The ungleich etcd infrastructure » History » Version 1
ll nu, 06/25/2019 02:27 PM
1 | 1 | ll nu | h1. The ungleich etcd infrastructure |
---|---|---|---|
2 | |||
3 | Hey there fellow open/free infrastructure lover, this is a documentation of the ongoing etcd deployment. |
||
4 | |||
5 | 1 create ca.crt with openssl |
||
6 | openssl genrsa -out rootCA.key 4096 |
||
7 | |||
8 | 2 self-sign this certificate. |
||
9 | openssl req -x509 -new -nodes -key rootCA.key -sha512 -days 1024 -out rootCA.pem |
||
10 | |||
11 | 3 create a private key for device 1 |
||
12 | openssl genrsa -out etcd1.key 2048 |
||
13 | |||
14 | 4 signing request |
||
15 | openssl req -new -key etcd1.key -out etcd1.csr |
||
16 | |||
17 | 5 signing device 1 key |
||
18 | openssl x509 -req -in etcd1.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out etcd1.crt -days 1024 -sha512 |
||
19 | |||
20 | 6 copy keys scp |
||
21 | |||
22 | 7 start test |
||
23 | etcd --name infra0 --data-dir infra0 \ |
||
24 | --cert-file=/root/keys/etcd1.crt --key-file=/root/keys/etcd1.key \ |
||
25 | --advertise-client-urls=https://[2a0a:e5c0:0:2:0:b3ff:fe39:798b]:2379 --listen-client-urls=https://[2a0a:e5c0:0:2:0:b3ff:fe39:798b]:2379 |