k8s etcd备份与恢复

  1. 停止api-server(k8s的所有master节点)
    # 所有master节点执行:
    # 停api-server
    
    mkdir -p tpm_api_conf
    mv  /etc/kubernetes/manifests/kube-apiserver.yaml /root/tpm_api_conf/
    
  2. etcd备份(集群中某一节点)
    # etcd备份
    
    ETCDCTL_API=3;/usr/local/bin/etcdctl --endpoints='https://192.168.1.30:2379' --cacert="/etc/ssl/etcd/ssl/ca.pem" --cert="/etc/ssl/etcd/ssl/admin-ks-master01.pem" --key="/etc/ssl/etcd/ssl/admin-ks-master01-key.pem" snapshot save  snapshot_20230928.db 
    
  3. 查看备份数据状态
    # 查看备份数据状态
    
    ETCDCTL_API=3;/usr/local/bin/etcdctl --write-out=table snapshot status snapshot_20230928.db
    
  4. 停止etcd服务并备份数据目录(etcd所有节点)
    # 停etcd:
    
    systemctl stop etcd
    mv /var/lib/etcd/ /root/etcd_bak
    
  5. 各个etcd节点恢复数据
    # 节点30:
    
    ETCDCTL_API=3;/usr/local/bin/etcdctl snapshot restore /root/snapshot_20230928.db \
     --name etcd-ks-master01  \
     --cert="/etc/ssl/etcd/ssl/admin-ks-master01.pem" \
     --key="/etc/ssl/etcd/ssl/admin-ks-master01-key.pem"  \
     --cacert="/etc/ssl/etcd/ssl/ca.pem"   \
     --endpoints="https://127.0.0.1:2379" \
     --initial-advertise-peer-urls="https://192.168.1.30:2380"  \
     --initial-cluster="etcd-ks-master01=https://192.168.1.30:2380,etcd-ks-master02=https://192.168.1.31:2380,etcd-ks-master03=https://192.168.1.32:2380" \
     --data-dir=/var/lib/etcd
     
    # 节点31:
    
    ETCDCTL_API=3;/usr/local/bin/etcdctl snapshot restore /root/snapshot_20230928.db \
     --name etcd-ks-master02  \
     --cert="/etc/ssl/etcd/ssl/admin-ks-master02.pem" \
     --key="/etc/ssl/etcd/ssl/admin-ks-master02-key.pem"  \
     --cacert="/etc/ssl/etcd/ssl/ca.pem"   \
     --endpoints="https://127.0.0.1:2379" \
     --initial-advertise-peer-urls="https://192.168.1.31:2380"  \
     --initial-cluster="etcd-ks-master01=https://192.168.1.30:2380,etcd-ks-master02=https://192.168.1.31:2380,etcd-ks-master03=https://192.168.1.32:2380" \
     --data-dir=/var/lib/etcd
     
    # 节点32:
    
    ETCDCTL_API=3;/usr/local/bin/etcdctl snapshot restore /root/snapshot_20230928.db \
     --name etcd-ks-master03  \
     --cert="/etc/ssl/etcd/ssl/admin-ks-master03.pem" \
     --key="/etc/ssl/etcd/ssl/admin-ks-master03-key.pem"  \
     --cacert="/etc/ssl/etcd/ssl/ca.pem"   \
     --endpoints="https://127.0.0.1:2379" \
     --initial-advertise-peer-urls="https://192.168.1.32:2380"  \
     --initial-cluster="etcd-ks-master01=https://192.168.1.30:2380,etcd-ks-master02=https://192.168.1.31:2380,etcd-ks-master03=https://192.168.1.32:2380" \
     --data-dir=/var/lib/etcd
    
  6. etcd节点修改数据目录权限并启动etcd
    # 所有节点执行:
    # 修改属组
    chown -R etcd:root /var/lib/etcd/
    
    # 启动etcd
    systemctl start etcd
    
  7. 启动api-server(所有k8s master节点)
    # etcd启动完成后,恢复api配置
    mv  /root/tpm_api_conf/kube-apiserver.yaml   /etc/kubernetes/manifests/kube-apiserver.yaml 
    

你可能感兴趣的:(k8s,kubernetes,etcd,容器)