Installing CoreOS etcd server on CentOS 7

While I’m preparing a shell script or test some Ansible roles available at Ansible Galaxy so the installation is automatic, here I show you the steps I followed to install by hand the Etcd server on CentOS 7 as quick and fast as possible.

First of all we have to create some directories (/var/lib/etcd and /etc/etcd) and add the etcd user and group

mkdir /var/lib/etcd;mkdir /etc/etcd; groupadd -r etcd; useradd -r -g etcd -d /var/lib/etcd -s /sbin/nologin -c "etcd user" etcd;chown -R etcd:etcd /var/lib/etcd

Now we have to add a systemd service definition for our etcd service

cat << EOT > /usr/lib/systemd/system/etcd.service
[Unit]
Description=etcd service
After=network.target

[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
EnvironmentFile=-/etc/etcd/etcd.conf
User=etcd
ExecStart=/usr/bin/etcd
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target
EOT

Warning: The etcd service needs a configuration file, we install a really simple one that should be modified according to your needs, e.g add urls with your server’s IP address or DNS names so your server is not only useful for localhost and secure client requests. Read https://github.com/coreos/etcd for more info.

cat &lt;&lt; EOT &gt; /etc/etcd/etcd.conf
 # [member]
 ETCD_NAME=default
 ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
 #ETCD_SNAPSHOT_COUNTER="10000"
 #ETCD_HEARTBEAT_INTERVAL="100"
 #ETCD_ELECTION_TIMEOUT="1000"
 #ETCD_LISTEN_PEER_URLS="http://localhost:2380,http://localhost:7001"
 ETCD_LISTEN_CLIENT_URLS="http://localhost:2379"
 ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379"
 #ETCD_MAX_SNAPSHOTS="5"
 #ETCD_MAX_WALS="5"
 #ETCD_CORS=""
 #
 #[cluster]
 #ETCD_INITIAL_ADVERTISE_PEER_URLS="http://localhost:2380,http://localhost:7001"
 # if you use different ETCD_NAME (e.g. test), set ETCD_INITIAL_CLUSTER value for this name, i.e. "test=http://..."
 #ETCD_INITIAL_CLUSTER="default=http://localhost:2380,default=http://localhost:7001"
 #ETCD_INITIAL_CLUSTER_STATE="new"
 #ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
 #ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379,http://localhost:4001"
 #ETCD_DISCOVERY=""
 #ETCD_DISCOVERY_SRV=""
 #ETCD_DISCOVERY_FALLBACK="proxy"
 #ETCD_DISCOVERY_PROXY=""
 #
 #[proxy]
 #ETCD_PROXY="off"
 #
 #[security]
 #ETCD_CA_FILE=""
 #ETCD_CERT_FILE=""
 #ETCD_KEY_FILE=""
 #ETCD_PEER_CA_FILE=""
 #ETCD_PEER_CERT_FILE=""
 #ETCD_PEER_KEY_FILE=""
 EOT

Time to download and install etcd binaries for Linux x86_64, the following commands should be good for any Linux distro. It downloads the latest stable version available, creates a directory for any downloaded version and changes the symbolinc link accordingly. It runs etcd with the version argument to check that the binary works fine.

ETCD_VERSION=`curl -s -L https://github.com/coreos/etcd/releases/latest | grep linux-amd64\.tar\.gz | grep href | cut -f 6 -d '/' | sort -u`; ETCD_DIR=/opt/etcd-$ETCD_VERSION; mkdir $ETCD_DIR;curl -L https://github.com/coreos/etcd/releases/download/$ETCD_VERSION/etcd-$ETCD_VERSION-linux-amd64.tar.gz | tar xz --strip-components=1 -C $ETCD_DIR; ln -sf $ETCD_DIR/etcd /usr/bin/etcd && ln -sf $ETCD_DIR/etcdctl /usr/bin/etcdctl; etcd --version

We can enable and start the etcd server with:

systemctl enable etcd; systemctl start etcd

Check etcd service status

systemctl status etcd

● etcd.service – etcd service
Loaded: loaded (/usr/lib/systemd/system/etcd.service; enabled; vendor preset: disabled)
Active: active (running) since lun 2016-08-01 10:05:51 UTC; 2s ago
Main PID: 31051 (etcd)
CGroup: /system.slice/etcd.service
└─31051 /usr/bin/etcd

ago 01 10:05:51 localhost.localdomain etcd[31051]: ready to serve client requests
ago 01 10:05:51 localhost.localdomain etcd[31051]: serving insecure client requests on localhost:2379, this is strongly discouraged!
ago 01 10:05:51 localhost.localdomain systemd[1]: Started etcd service.

As you may notice there’s a warning about “serving insecure client requests on localhost:2379, this is strongly discouraged!” once again please change the configuration for your needs and set it safely.

I’ll try update this post so you may follow this blog.

Cheers!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s