Ipv6 Address Configuration

The ipv6 address of the cloud host needs to be applied to the IT department for ipv6, and they will assign you the address and gateway.

If you already have an ipv6 address and gateway, set it up as follows.

Locate the configuration sysctl.conf file at the path: /etc/sysctl.conf and add/modify the following configuration.

net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.lo.disable_ipv6 = 0

Then execute the sysctl -p command to make the above changes take effect

Find the network.conf file at /etc/sysconfig/network and modify/add the following configuration

NETWORKING_IPV6=yes

Configure the IPV6 address.

vi /etc/sysconfig/network-scripts/ifcfg-eth1  #eth0 or eth1 depending on the specific NIC of the machine.

# Created by cloud-init on instance boot automatically, do not edit.
#
BOOTPROTO=none
DEVICE=eth1  #NIC
MTU=1500
ONBOOT=yes
STARTMODE=auto
TYPE=Ethernet
USERCTL=no
IPV6_AUTOCONF=no
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no

IPV6INIT=yes
IPV6ADDR=FD69:1:0010:F940::A13:24CE/64    #ipv6 address
IPV6_DEFAULTGW=FD69:1:0010:F940::A13:24FE #gateway

#Reboot the NIC
systemctl restart network

After applying for the address, configure it to ensure that it can be pinged directly to each other and ssh can log in, e.g.

ping6 -I eth1 fd69:1:10:f940::a13:24ce
ssh adbpuq@fd69:1:10:f940::a13:24ce -p 22022

Main library configuration

The same as the above steps to build the host, you need to pay attention to the configuration file modification.

#postgresql.conf
listen_addresses = '*'

#pg_hba.conf
# add under IPv6 local connections:
host    all             all             ::/0                    trust
host    replication     all             ::/0                    trust

etcd configuration

etcd is set up as above, only the ip section of etcd's configuration file /etc/etcd/conf.yaml needs to be changed to ipv6 address, and it should be noted that the ipv6 address needs to be enclosed in [ ].

As an example, the configuration of one machine, /etc/etcd/conf.yaml, is as follows

name: etcd-2
data-dir: /var/lib/etcd/data
listen-client-urls: http://[fd69:1:10:f940::a13:24ce]:12379,http://[::1]:12379
advertise-client-urls: http://[fd69:1:10:f940::a13:24ce]:12379
listen-peer-urls: http://[fd69:1:10:f940::a13:24ce]:12380
initial-advertise-peer-urls: http://[fd69:1:10:f940::a13:24ce]:12380
initial-cluster: etcd-1=http://[fd69:1:10:f780::a13:1c81]:12380,etcd-2=http://[fd69:1:10:f940::a13:24ce]:12380,etcd-3=http://[fd69:1:10:f940::a13:24cf]:12380
initial-cluster-token: etcd-cluster-token
initial-cluster-state: existing
heartbeat-interval: 1000
election-timeout: 5000

etcd configurationbasic authentication

This step only needs to be run on the leader (just run it on one machine) and etcd will automatically synchronize.

#fd69:1:10:f780::a13:1c81，fd69:1:10:f940::a13:24ce，fd69:1:10:f940::a13:24cf]:12379 are ipv6 for three machines, which need to be modified to suit the environment.
# antdb user execution
# Enable v3 privilege authentication
export ETCDCTL_API=3

etcdctl --endpoints=http://[fd69:1:10:f780::a13:1c81]:12379,http://[fd69:1:10:f940::a13:24ce]:12379,http://[fd69:1:10:f940::a13:24cf]:12379 user add root
--Follow the prompts to enter the password (set your own password, e.g. antdb)

etcdctl --endpoints=http://[fd69:1:10:f780::a13:1c81]:12379,http://[fd69:1:10:f940::a13:24ce]:12379,http://[fd69:1:10:f940::a13:24cf]:12379 auth enable

# Enable v2 privilege authentication
export ETCDCTL_API=2

etcdctl --endpoints=http://[fd69:1:10:f780::a13:1c81]:12379,http://[fd69:1:10:f940::a13:24ce]:12379,http://[fd69:1:10:f940::a13:24cf]:12379 user passwd root
--Follow the prompts to enter your password (set your own password:, e.g. antdb)

# Create a patroni user and set a password
etcdctl --endpoints=http://[fd69:1:10:f780::a13:1c81]:12379,http://[fd69:1:10:f940::a13:24ce]:12379,http://[fd69:1:10:f940::a13:24cf]:12379  --username root:antdb role add patroni_user

# -path '/service/*' This is the content of the key of etcd, which looks like a path, in fact, it is a string, in order to distinguish the hierarchical relationship, the key is generally defined as a directory, you can later match the prefix to find. It is consistent with the namespace: /service/ setting in /etc/patroni.yml.
etcdctl --endpoints=http://[fd69:1:10:f780::a13:1c81]:12379,http://[fd69:1:10:f940::a13:24ce]:12379,http://[fd69:1:10:f940::a13:24cf]:12379 --username root:antdb role grant patroni_user -path '/service/*' -readwrite


etcdctl --endpoints=http://[fd69:1:10:f780::a13:1c81]:12379,http://[fd69:1:10:f940::a13:24ce]:12379,http://[fd69:1:10:f940::a13:24cf]:12379 --username root:antdb user add patroni_user


etcdctl --endpoints=http://[fd69:1:10:f780::a13:1c81]:12379,http://[fd69:1:10:f940::a13:24ce]:12379,http://[fd69:1:10:f940::a13:24cf]:12379 --username root:antdb user grant patroni_user -roles patroni_user

#View:
etcdctl --endpoints=http://[fd69:1:10:f780::a13:1c81]:12379,http://[fd69:1:10:f940::a13:24ce]:12379,http://[fd69:1:10:f940::a13:24cf]:12379 --username root:antdb role list