應該是從喜歡里獲得力量和快樂
簡介:
官網:https://etcd.io/
官方硬件推薦:https://etcd.io/docs/v3.4/op-guide/hardware/
etcd屬性:
完全復制:集群中的每個節點都可以使用完整的存檔
高可用性:Etcd可用於避免硬件的單點故障或網絡問題
一致性:每次讀取都會返回跨多主機的最新寫入
簡單:包括一個定義良好、面向用戶的API(gRPC)
安全:實現了帶有可選的客戶端證書身份驗證自動化TLS
快速:每秒10000次次寫入的基准速度
可靠:使用Raft算法實現了存儲的合理分布Etcd的工作原理
一、Etcd的客戶端使用
| etcd1 | 192.168.181.130 | 2G 2C |
| etcd2 | 192.168.181.131 | 2G 2C |
| etcd3 | 192.168.181.132 | 2G 2C |
Etcd配置文件
[root@etcd1 ~]# cat /etc/systemd/system/etcd.service [Unit] Description=Etcd Server After=network.target After=network-online.target Wants=network-online.target Documentation=https://github.com/coreos [Service] Type=notify WorkingDirectory=/var/lib/etcd #數據保存目錄 ExecStart=/usr/bin/etcd \ #二進制文件路徑 --name=etcd-192.168.181.130 \ #當前node名稱 --cert-file=/etc/kubernetes/ssl/etcd.pem \ --key-file=/etc/kubernetes/ssl/etcd-key.pem \ --peer-cert-file=/etc/kubernetes/ssl/etcd.pem \ --peer-key-file=/etc/kubernetes/ssl/etcd-key.pem \ --trusted-ca-file=/etc/kubernetes/ssl/ca.pem \ --peer-trusted-ca-file=/etc/kubernetes/ssl/ca.pem \ --initial-advertise-peer-urls=https://192.168.181.130:2380 \ #通告自己集群的端口 --listen-peer-urls=https://192.168.181.130:2380 \ #集群之間的通訊端口 --listen-client-urls=https://192.168.181.130:2379,http://127.0.0.1:2379 \ #客戶端訪問地址 --advertise-client-urls=https://192.168.181.130:2379 \ #通告自己客戶端的端口 --initial-cluster-token=etcd-cluster-0 \ --initial-cluster=etcd-192.168.181.130=https://192.168.181.130:2380,etcd-192.168.181.131=https://192.168.181.131:2380,etcd-192.168.181.132=https://192.168.181.132:2380 \ #集群所有節點信息 --initial-cluster-state=new \ #新建集群的時候值為new,如果是已存在的集群為existing --data-dir=/var/lib/etcd \ #數據目錄路徑 --wal-dir= \ --snapshot-count=50000 \ --auto-compaction-retention=1 \ --auto-compaction-mode=periodic \ --max-request-bytes=10485760 \ --quota-backend-bytes=8589934592 Restart=always RestartSec=15 LimitNOFILE=65536 OOMScoreAdjust=-999 [Install] WantedBy=multi-user.target
命令使用:
1.查看 etcd 版本信息
2.查看服務狀態
3.查詢 etcd 服務列表
false是數據沒有同步
健康心跳檢測
1.添加環境變量
#export NODE_IPS="192.168.181.130 192.168.181.131 192.168.181.132"
2.添加健康心跳 檢測
#for ip in ${NODE_IPS}; do ETCDCTL_API=3 /usr/bin/etcdctl --endpoints=https://${ip}:2379 --cacert=/etc/kubernetes/ssl/ca.pem --cert=/etc/kubernetes/ssl/etcd.pem --key=/etc/kubernetes/ssl/etcd-key.pem endpoint health; done
每次循環獲取NODE_IPS地址, 根據地址執行endpoint health; 一些證書與私鑰
以表格方式顯示集群信息
# ETCDCTL_API=3 /usr/bin/etcdctl --write-out=table member list --endpoints=https://192.168.181.130:2379 --cacert=/etc/kubernetes/ssl/ca.pem --cert=/etc/kubernetes/ssl/etcd.pem --key=/etc/kubernetes/ssl/etcd-key.pem
以表格方式列出節點詳細信息
# for ip in ${NODE_IPS}; do ETCDCTL_API=3 /usr/bin/etcdctl --write-out=table endpoint status --endpoints=https://${ip}:2379 --cacert=/etc/kubernetes/ssl/ca.pem --cert=/etc/kubernetes/ssl/etcd.pem --key=/etc/kubernetes/ssl/etcd-key.pem endpoint health; done
etcd增刪改查數據
etcd添加數據與查詢
直接覆蓋就是改動數據
刪除數據
二、Etcd數據的備份與恢復
etcd備份到/data/etcd/目錄下,目錄自創
# etcdctl snapshot save /data/etcd/n60.bak
將/data/etcd/n60.bak 數據恢復到 /opt/etcd目錄 --data-dir 指定恢復目錄
#etcdctl snapshot restore /data/etcd/n60.bak --data-dir=/opt/etcd
備份腳本
[root@etcd1 ~]# vim etcdback.sh
#!/bin/bash source /etc/profile DATE=`date +%Y-%m-%d_%H-%M-%S` ETCDCTL_API=3 /usr/bin/etcdctl snapshot save /data/etcd-backup-dir/etcd-snapshot-${DATE}.db
[root@etcd1 ~]# chmod +x etcdback.sh
[root@etcd1 ~]# ./etcdback.sh
最后將腳本加入crone計划任務
使用kubeasz工具進行Etcd數據備份與恢復演示
master節點操作
[root@master1 kubeasz]# ./ezctl backup k8s-cluster1
備份數據存放位置
模擬誤刪pod
etcd 數據恢復
[root@master1 kubeasz]# ./ezctl restore k8s-cluster1
以下為命令執行過程
ansible-playbook -i clusters/k8s-cluster1/hosts -e @clusters/k8s-cluster1/config.yml playbooks/95.restore.yml
2022-03-03 12:39:07 INFO cluster:k8s-cluster1 restore begins in 5s, press any key to abort:
PLAY [kube_master] ***********************************************************************************************************************************************
TASK [Gathering Facts] *******************************************************************************************************************************************
ok: [192.168.181.111]
ok: [192.168.181.110]
TASK [stopping kube_master services] *****************************************************************************************************************************
changed: [192.168.181.110] => (item=kube-apiserver)
changed: [192.168.181.110] => (item=kube-controller-manager)
changed: [192.168.181.110] => (item=kube-scheduler)
changed: [192.168.181.111] => (item=kube-apiserver)
changed: [192.168.181.111] => (item=kube-controller-manager)
changed: [192.168.181.111] => (item=kube-scheduler)
PLAY [kube_master,kube_node] *************************************************************************************************************************************
TASK [Gathering Facts] *******************************************************************************************************************************************
ok: [192.168.181.141]
ok: [192.168.181.140]
TASK [stopping kube_node services] *******************************************************************************************************************************
changed: [192.168.181.111] => (item=kubelet)
changed: [192.168.181.110] => (item=kubelet)
changed: [192.168.181.111] => (item=kube-proxy)
changed: [192.168.181.110] => (item=kube-proxy)
changed: [192.168.181.141] => (item=kubelet)
changed: [192.168.181.140] => (item=kubelet)
changed: [192.168.181.141] => (item=kube-proxy)
changed: [192.168.181.140] => (item=kube-proxy)
PLAY [etcd] ******************************************************************************************************************************************************
TASK [Gathering Facts] *******************************************************************************************************************************************
ok: [192.168.181.130]
ok: [192.168.181.132]
ok: [192.168.181.131]
TASK [cluster-restore : 停止ectd 服務] *******************************************************************************************************************************
changed: [192.168.181.131]
changed: [192.168.181.132]
changed: [192.168.181.130]
TASK [cluster-restore : 清除etcd 數據目錄] *****************************************************************************************************************************
changed: [192.168.181.130]
changed: [192.168.181.131]
changed: [192.168.181.132]
TASK [cluster-restore : 生成備份目錄] **********************************************************************************************************************************
ok: [192.168.181.130]
changed: [192.168.181.131]
changed: [192.168.181.132]
TASK [cluster-restore : 准備指定的備份etcd 數據] **************************************************************************************************************************
changed: [192.168.181.131]
changed: [192.168.181.130]
changed: [192.168.181.132]
TASK [cluster-restore : 清理上次備份恢復數據] ******************************************************************************************************************************
ok: [192.168.181.130]
ok: [192.168.181.131]
ok: [192.168.181.132]
TASK [cluster-restore : etcd 數據恢復] *******************************************************************************************************************************
changed: [192.168.181.130]
changed: [192.168.181.131]
changed: [192.168.181.132]
TASK [cluster-restore : 恢復數據至etcd 數據目錄] **************************************************************************************************************************
changed: [192.168.181.130]
changed: [192.168.181.131]
changed: [192.168.181.132]
TASK [cluster-restore : 重啟etcd 服務] *******************************************************************************************************************************
changed: [192.168.181.131]
changed: [192.168.181.132]
changed: [192.168.181.130]
TASK [cluster-restore : 以輪詢的方式等待服務同步完成] **************************************************************************************************************************
changed: [192.168.181.131]
changed: [192.168.181.130]
changed: [192.168.181.132]
PLAY [kube_master] ***********************************************************************************************************************************************
TASK [starting kube_master services] *****************************************************************************************************************************
changed: [192.168.181.110] => (item=kube-apiserver)
changed: [192.168.181.110] => (item=kube-controller-manager)
changed: [192.168.181.110] => (item=kube-scheduler)
changed: [192.168.181.111] => (item=kube-apiserver)
changed: [192.168.181.111] => (item=kube-controller-manager)
changed: [192.168.181.111] => (item=kube-scheduler)
PLAY [kube_master,kube_node] *************************************************************************************************************************************
TASK [starting kube_node services] *******************************************************************************************************************************
changed: [192.168.181.110] => (item=kubelet)
changed: [192.168.181.111] => (item=kubelet)
changed: [192.168.181.140] => (item=kubelet)
changed: [192.168.181.141] => (item=kubelet)
changed: [192.168.181.111] => (item=kube-proxy)
changed: [192.168.181.110] => (item=kube-proxy)
changed: [192.168.181.140] => (item=kube-proxy)
changed: [192.168.181.141] => (item=kube-proxy)
PLAY RECAP *******************************************************************************************************************************************************
192.168.181.110 : ok=5 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.181.111 : ok=5 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.181.130 : ok=10 changed=7 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.181.131 : ok=10 changed=8 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.181.132 : ok=10 changed=8 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.181.140 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.181.141 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
備用有多少pod,就會恢復多少pod,以備份時的數據為准
