碼上歡樂
相關內容    簡體    繁體

Kubernetes備份和恢復

本文轉載自   查看原文   2018-04-15 15:57   1940    kubernetes/ Docker

文章主要參考

https://yq.aliyun.com/articles/336781?spm=a2c4e.11153940.blogcont561894.22.11337fffUWosVP

把主要步驟做個記錄

 

  • 備份etcd數據

首先由於ETCD有三個備份,並且會同步,所以您只需要在一台master機器上執行ETCD備份即可。

另外在運行下列命令前,確保當前機器的kube-apiserver是運行的。

ps -ef|grep kube-apiserver
root      2063  2047  1 1月05 ?       00:41:01 kube-apiserver

執行備份

export ETCD_SERVERS=$(ps -ef|grep apiserver|grep -Eo "etcd servers=.*2379"|awk -F= '{print $NF}')
mkdir -p /var/lib/etcd_backup/
export ETCDCTL_API=3 
etcdctl snapshot --endpoints=$ETCD_SERVERS --cacert=/var/lib/etcd/cert/ca.pem --cert=/var/lib/etcd/cert/etcd-client.pem --key=/var/lib/etcd/cert/etcd-client-key.pem save /var/lib/etcd_backup/backup_$(date "+%Y%m%d%H%M%S").db
Snapshot saved at /var/lib/etcd_backup/backup_20180107172459.db

 

執行完成后,您可以在/var/lib/etcd_backup中找到備份的snapshot

[root@iZwz95q64qi83o88y9lq4cZ etcd_backup]# cd /var/lib/etcd_backup/
[root@iZwz95q64qi83o88y9lq4cZ etcd_backup]# ls
backup_20180107172459.db
[root@iZwz95q64qi83o88y9lq4cZ etcd_backup]# du -sh backup_20180107172459.db
8.0M    backup_20180107172459.db

 

  • 利用ETCD的備份恢復Kubernetes集群

首先需要分別停掉三台Master機器的kube-apiserver,確保kube-apiserver已經停止了,執行下列命令返回值為0

mkdir -p /etc/kubernetes/manifests-backups
mv /etc/kubernetes/manifests/kube-apiserver.yaml /etc/kubernetes/manifests-backups/
ps -ef|grep kube-api|grep -v grep |wc -l
0

 

分別在三台Master節點上,停止ETCD服務

service etcd stop

移除ETCD數據目錄

mv /var/lib/etcd/data.etcd /var/lib/etcd/data.etcd_bak

分別在各個節點恢復數據,首先需要拷貝數據到每個master節點, 假設備份數據存在於/var/lib/etcd_backup/backup_20180107172459.db

scp /var/lib/etcd_backup/backup_20180107172459.db root@master1:/var/lib/etcd_backup/
scp /var/lib/etcd_backup/backup_20180107172459.db root@master2:/var/lib/etcd_backup/
scp /var/lib/etcd_backup/backup_20180107172459.db root@master3:/var/lib/etcd_backup/

執行恢復命令

set -x
export ETCD_NAME=$(cat /usr/lib/systemd/system/etcd.service|grep ExecStart|grep -Eo "name.*-name-[0-9].*--client"|awk '{print $2}')
export ETCD_CLUSTER=$(cat /usr/lib/systemd/system/etcd.service|grep ExecStart|grep -Eo "initial-cluster.*--initial"|awk '{print $2}')
export ETCD_INITIAL_CLUSTER_TOKEN=$(cat /usr/lib/systemd/system/etcd.service|grep ExecStart|grep -Eo "initial-cluster-token.*"|awk '{print $2}')
export ETCD_INITIAL_ADVERTISE_PEER_URLS=$(cat /usr/lib/systemd/system/etcd.service|grep ExecStart|grep -Eo "initial-advertise-peer-urls.*--listen-peer"|awk '{print $2}')
ETCDCTL_API=3 etcdctl snapshot --cacert=/var/lib/etcd/cert/ca.pem --cert=/var/lib/etcd/cert/etcd-client.pem --key=/var/lib/etcd/cert/etcd-client-key.pem  restore /var/lib/etcd_backup/backup_20180107172459.db \
  --name $ETCD_NAME \
  --data-dir /var/lib/etcd/data.etcd \
  --initial-cluster $ETCD_CLUSTER \
  --initial-cluster-token $ETCD_INITIAL_CLUSTER_TOKEN \
  --initial-advertise-peer-urls $ETCD_INITIAL_ADVERTISE_PEER_URLS
chown -R etcd:etcd /var/lib/etcd/data.etcd

 

分別在三個master節點啟動ETCD,並且通過service命令確認啟動成功

# service etcd start
# service etcd status
# export ETCD_SERVERS=$(cat /etc/kubernetes/manifests-backups/kube-apiserver.yaml |grep etcd-server|awk -F= '{print $2}')
ETCDCTL_API=3 etcdctl endpoint health --endpoints=$ETCD_SERVERS  --cacert=/var/lib/etcd/cert/ca.pem --cert=/var/lib/etcd/cert/etcd-client.pem --key=/var/lib/etcd/cert/etcd-client-key.pem
https://192.168.250.198:2379 is healthy: successfully committed proposal: took = 2.238886ms
https://192.168.250.196:2379 is healthy: successfully committed proposal: took = 3.390819ms
https://192.168.250.197:2379 is healthy: successfully committed proposal: took = 2.925103ms

如果ETCD是健康的,就到每台Master上恢復kube-apiserver

# mv /etc/kubernetes/manifests-backups/kube-apiserver.yaml /etc/kubernetes/manifests/

 

檢查集群是否恢復正常,可以看到集群已經正常啟動了。之前部署的應用也還在。

# kubectl get cs
NAME                 STATUS    MESSAGE              ERROR
controller-manager   Healthy   ok
scheduler            Healthy   ok
etcd-0               Healthy   {"health": "true"}
etcd-2               Healthy   {"health": "true"}
etcd-1               Healthy   {"health": "true"}
# kubectl get no
NAME                                 STATUS    ROLES     AGE       VERSION
cn-shenzhen.i-wz90xxpi51k2u51t5y0p   Ready     master    44d       v1.8.4
cn-shenzhen.i-wz93236e8pccdscwz3ha   Ready     master    44d       v1.8.4
cn-shenzhen.i-wz953xx6qnlzdi6vo2aa   Ready     <none>    44d       v1.8.4
cn-shenzhen.i-wz953xx6qnlzdi6vo2ab   Ready     <none>    44d       v1.8.4
kubectl get deploy
NAME      DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
nginx     1         1         1            1           23d
  • 總結:

Kubernetes的備份主要是通過ETCD的備份完成的。而恢復時,主要考慮的是整個順序:停止kube-apiserver,停止ETCD,恢復數據,啟動ETCD,啟動kube-apiserver。歡迎您使用阿里雲容器服務Kubernetes集群。

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 kubernetes備份和恢復 kubernetes-集群備份和恢復 4 kubernetes數據庫Etcd備份與恢復 備份和恢復 Kubernetes-3.3:ETCD集群搭建及使用(https認證+數據備份恢復) ClickHouse 監控及備份 (五)備份及恢復 Mysql 備份恢復與xtrabackup備份 mysql備份語句和恢復備份 從xtrabackup備份恢復單表 RMAN - 備份與恢復
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM