @@ etcd-manage

bin/etcd-manage
bin/logs/*
bin/etcd*

tpls/dist/*
10 changes: 5 additions & 5 deletions bin/config/cfg.toml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ address = "0.0.0.0"
port = 10280

# 使用 Let's Encrypt 证书 - tls_enable为true优先使用本地证书模式
tls_encrypt_enable = true
tls_encrypt_enable = false
# 域名列表
tls_encrypt_domain_names = ["shiguanghuxian.com"]

Expand All @@ -38,12 +38,12 @@ desc = "docker方式etcd集群方式"
# 可访问服务器角色列表 - 不写则为所有用户可访问
roles = ["admin"]
# 是否启用tls连接
tls_enable = false
tls_enable = true
# tls证书配置
[server.tls_config]
cert_file = "cert_file"
key_file = "key_file"
ca_file = "ca_file"
cert_file = "/etc/etcd/etcdSSL/etcd.pem"
key_file = "/etc/etcd/etcdSSL/etcd-key.pem"
ca_file = "/etc/etcd/etcdSSL/ca.pem"

[[server]]
title = "make docker_run"
Expand Down
34 changes: 34 additions & 0 deletions bin/tlskey/ca.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
-----BEGIN CERTIFICATE-----
MIIF0jCCA7qgAwIBAgIUaR++1d0SnpoXgH+psyV5fPt6H1kwDQYJKoZIhvcNAQEN
BQAwbzELMAkGA1UEBhMCQ04xEDAOBgNVBAgTB0JlaWppbmcxEDAOBgNVBAcTB0Jl
aWppbmcxDTALBgNVBAoTBGV0Y2QxFjAUBgNVBAsTDWV0Y2QgU2VjdXJpdHkxFTAT
BgNVBAMTDGV0Y2Qtcm9vdC1jYTAeFw0xOTAxMDQwOTExMDBaFw0yNDAxMDMwOTEx
MDBaMG8xCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdCZWlqaW5nMRAwDgYDVQQHEwdC
ZWlqaW5nMQ0wCwYDVQQKEwRldGNkMRYwFAYDVQQLEw1ldGNkIFNlY3VyaXR5MRUw
EwYDVQQDEwxldGNkLXJvb3QtY2EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
AoICAQCoWM1n6xJ6kPaKx6fb5tmkxOUp2OgfT7Un614S4ix7XIWMKHS6573IF7dM
SiKixBthm9rNgI01987WdmlPz5aRYz5HT9LTh7zeVUF10zEiN9T9oLAH5OqR4Kuk
b91dDty5Et+fDh2UOP044GhTijWeWnE8uiorCP8ByI5vMEHFPDMkZyFKHsMKwVmV
ErKITMPbdsYOYdDhrCVS3+yol/W2MiBlAnynBSbVxViJ7pribbOGUtaft1cFPNO/
DdywlUzfIuFuPr6lPwpx6fduXOYL6mU7XfejRyKVyMqQL74MHQ5Qq8IO/FU73pSE
JPMFEe3TV1L5OiRzZaW9YpR3Cgr9snpdCVRV7Z7BySmwJIBrIgSXr7bb+3JKvbj4
ax6YT3rTgwFZsFio5uZk+1Wr0CCkt7Gx7Q7IaXr7bPBkaKuzBH5nG84CDrDWUCnG
F/s+vGV/o9FEqQdxrMeDmmg/VVa00P70Nwoc1eAqsuYVAmGIw0NnodRjDfI+ySvA
2gO/gEKRGKC2dRJcYMT5pUkROxf+F2E7/qzRzQmuNn+Cph857QFXIgswLa/dop4y
Edzsn9vBGHMWuRipDaBeVCDs4Ftbf2Rqk7e1Plc2rWG/dUbZYjwl6N7nBjwoEQAJ
Ow917J69BYN5OKoYMdabV0MmssXwjAROWmjsKF154uRYtcJqGwIDAQABo2YwZDAO
BgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBAjAdBgNVHQ4EFgQUOE9k
