定时备份etcd数据
1、etcd集群环境
endpoints="https://192.168.131.60:2379,https://192.168.131.61:2379,https://192.168.131.62:2379";
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 | # cat /etc/etcd.env# Environment file for etcd v3.3.12ETCD_DATA_DIR=/var/lib/etcdETCD_ADVERTISE_CLIENT_URLS=https://192.168.131.60:2379ETCD_INITIAL_ADVERTISE_PEER_URLS=https://192.168.131.60:2380ETCD_INITIAL_CLUSTER_STATE=existingETCD_METRICS=basicETCD_LISTEN_CLIENT_URLS=https://192.168.131.60:2379,https://127.0.0.1:2379ETCD_ELECTION_TIMEOUT=5000ETCD_HEARTBEAT_INTERVAL=250ETCD_INITIAL_CLUSTER_TOKEN=k8s_etcdETCD_LISTEN_PEER_URLS=https://192.168.131.60:2380ETCD_NAME=etcd1ETCD_PROXY=offETCD_INITIAL_CLUSTER=etcd1=https://192.168.131.60:2380,etcd2=https://192.168.131.61:2380,etcd3=https://192.168.131.62:2380ETCD_AUTO_COMPACTION_RETENTION=8ETCD_SNAPSHOT_COUNT=10000# TLS settingsETCD_TRUSTED_CA_FILE=/etc/ssl/etcd/ssl/ca.pemETCD_CERT_FILE=/etc/ssl/etcd/ssl/member-master1.pemETCD_KEY_FILE=/etc/ssl/etcd/ssl/member-master1-key.pemETCD_CLIENT_CERT_AUTH=trueETCD_PEER_TRUSTED_CA_FILE=/etc/ssl/etcd/ssl/ca.pemETCD_PEER_CERT_FILE=/etc/ssl/etcd/ssl/member-master1.pemETCD_PEER_KEY_FILE=/etc/ssl/etcd/ssl/member-master1-key.pemETCD_PEER_CLIENT_CERT_AUTH=True# CLI settingsETCDCTL_ENDPOINTS=https://127.0.0.1:2379ETCDCTL_CA_FILE=/etc/ssl/etcd/ssl/ca.pemETCDCTL_KEY_FILE=/etc/ssl/etcd/ssl/admin-master1-key.pemETCDCTL_CERT_FILE=/etc/ssl/etcd/ssl/admin-master1.pem |
2、etcd备份脚本,其中有些参数需根据自身环境进行修改。
- etcd_endpoint值为各个etcd节点的ip加2379端口组成
- inventory_hostname值为每台etcd机器的hostname值,不同etcd机器需要配不同的值,可参考/etc/etcd.env里面的值。
备份脚本etcd-backup.sh模板。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | #! /bin/bashETCDCTL_PATH='/usr/local/bin/etcdctl'ENDPOINTS='{{ etcd_endpoint }}'ETCD_DATA_DIR="/var/lib/etcd"BACKUP_DIR="/var/backups/kube_etcd/etcd-$(date +%Y-%m-%d_%H:%M:%S)"ETCDCTL_CERT="/etc/ssl/etcd/ssl/admin-{{ inventory_hostname }}.pem"ETCDCTL_KEY="/etc/ssl/etcd/ssl/admin-{{ inventory_hostname }}-key.pem"ETCDCTL_CA_FILE="/etc/ssl/etcd/ssl/ca.pem"[ ! -d $BACKUP_DIR ] && mkdir -p $BACKUP_DIRsleep 3{export ETCDCTL_API=3;$ETCDCTL_PATH --endpoints="$ENDPOINTS" snapshot save $BACKUP_DIR/snapshot.db \ --cacert="$ETCDCTL_CA_FILE" \ --cert="$ETCDCTL_CERT" \ --key="$ETCDCTL_KEY"} > /dev/null sleep 3cd $BACKUP_DIR/../;ls -lt |awk '{if(NR>10){print "rm -rf "$9}}'|sh |
endpoints="https://192.168.131.60:2379,https://192.168.131.61:2379,https://192.168.131.62:2379"环境备份备份脚本etcd-backup.sh。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | #! /bin/bashETCDCTL_PATH='/usr/local/bin/etcdctl'ENDPOINTS='https://192.168.131.60:2379,https://192.168.131.61:2379,https://192.168.131.62:2379'ETCD_DATA_DIR="/var/lib/etcd"BACKUP_DIR="/var/backups/kube_etcd/etcd-$(date +%Y-%m-%d_%H:%M:%S)"ETCDCTL_CERT="/etc/ssl/etcd/ssl/admin-master1.pem"ETCDCTL_KEY="/etc/ssl/etcd/ssl/admin-master1-key.pem"ETCDCTL_CA_FILE="/etc/ssl/etcd/ssl/ca.pem"[ ! -d $BACKUP_DIR ] && mkdir -p $BACKUP_DIRsleep 3{export ETCDCTL_API=3;$ETCDCTL_PATH --endpoints="$ENDPOINTS" snapshot save $BACKUP_DIR/snapshot.db \ --cacert="$ETCDCTL_CA_FILE" \ --cert="$ETCDCTL_CERT" \ --key="$ETCDCTL_KEY"} > /dev/null sleep 3cd $BACKUP_DIR/../;ls -lt |awk '{if(NR>10){print "rm -rf "$9}}'|sh |
3、定时备份操作,etcd-backup.sh脚本放到/opt/etcd_back
- 加入crontab指令:crontab -e
- 新增一行指令,每天凌晨2点执行:0 2 * * * sh /opt/etcd_back/etcd-backup.sh
分类:
Mesos&Kubernetes
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· .NET Core 中如何实现缓存的预热?
· 从 HTTP 原因短语缺失研究 HTTP/2 和 HTTP/3 的设计差异
· AI与.NET技术实操系列:向量存储与相似性搜索在 .NET 中的实现
· 基于Microsoft.Extensions.AI核心库实现RAG应用
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· 阿里巴巴 QwQ-32B真的超越了 DeepSeek R-1吗?
· 【译】Visual Studio 中新的强大生产力特性
· 张高兴的大模型开发实战:(一)使用 Selenium 进行网页爬虫
· 【设计模式】告别冗长if-else语句:使用策略模式优化代码结构