我要评论一、首先,要使用cfssl生成etcd证书相关的文件(ca.pem server.pem server-key.pem ),然后把server-key.pem进行转换:
openssl pkcs8 -topk8 -nocrypt -in server-key.pem -out server.key
二、带证书启动etcd
./etcd --name infra0 --cert-file=/root/server.pem --key-file=/root/server-key.pem --advertise-client-urls=https://0.0.0.0:2379 --listen-client-urls=https://0.0.0.0:2379
可通过etcdctl 进行连接验证
./etcdctl --cacert=/root/ca.pem --cert=/root/server.pem --key=/root/server-key.pem --endpoints="https://10.180.23.10:2379" get elon
三、在java项目中添加相关依赖,完整依赖类似如下:
<?xml version="1.0" encoding="utf-8"?>
<project xmlns="http://maven.apache.org/pom/4.0.0"
xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"
xsi:schemalocation="http://maven.apache.org/pom/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelversion>4.0.0</modelversion>
<groupid>org.example</groupid>
<artifactid>springbootetcd3</artifactid>
<version>1.0-snapshot</version>
<properties>
<maven.compiler.source>8</maven.compiler.source>
<maven.compiler.target>8</maven.compiler.target>
</properties>
<parent>
<groupid>org.springframework.boot</groupid>
<artifactid>spring-boot-starter-parent</artifactid>
<version>2.6.6</version>
<relativepath/> <!-- lookup parent from repository -->
</parent>
<dependencies>
<dependency>
<groupid>io.etcd</groupid>
<artifactid>jetcd-core</artifactid>
<version>0.7.7</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.coreos/jetcd-core -->
<!-- <dependency>
<groupid>com.coreos</groupid>
<artifactid>jetcd-core</artifactid>
<version>0.0.2</version>
</dependency>-->
<!-- <dependency>
<groupid>io.etcd</groupid>
<artifactid>jetcd-core</artifactid>
<version>0.5.0</version>
</dependency>-->
<!-- <dependency>
<groupid>io.grpc</groupid>
<artifactid>grpc-netty-shaded</artifactid>
<version>1.50.0</version>
</dependency>-->
<!-- https://mvnrepository.com/artifact/io.netty/netty-all -->
<dependency>
<groupid>io.netty</groupid>
<artifactid>netty-all</artifactid>
<version>4.1.90.final</version>
</dependency>
<!-- https://mvnrepository.com/artifact/io.netty/netty-tcnative -->
<dependency>
<groupid>io.netty</groupid>
<artifactid>netty-tcnative</artifactid>
<version>2.0.65.final</version>
</dependency>
<!-- https://mvnrepository.com/artifact/io.netty/netty-tcnative-boringssl-static -->
<dependency>
<groupid>io.netty</groupid>
<artifactid>netty-tcnative-boringssl-static</artifactid>
<version>2.0.65.final</version>
</dependency>
<dependency>
<groupid>org.springframework.boot</groupid>
<artifactid>spring-boot-starter-web</artifactid>
</dependency>
</dependencies>
</project>
四、创建客户端,访问etcd
package cn.edu.tju;
import io.etcd.jetcd.bytesequence;
import io.etcd.jetcd.client;
import io.etcd.jetcd.kv;
import io.etcd.jetcd.api.putresponse;
import io.grpc.netty.grpcsslcontexts;
import io.netty.handler.ssl.sslcontext;
import java.io.file;
import java.io.ioexception;
import java.util.concurrent.completablefuture;
import java.util.concurrent.executionexception;
public class etcdexample {
public static void main(string[] args) throws ioexception, executionexception, interruptedexception {
file cert = new file("d:\\ca.pem");
file keycertchainfile = new file("d:\\server.pem");
file keyfile = new file("d:\\server.key");
sslcontext context = grpcsslcontexts.forclient()
.trustmanager(cert)
.keymanager(keycertchainfile, keyfile)
.build();
client client = client.builder()
.endpoints("https://xx.xx.xx.xx:2379")
.sslcontext(context)
.build();
bytesequence key = bytesequence.from("elon".getbytes());
bytesequence value = bytesequence.from("musk".getbytes());
// put the key-value
client.getkvclient().put(key,value).get();
system.out.println("ok");
}
}到此这篇关于java通过证书访问etcd的实现步骤的文章就介绍到这了,更多相关java 证书访问etcd内容请搜索代码网以前的文章或继续浏览下面的相关文章希望大家以后多多支持代码网!
发表评论