Whlbam1r6YonAAlujBauxqwwHwYDVR0jBBgwFoAUOE9kWhlbam1r6YonAAlujBau
xqwwDQYJKoZIhvcNAQENBQADggIBAImolCFzZy/0+4YtwbeMJxMur+azuXty//aA
WrxKGjVvfUvpxAPX9soPx19ZIKzpIjI4C7gH9P8mYxTnkJXqvFUhHLmhfo/UDfdc
F6EpSq7AciTWCuHsLcFlthGhLHv1zihUpDnikeyvSNxqLEgCBLlxWVlFMqNxWxgN
1BUm7uNhXpZlCcymmLYFp1Pvku1/rjHOSvTA1LeX/Q0csMGoboDHjPBUeqNdzQ/V
wg3ZhbNCsuaFLzrcXw8tl00pI7SLEwMRk19nGgXdisTyvPCFq5baENhua+2WbujT
lEVErAuwTkx+pE3bZFT9veXeaAkF248LxcLvUer51wOYXn/Y5LQPDv1BLVFZUDix
h1QrFvZSxDpjqzCwaSYglHagGWAdDx8Esva59WxAs1r8M0n18vaNdxiclyhyQtuN
xAAserSqwS7Vr5Oq4e7T0vxTALZiT7CpOtplGSpSBduk6JAk0Zdl2CIsuRGeFbPl
76yJPlmp/+RrHlfIG7j1BtRiKCrPLFK9BD6hskFMfqss9FsvgZSoDdBfCjCej7lW
F3WHoHMXz9JF6LJ0zXRSscPu5jOyrdK/uiZR2a1ARua3d999OmvOUxLmVKZZLNMv
8Xi++HAnQgti2VOEm8CSqeGGnymDRAzHRJph4NNZEWFv43cBbsSZR6fBMdTamV00
FZueGTsA
-----END CERTIFICATE-----
51 changes: 51 additions & 0 deletions bin/tlskey/etcd-key.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
-----BEGIN RSA PRIVATE KEY-----
MIIJKQIBAAKCAgEAvfBxY/VzJ4l6vQ9oSP9aGftpfeubWsJttPcBZKK39k4jH5gO
SoDCr2hthmvgFD4oVxOquG3UbHHASnZoA8QlMvBqaZULot+0dE6Lq197z/uzG13W
GEvv4w2TB+wvkOlbfi4EET4XdU2TSpeWHkfmwOdAaRr7t1+PFio5B/4AxiWoyAmf
g/hvNwgLZYVre6nT4BfbrApv8W4rihhvviHbPqoVY4tuAJX9gXumq33QeQCKovi6
r68FckHb26sGMqSsJCgfDkXy0DkJFyjlVUlipAfuuLpFy27B/tW+6Jy3Z1FSB/3f
Q6spSGpD26R4m1GZl87NB2u3iN5JyAuytScW9Mn3yqk4X66rpGVW50GFNLL1Oxmx
2lQN2QGa/kcGgyMjuImodQrg1spFalB9xohlQqlJ+rgQf4wxLBwWsMAfftgY+3cm
INWEqT2bBgOVhzelD/c00GB/rEDXIlgzetEu3JR7hKbpLk59NoRZVafyzWp/Jxb6
L5RUeOnYJ19SXGbukAOACGRZCEHpVWp2AvKBYDG/gBvk0ggv7fyO2YUszQ8al615
tvLxaoNv/nAZuZ6I9Ma9N4ClvkNsofmwEOMFmrTNzEg0kJbJdDWWfz4vnUMrFGAD
c0NdIjybZp+7qV3DiB6w2k1QJx2ri7vo3K38uRD1WY0DtNGfrIPHphOr1h8CAwEA
AQKCAgEAtWF/Zu1l4kOvKgwkklEHQfiMbOspmCpDiaS3d9rLwjIr6GfUfeEoCUm4
Db3GZo5VB5KIXUbErCqUbodUHQSaYWKku97RFeB6+vZm+mhcW+kIyQF7Cgi6NCEq
X050vfWaoYxf5fddf29tULYhbRlMirpLEBPsfNiMU6ZOgAtXweEEpMJLykLcMblE
6NXYJmevJTijVk9BR1TlzyI202KRc+4ILt9fVL/nLldeejXTdznFKoxL+qkwkkPC
KKvRZ1tJ591IiuDRV3af77XmCuPhhrLsjQuUywghybFkdc3ydn95zpfpNT2mVrjj
xEPzyJ7MBeQ+du+ufM2Jt7c0GToS+Fm1QttUv0hYuy8Cppt14P+a6KyRiTPYw8tA
TJCTjtigQXWnJTnPHkBe7L4GGYqv3Q/CxTtsEkrhFnRrtRgl+/ro9Eman0TyM4tx
