K8S-ETCD数据库备份与恢复

kubernetes使用etcd数据库实时存储集群中的数据,安全起见,一定要备份

需要指定使用etcdctl的版本

etcd数据库备份是使用数控快照的方式进行备份的,备份后的新数据不会保留,后面创建的pod也会被清除掉

kubeadm方式

kubeadm部署方备份:

首先需要安装etcdctl 命令行命令

yum install -y etcd

备份

ETCDCTL_API=3 etcdctl \
snapshot save snap.db \  #注意是当前路径,可以指定路径
--endpoints=https://127.0.0.1:2379 \
--cacert=/etc/kubernetes/pki/etcd/ca.crt \
--cert=/etc/kubernetes/pki/etcd/peer.crt \
--key=/etc/kubernetes/pki/etcd/peer.key

ETCDCTL_API=3 etcdctl snapshot status snap.db  #查看文件存储的信息

kubeadm 部署恢复etcd数据库

1、先暂停kube-apiserver和etcd容器
    mv /etc/kubernetes/manifests /etc/kubernetes/manifests.bak
    mv /var/lib/etcd/ /var/lib/etcd.bak
2、恢复
    ETCDCTL_API=3 etcdctl \
    snapshot restore snap.db \
    --data-dir=/var/lib/etcd
3、启动kube-apiserver和etcd容器
    mv /etc/kubernetes/manifests.bak /etc/kubernetes/manifests
    mv /var/lib/etcd.bak  /var/lib/etcd/

 

二进制方式:

kubernetes使用etcd数据库实时存储集群中的数据,安全起见,一定要备份

二进制部署方式备份:

首先需要安装etcdctl 命令行命令

yum install -y etcd

备份

ETCDCTL_API=3 etcdctl \
snapshot save snap.db \
--endpoints=https://192.168.10.160:2379 \
--cacert=/opt/etcd/ssl/ca.pem \
--cert=/opt/etcd/ssl/server.pem \
--key=/opt/etcd/ssl/server-key.pem

恢复

1、先暂停kube-apiserver和etcd

systemctl stop kube-apiserver
systemctl stop etcd etcd
mv /var/lib/etcd/default.etcd /var/lib/etcd/default.etcd.bak

2、在每个节点上恢复

节点一恢复 

ETCDCTL_API=3 etcdctl snapshot restore snap.db \
--name etcd-1 \
--initial-cluster= "etcd-1=https://192.168.10.160:2380,etcd-2=https://192.168.10.161:2380,etcd-3=https:192.168.10.162:2380" \
--initial-advertise-peer-url=https://192.168.10.160:2380 \
--data-dir=/var/lib/etcd/default.etcd

节点二恢复

ETCDCTL_API=3 etcdctl snapshot restore snap.db \
--name etcd-2 \
--initial-cluster= "etcd-1=https://192.168.10.160:2380,etcd-2=https://192.168.10.161:2380,etcd-3=https:192.168.10.162:2380" \
--initial-advertise-peer-url=https://192.168.10.162:2380 \
--data-dir=/var/lib/etcd/default.etcd

节点三恢复

ETCDCTL_API=3 etcdctl snapshot restore snap.db \
--name etcd-3 \
--initial-cluster= "etcd-1=https://192.168.10.160:2380,etcd-2=https://192.168.10.161:2380,etcd-3=https:192.168.10.162:2380" \
--initial-advertise-peer-url=https://192.168.10.162:2380 \
--data-dir=/var/lib/etcd/default.etcd

3、启动kube-apiserver和etcd

mv /var/lib/etcd/default.etcd.bak /var/lib/etcd/default.etcd
systemctl start kube-apiserver
systemctl start etcd.service 
posted @ 2020-10-06 14:45  缺个好听的昵称  阅读(2686)  评论(0编辑  收藏  举报