k8s叢集etcd備份與恢復
阿新 • • 發佈:2022-03-10
目前,仍有很多etcd以容器的方式執行。在多種安裝方式中,大部分仍執行在容器中。比如,rancher安裝,kubeadm,minikube(以pod的形式執行)。所以,我們可以在宿主機上使用etcdctl操作容器中的etcd。
環境準備
etcdctl安裝
wget https://github.com/etcd-io/etcd/releases/download/v3.4.13/etcd-v3.4.13-linux-amd64.tar.gz tar zxvf etcd-v3.4.13-linux-amd64.tar.gz mv etcd-v3.4.13-linux-amd64/etcdctl /usr/bin
基礎命令檢查
endpoint health
ECTD_API=3 etcdctl --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/server.crt \
--key=/etc/kubernetes/pki/etcd/server.key --endpoints=https://10.0.0.69:2379 endpoint health
get
# 檢視所有的key
ECTD_API=3 etcdctl --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/server.crt \
--key=/etc/kubernetes/pki/etcd/server.key --endpoints=https://10.0.0.69:2379 get / --prefix --keys-only
# 檢視某一個key
ECTD_API=3 etcdctl --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/server.crt \
--key=/etc/kubernetes/pki/etcd/server.key --endpoints=https://10.0.0.69:2379 get /registry/namespaces/default
ETCD備份
#! /bin/bash ETCD_PATH=/etc/kubernetes/pki CACERT=$ETCD_PATH/etcd/ca.crt CERT=$ETCD_PATH/etcd/server.crt KEY=$ETCD_PATH/etcd/server.key ENDPOINTS=https://10.0.0.69:2379 ETCDCTL_API=3 etcdctl \ --cacert="${CACERT}" --cert="${CERT}" --key="${KEY}" \ --endpoints=${ENDPOINTS} \ snapshot save /root/etcd-backup/etcd-snapshot-`date +%Y%m%d%H%M%S`.db
備份是執行./etcd_backup.sh
ETCD恢復
#!/bin/bash if [ ! -n "$1" ]; then echo "請輸入etcd備份檔案的時間" exit fi BACKUP=/root/etcd-backup/etcd-snapshot-$1.db echo $BACKUP if [ ! -f "$BACKUP" ]; then echo "etcd備份檔案不存在,請重新執行並輸入正確的備份檔案時間" exit fi ETCD_PATH=/etc/kubernetes/pki CACERT=$ETCD_PATH/etcd/ca.crt CERT=$ETCD_PATH/etcd/server.crt KEY=$ETCD_PATH/etcd/server.key INITIAL_CLUSTER=https://192.168.5.45:2380 INITIAL_ADVERTISE_PEER_URLS=https://192.168.5.45:2380 rm -rf /var/lib/etcd/ ECTD_API=3 etcdctl --cacert=$ETCD_PATH/etcd/ca.crt --cert=$ETCD_PATH/etcd/server.crt --key=$ETCD_PATH/etcd/server.key --endpoints=$ENDPOINTS snapshot restore \ $BACKUP --name=master1 --initial-cluster=master1=$INITIAL_CLUSTER --initial-advertise-peer-urls=$INITIAL_ADVERTISE_PEER_URLS --data-dir=/var/lib/etcd
恢復時執行etcd_restore.sh 20220310140803 【20220310140803為備份時的日期時間】