FjPWqDLbbklyd8MDuMSO+n6qCPCRYevxlP6y9HAHmjlrtfEAU67KV18i7kc0UiFk
9OUsHuENRBRkwuFTbCUi4MFoEOwkGqtqw7z9h262CVF7JvyasWM9Utp+3Z+zbd39
wLi6017pN1/dBUDADUh5VRFFxct/NvghL0x3iZkbg+0a35YHZ0HXUF1ZoXRx1X43
veThYhn9f8DlqEG4wMVLoadapjH+83AFAo3p51JtL9/hg2Bz3AECggEBAO9U2fnp
sGVJSfLKFqtTY4dFKaZH0Rf6OCnun4EezcO7wfthgL2T6Jv2i7p/cf+Z3XToxY+t
TSAp3VkRxfqdxd5gIRobXt/FIzbDlvazmZnGCnuzsmig3GzpAaGMjG8KWGD5DIIB
zbPh6YIlsa+vGXY6wb0ieRAj83PnDV3j1YavmD2YdOJ1PdIcPmCDy/CfmGRULXoR
jNgOw2zRBM7L5WXeaxFMEkI+6MMtqCERfueFb3r7PFeItZT/SgIOpkN3YbPe3Ci7
ntjeykWtHVzUqRyKohwEN9ustRR5fvu2MIPqMjbI4p/RX5HfVCnNr6bnuF2z5lMK
/d1DTLpJxM3q7cECggEBAMsq9Is24jeVD6QzhUvkiZSu45LrG9UmzlhcMnYO2Ula
kglAZdFS++1UaWGGdsKtdDGZTxUj82ZafJXqqo0cU6Ai4dBmDdlFsKSeKPfSNEL7
UrDwiZM60PjYCv6Pmb+Xyv6D32MlJcECE+aoEz6xki/EfDgP4MEcbF7oZ2wCfQE/
X04ZOLS/9+NaiCX0XXk9Fdnlx45Za6/UO2I0QdkXg17TbracvaodjpsR4M2PuQXC
/vWcMleocj80L1A8TZeEhrnSzDOaO4gps9E4r6leXjywRpe6xz4dv9mjimQdRD/q
tHO/FyknuTAvaGpckYlu+LhCtz9rEE5dvTnknryLe98CggEBAOESKuubmQenpKNu
6WK1SSQtJr35S+oAplDI17fWACvSptqBF1Exh88kTMNWlx6I1HrdbO1xTNayiDb7
P/Qv66T1QiwLEW3fNv6Jca8Pt6OlWrZ6h41due2yMpZ6VpcWY4bOr7STfZ9tFOwQ
BsnxIUDOgOQdRzymkoys/SUO3f+LouBKP6G4ICs35HFfgKsJa4buotXpK0sEl0P+
TUcs+M6UHJxnrcQe5Uan6TUv/ug71FsTaevn5Nv6ON82Z6WK35cIPoMP7pKE8jQU
WUiztVXiChHO5bjw8loO6BxPedCUriRXRsiFXhsQq1Wk2UtdH0T/qdruu08Zu051
kV8VUAECggEADXkJwnmfQsRVxzPLcR70qLF4UfPZYqcyI9XpWr7dVen1qTtmBR2V
q0Vfv6HlGj/aZred8O7zYyQ5AtAPA1CPkxz9EI7T+EaQ0jnSyaxc3tw/vZAV73eF
CBt7jyoCrhvo0Dv6gl6iRExY+YDH1e58nUJQYn9bDjNOVHTg9t6rX3vOXCV8BzB7
xc3pHWs5D6MnYc3FEAGKDJzsWzTP8Q+IHK+0tdNrGG7hWBM1byxKvsERm0QCaqG3
Ac36HT4CfzvAm24JMJrXu83YKNWzgG3Lngaqh8FRGSNr54ja0ozGS97KnKpdZNNH
ipR6PiNpW03KnJ1//WqiKDA7Li2lASfWzQKCAQBJbPpgq1QQoNPrZHj8Cv4ok2+W
gaEYvH8lLLuDdwnNkTw3+U9HtpY0dXMTPhDBzCN5Sr1PeqgJZrw6Ad6ftSw5diLM
qLA1Tha8D2uq87gbaMYLJjN6L2yp7dBvyvM2fpF+FWdIE5EufB7vIzJy8l+N5IID
h4koFkIi51a8x4sy4JGm/JMFrB13Od24CKO4Jgx0ZzvI0/FUyGpjQX0aaiNXI2gF
gF4+8IkXVULlSDBBRZT5wJ3RUp/8+1Q+o1kMJKqNdFjl++0FcAyCMk0L23R+6zyj
SkuXG1uQaAJneROF2v6CuZ/n+teAsc0i7zKCDr2+MbsUwjQfvkacrOcpPXof
-----END RSA PRIVATE KEY-----
35 changes: 35 additions & 0 deletions bin/tlskey/etcd.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
-----BEGIN CERTIFICATE-----
MIIGKDCCBBCgAwIBAgIUenEtxTIoifZkZcCzG6cJo0DgDXIwDQYJKoZIhvcNAQEN
