etcd备份恢复操作

etcd集群每个节点上的数据都是相同的，在任意一个正常的节点上备份都能得到8s集群完整的数据

Kubernetes 集群备份主要是备份 ETCD 集群，而恢复时，主要考虑恢复整个顺序：
1，停止所有 Master 上 kube-apiserver 服务
2，停止所有ETCD
3，恢复数据
4，启动ETCD
5，启动kube-apiserve

二进制

ETCDCTL_API=3 /opt/etcd/bin/etcdctl --endpoints=https://10.98.4.1:2379  --cacert=/opt/etcd/ssl/ca.pem --cert=/opt/etcd/ssl/server.pem --key=/opt/etcd/ssl/server-key.pem  snapshot save `date +%Y%m%d`-etcd.db
scp 20220823-etcd.db root@10.98.4.2:/root/
scp 20220823-etcd.db root@10.98.4.3:/root/

kubeadm

拷贝etcd命令

docker cp $(docker ps  |  grep -v etcd-mirror | grep -w etcd | awk '{print $1}'):/usr/local/bin/etcdctl /usr/bin/

etcd任意节点上备份

/usr/local/bin/etcdctl --endpoints 127.0.0.1:2379  --cert="/etc/kubernetes/pki/etcd/server.crt"  --key="/etc/kubernetes/pki/etcd/server.key"  --cacert="/etc/kubernetes/pki/etcd/ca.crt"   snapshot save `date +%Y%m%d`-etcd.db
scp 20220823-etcd.db root@10.98.4.2:/root/
scp 20220823-etcd.db root@10.98.4.3:/root/

恢复步骤

systemctl stop kube-apiserver
systemct stop etcd
#etcd-1节点恢复操作，--name，--data-dir，--initial-cluster-token如果和原配置文件保持一致无需修改
ETCDCTL_API=3 /opt/etcd/bin/etcdctl snapshot  --cacert=/opt/etcd/ssl/ca.pem  --cert=/opt/etcd/ssl/server.pem  --key=/opt/etcd/ssl/server-key.pem  restore /root/20220823-etcd.db  --name="etcd-1"  --initial-cluster="etcd-1=https://10.98.4.1:2380,etcd-2=https://10.98.4.2:2380,etcd-3=https://10.98.4.3:2380" --data-dir="/var/lib/etcd/default.etcd" --initial-cluster-token="etcd-cluster" --initial-advertise-peer-urls="https://10.98.4.1:2380"#etcd-2节点恢复操作
ETCDCTL_API=3 etcdctl snapshot  --cacert=/opt/etcd/ssl/ca.pem  --cert=/opt/etcd/ssl/server.pem  --key=/opt/etcd/ssl/server-key.pem  restore /root/etcd-backup/2022年08月23日-etcd2.db  --name="etcd-2"  --initial-cluster="etcd-1=https://10.98.4.1:2380,etcd-2=https://10.98.4.2:2380,etcd-3=https://10.98.4.3:2380" --data-dir="/var/lib/etcd/default.etcd2" --initial-cluster-token="etcd-cluster-0" --initial-advertise-peer-urls="https://10.98.4.2:2380"#etcd-3节点恢复操作
ETCDCTL_API=3 etcdctl snapshot  --cacert=/opt/etcd/ssl/ca.pem  --cert=/opt/etcd/ssl/server.pem  --key=/opt/etcd/ssl/server-key.pem  restore /root/etcd-backup/2022年08月23日-etcd3.db  --name="etcd-3"  --initial-cluster="etcd-1=https://10.98.4.1:2380,etcd-2=https://10.98.4.2:2380,etcd-3=https://10.98.4.3:2380" --data-dir="/var/lib/etcd/default.etcd3" --initial-cluster-token="etcd-cluster-0" --initial-advertise-peer-urls="https://10.98.4.3:2380"

定时备份

#!/usr/bin/env bashdate;CACERT="/opt/etcd/ssl/ca.pem"
CERT="/opt/etcd/ssl/server.pem"
KEY="/opt/etcd/ssl/server-key.pem"
ENDPOINTS="https://10.98.4.1:2379"ETCDCTL_API=3 /opt/etcd/bin/etcdctl \
--cacert="${CACERT}" --cert="${CERT}" --key="${KEY}" \
--endpoints=${ENDPOINTS} \
snapshot save /data/etcd_backup_dir/`date +%Y%m%d`-etcd.db# 备份保留30天
find /data/etcd_backup_dir/ -name *.db -mtime +30 -exec rm -f {} \;

本文来自互联网用户投稿，该文观点仅代表作者本人，不代表本站立场。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如若转载，请注明出处：http://www.mzph.cn/pingmian/52783.shtml

如若内容造成侵权/违法违规/事实不符，请联系多彩编程网进行投诉反馈email:809451989@qq.com，一经查实，立即删除！