I think the assumption is that etcd doesn't just fail by itself, and if the whole machine is gone it doesn't matter the kube-apiserver would be unavailable too.
I have run clusters in all possible HA modes: with kube-apiserver talking to etcd on localhost; co-hosted but with each kube-apiserver knowing about all etcd, and completely separate. I settled on the latter mostly because it makes reinstalling the apiserver nodes (where configuration changes more frequently) easier by not having to deal with etcd cluster membership at the same time. The main benefit of only using localhost is that you can forego authentication on the client port when not exposing it over the network, this saves you from teaching kube-apiserver about it. On the other hand, this has gotten easier in Kubernetes 1.2. /MR On May 29, 2016 4:27 PM, "Qian Zhang" <[email protected]> wrote: > Hi, > > I read http://kubernetes.io/docs/admin/high-availability/, and it seems > the recommended way is to run apiserver and etcd in each master node, and > each apiserver will always talk to the local etcd (--etcd-servers= > http://127.0.0.1:4001). My concern is what if the etcd in a master node > fails, then the apiserver in that master node can not work too, right? If > so, why not run etcd cluster in a separate set of node, and let apiserver > talk to the etcd cluster (--etcd-servers=http://etcd1:4001, > http://etcd2:4001,http://etcd3:4001)? > > > Thanks, > Qian > > -- > You received this message because you are subscribed to the Google Groups > "Containers at Google" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/google-containers. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Containers at Google" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-containers. For more options, visit https://groups.google.com/d/optout.
