K8S集群etcd備份與恢復

參考鏈接：

K8S集群多master：Etcd v3備份與恢復

K8S集群單master：Kubernetes Etcd 數據備份與恢復

ETCD系列之一：簡介：https://developer.aliyun.com/article/11035

 

集群節點詳情

 

# kubectl get nodes -o wide
NAME      STATUS   ROLES    AGE   VERSION   INTERNAL-IP    EXTERNAL-IP   OS-IMAGE                KERNEL-VERSION                CONTAINER-RUNTIME
master1   Ready    master   20h   v1.18.6   10.129.7.222   <none>        CentOS Linux 7 (Core)   3.10.0-1127.13.1.el7.x86_64   docker://19.3.9
master2   Ready    master   19h   v1.18.6   10.129.7.223   <none>        CentOS Linux 7 (Core)   3.10.0-1127.13.1.el7.x86_64   docker://19.3.9
master3   Ready    master   19h   v1.18.6   10.129.7.224   <none>        CentOS Linux 7 (Core)   3.10.0-1127.13.1.el7.x86_64   docker://19.3.9
node1     Ready    <none>   19h   v1.18.6   10.129.7.225   <none>        CentOS Linux 7 (Core)   3.10.0-1127.13.1.el7.x86_64   docker://19.3.9
node2     Ready    <none>   19h   v1.18.6   10.129.7.226   <none>        CentOS Linux 7 (Core)   3.10.0-1127.13.1.el7.x86_64   docker://19.3.9
node3     Ready    <none>   19h   v1.18.6   10.129.7.227   <none>        CentOS Linux 7 (Core)   3.10.0-1127.13.1.el7.x86_64   docker://19.3.9 

安裝 etcdctl 命令

etcdctl的安裝

etcdctl的二進制文件可以在 github.com/coreos/etcd/releases 選擇對應的版本下載，例如可以執行以下install_etcdctl.sh的腳本，修改其中的版本信息。

#!/bin/bash ETCD_VER=v3.3.4 ETCD_DIR=etcd-download DOWNLOAD_URL=https://github.com/coreos/etcd/releases/download # Download mkdir ${ETCD_DIR} cd ${ETCD_DIR} wget ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz tar -xzvf etcd-${ETCD_VER}-linux-amd64.tar.gz # install cd etcd-${ETCD_VER}-linux-amd64 cp etcdctl /usr/local/bin/

export ETCDCTL_API=3

1、備份master1

mkdir -pv /backup        //創建目錄

etcdctl --endpoints=https://10.129.7.222:2379 \
--cacert=/etc/kubernetes/pki/etcd/ca.crt \
--cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt \
--key=/etc/kubernetes/pki/etcd/healthcheck-client.key \
snapshot save /backup/etcd-snapshot.db

2、拷貝 ETCD 備份快照( 從 master1 機器上拷貝備份 )

scp /backup/etcd-snapshot.db root@master2:/backup/
scp /backup/etcd-snapshot.db root@master3:/backup/

3、查看 kube-apiserver、etcd 鏡像

docker ps|grep etcd && docker ps|grep kube-apiserver

4、移除且備份 /etc/kubernetes/manifests 目錄

mv /etc/kubernetes/manifests /etc/kubernetes/manifests.bak

5、備份現有 Etcd 數據

mv /var/lib/etcd /var/lib/etcd.bak

重復第4步驟，查看 kube-apiserver、etcd 鏡像是否停止

6、恢復備份

(1) 在master1上執行

etcdctl snapshot restore /backup/etcd-snapshot.db \
--name etcd-0 \
--initial-cluster "etcd-0=https://10.129.7.222:2380,etcd-1=https://10.129.7.223:2380,etcd-2=https://10.129.7.224:2380" \
--initial-cluster-token etcd-cluster \
--initial-advertise-peer-urls https://10.129.7.222:2380 \
--data-dir=/var/lib/etcd/

(2) 在master2上執行

etcdctl snapshot restore /backup/etcd-snapshot.db \
--name etcd-1 \
--initial-cluster "etcd-0=https://10.129.7.222:2380,etcd-1=https://10.129.7.223:2380,etcd-2=https://10.129.7.224:2380" \
--initial-cluster-token etcd-cluster \
--initial-advertise-peer-urls https://10.129.7.223:2380 \
--data-dir=/var/lib/etcd/

(3) 在master3上執行

etcdctl snapshot restore /backup/etcd-snapshot.db \
--name etcd-2 \
--initial-cluster "etcd-0=https://10.129.7.222:2380,etcd-1=https://10.129.7.223:2380,etcd-2=https://10.129.7.224:2380" \
--initial-cluster-token etcd-cluster \
--initial-advertise-peer-urls https://10.129.7.224:2380 \
--data-dir=/var/lib/etcd/

7、恢復 Kube-Apiserver 與 Etcd 鏡像

mv /etc/kubernetes/manifests.bak /etc/kubernetes/manifests

8、檢查集群

kubectl get nodes

etcdctl --endpoints=https://10.129.7.222:2379 \
--endpoints=https://10.129.7.223:2379 \
--endpoints=https://10.129.7.224:2379 \
--cacert=/etc/kubernetes/pki/etcd/ca.crt \
--key=/etc/kubernetes/pki/etcd/healthcheck-client.key \
--cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt \
endpoint health