BQAwbzELMAkGA1UEBhMCQ04xEDAOBgNVBAgTB0JlaWppbmcxEDAOBgNVBAcTB0Jl
aWppbmcxDTALBgNVBAoTBGV0Y2QxFjAUBgNVBAsTDWV0Y2QgU2VjdXJpdHkxFTAT
BgNVBAMTDGV0Y2Qtcm9vdC1jYTAeFw0xOTAxMDQwOTEzMDBaFw0yOTAxMDEwOTEz
MDBaMGcxCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdCZWlqaW5nMRAwDgYDVQQHEwdC
ZWlqaW5nMQ0wCwYDVQQKEwRldGNkMRYwFAYDVQQLEw1ldGNkIFNlY3VyaXR5MQ0w
CwYDVQQDEwRldGNkMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvfBx
Y/VzJ4l6vQ9oSP9aGftpfeubWsJttPcBZKK39k4jH5gOSoDCr2hthmvgFD4oVxOq
uG3UbHHASnZoA8QlMvBqaZULot+0dE6Lq197z/uzG13WGEvv4w2TB+wvkOlbfi4E
ET4XdU2TSpeWHkfmwOdAaRr7t1+PFio5B/4AxiWoyAmfg/hvNwgLZYVre6nT4Bfb
rApv8W4rihhvviHbPqoVY4tuAJX9gXumq33QeQCKovi6r68FckHb26sGMqSsJCgf
DkXy0DkJFyjlVUlipAfuuLpFy27B/tW+6Jy3Z1FSB/3fQ6spSGpD26R4m1GZl87N
B2u3iN5JyAuytScW9Mn3yqk4X66rpGVW50GFNLL1Oxmx2lQN2QGa/kcGgyMjuImo
dQrg1spFalB9xohlQqlJ+rgQf4wxLBwWsMAfftgY+3cmINWEqT2bBgOVhzelD/c0
0GB/rEDXIlgzetEu3JR7hKbpLk59NoRZVafyzWp/Jxb6L5RUeOnYJ19SXGbukAOA
CGRZCEHpVWp2AvKBYDG/gBvk0ggv7fyO2YUszQ8al615tvLxaoNv/nAZuZ6I9Ma9
N4ClvkNsofmwEOMFmrTNzEg0kJbJdDWWfz4vnUMrFGADc0NdIjybZp+7qV3DiB6w
2k1QJx2ri7vo3K38uRD1WY0DtNGfrIPHphOr1h8CAwEAAaOBwzCBwDAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFEG0F21mt0R3GzERzMn45HYZfAmNMB8GA1UdIwQYMBaA
FDhPZFoZW2pta+mKJwAJbowWrsasMEEGA1UdEQQ6MDiCCWxvY2FsaG9zdIIFZXRj
ZDCCBWV0Y2QxggVldGNkMocEfwAAAYcErBUAAocErBUAA4cErBUABDANBgkqhkiG
9w0BAQ0FAAOCAgEAog+DpiEScRkWqhYReTIFHXhPi9XMv8/thLEHPPKwl8YlFoUW
e6BJQhsyHl+gav51e6pk1sBmSfEtIWpP637u3B29yGLuFxDdVkqP0RFYkzZ0XsyF
QjbDNJfm13UluaTW5Jp8CzTI9Nc9nSLhAmfxC6OGu0fNEytdiNBc1s/R0LWamPYw
toSk82UpLVuxYLLLSxvvHUh2wbY/FQUy3UaykEHzLTtnw/i/dqGJ9itTZouRj3F4
wm5/J2FJrlq2W9Wj+bkunnUAP7TxXt6VmDnNO+j34jxW5EDA7G3MIVSCK+wvPzje
zr3mY/530dsA5eXJaff13ll5vSEqJ35ZfN3ho/muJiPXiKrh7lI2OkWEFMQ7K/p1
8ZneWhe0K47YLjrGmSYEyMEj67cz0xAKYX2lkwrg/ydzjIg1DO/GkpCBWW0CIX3f
PfFKi8Ei0qhn8/N94ApSZypBoiMRuGz9gwUuPsvGLhgbYg10Nbl8FnGACbPrY/kx
xIcMSXgf81KcKMo/QYxdl4oWPr5F4vWR2IwYsz5zQuGTvZ99bn3Nwgto3z+vI8gY
V2SMhcMDGGlVHoH49tfnak/poFIXw9ewNNY4bwgSEAS48GPyQDtbohv6kAeQTSWG
hxCr/uSTcDraWJQbMwow2KzsYIO6ebZlpI7qJIDS3vfIeadNzuh2ifvSCLI=
-----END CERTIFICATE-----
46 changes: 43 additions & 3 deletions docker-compose-cluster.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ services:
ports:
- 2379
volumes:
- etcd0:/etcd_data
- ./bin/etcd0:/etcd_data
- ./bin/tlskey:/etc/etcd/etcdSSL
command:
- /usr/local/bin/etcd
- -name
Expand All @@ -22,12 +23,25 @@ services:
- http://0.0.0.0:2380
- -initial-cluster
- etcd0=http://etcd0:2380,etcd1=http://etcd1:2380,etcd2=http://etcd2:2380
- --cert-file
- /etc/etcd/etcdSSL/etcd.pem
- --key-file
- /etc/etcd/etcdSSL/etcd-key.pem
- --peer-cert-file
- /etc/etcd/etcdSSL/etcd.pem
- --peer-key-file
- /etc/etcd/etcdSSL/etcd-key.pem
- --trusted-ca-file
- /etc/etcd/etcdSSL/ca.pem
- --peer-trusted-ca-file
- /etc/etcd/etcdSSL/ca.pem
etcd1:
image: quay.io/coreos/etcd:v3.3
ports:
- 2379
volumes:
- etcd1:/etcd_data
- ./bin/etcd1:/etcd_data
- ./bin/tlskey:/etc/etcd/etcdSSL
command:
- /usr/local/bin/etcd
- -name
Expand All @@ -44,12 +58,25 @@ services:
- http://0.0.0.0:2380
- -initial-cluster
- etcd0=http://etcd0:2380,etcd1=http://etcd1:2380,etcd2=http://etcd2:2380
- --cert-file
- /etc/etcd/etcdSSL/etcd.pem
- --key-file
- /etc/etcd/etcdSSL/etcd-key.pem
- --peer-cert-file
- /etc/etcd/etcdSSL/etcd.pem
- --peer-key-file
- /etc/etcd/etcdSSL/etcd-key.pem
- --trusted-ca-file
- /etc/etcd/etcdSSL/ca.pem
- --peer-trusted-ca-file
- /etc/etcd/etcdSSL/ca.pem
etcd2:
image: quay.io/coreos/etcd:v3.3
ports:
- 2379
volumes:
- etcd2:/etcd_data
- ./bin/etcd2:/etcd_data
- ./bin/tlskey:/etc/etcd/etcdSSL
command:
- /usr/local/bin/etcd
- -name
Expand All @@ -66,6 +93,18 @@ services:
- http://0.0.0.0:2380
- -initial-cluster
- etcd0=http://etcd0:2380,etcd1=http://etcd1:2380,etcd2=http://etcd2:2380
- --cert-file
- /etc/etcd/etcdSSL/etcd.pem
- --key-file
- /etc/etcd/etcdSSL/etcd-key.pem
- --peer-cert-file
- /etc/etcd/etcdSSL/etcd.pem
- --peer-key-file
- /etc/etcd/etcdSSL/etcd-key.pem
- --trusted-ca-file
- /etc/etcd/etcdSSL/ca.pem
- --peer-trusted-ca-file
- /etc/etcd/etcdSSL/ca.pem
etcd-manage:
# build: .
image: "shiguanghuxian/etcd-manage"
Expand All @@ -74,6 +113,7 @@ services:
volumes:
- ./bin/config/cfg.toml:/app/config/cfg.toml
- ./bin/logs:/app/logs
- ./bin/tlskey:/etc/etcd/etcdSSL
depends_on:
- etcd0

Expand Down

0 comments on commit 4d460c9

Please sign in to comment.