etcd 备份还原

etcd 备份还原

1. 查看 etcdctl 是否已经安装

shell 复制代码
# quick check if etcdctl is available or not
ETCDCTL_API=3 etcdctl --help | head

2. 安装 etcdctl

shell 复制代码
# 获取 etcd 版本信息
kubectl exec -it etcd-master -n kube-system -- /bin/sh -c 'ETCDCTL_API=3 /usr/local/bin/etcd --version' | head

# 下载
export RELEASE="3.4.3"
https://github.com/etcd-io/etcd/releases/download/v${RELEASE}/etcd-v${RELEASE}-linux-amd64.tar.gz

# 解压
tar -zxvf etcd-v${RELEASE}-linux-amd64.tar.gz

# 将 etcdctl 拷贝到 、usr/local/bin 目录
cd etcd-v${RELEASE}-linux-amd64
cp etcdctl /usr/local/bin

3. 备份

shell 复制代码
# create a secret
kubectl create secret generic test-secret \
 --from-literal=username='svcaccount' \
 --from-literal=password='password' 
 
 # Verify we are connecting to the right cluster ... define your endpoints and keys 
 ENDPOINT=https://127.0.0.1:2379
 ETCDCTL_API=3 etcdctl --endpoints=$ENDPOINT \
     --cacert=/etc/kubernetes/pki/etcd/ca.crt \
     --cert=/etc/kubernetes/pki/etcd/server.crt \
     --key=/etc/kubernetes/pki/etcd/server.key \
     member list

# Take the backup 
ETCDCTL_API=3 etcdctl --endpoints=$ENDPOINT \
     --cacert=/etc/kubernetes/pki/etcd/ca.crt \
     --cert=/etc/kubernetes/pki/etcd/server.crt \
     --key=/etc/kubernetes/pki/etcd/server.key \
    snapshot save /var/lib/dat-backup.db
 
 # Read the metadata from the backup/snapshot to print out the snapshot status 
 ETCDCTL_API=3 etcdctl --write-out=table snapshot status /var/lib/dat-backup.db

4. 还原

shell 复制代码
# Delete the secrets
 kubectl delete secret test-secret
 
 # Restore the backup 
  ETCDCTL_API=3 etcdctl snapshot restore /var/lib/dat-backup.db
  
  # Confirm our data is in the restore directory, you should see default.etcd 
  ls -l
  
  # Move the old etcd data to a safe location 
  mv /var/lib/etcd /var/lib/etcd.OLD
  
  # Restart the static pod for etcd 
  # if you use kubectl delete it will NOT restart the static pod as it is managed by the kubelet not a controller 
  docker ps | grep k8s_etcd
  CONTAINER_ID=$(docker ps | grep k8s_etcd | awk '{ print $1 }')
  echo $CONTAINER_ID
  
  # Stop the container from our etcd pod and move restored data into place
  docker stop $CONTAINER_ID
  rm -rf /var/lib/etcd/member
  mv ./default.etcd/member /var/lib/etcd
相关推荐
蜀道山老天师1 天前
K8s 数据存储全解析:从 EmptyDir 到 PV/PVC
云原生·容器·kubernetes
创世宇图1 天前
【Python工程化实战】Kubernetes 中 Python 应用的优雅启停与健康检查:零停机滚动更新实战
python·云原生·kubernetes·优雅停机
小二·1 天前
Docker+K8s生产级部署实战:从0到1打造高可用微服务集群
docker·微服务·kubernetes
运维开发故事8 天前
基于 Arthas 的多集群在线诊断系统设计与实现
kubernetes
Patrick_Wilson10 天前
从「改个端口」到 502:Next.js on k8s 的容器端口、Service 映射与 env 覆盖
docker·kubernetes·next.js
探索云原生10 天前
K8s 1.36 这个 GA 特性,把 initContainer 拉模型的 hack 干掉了
ai·云原生·kubernetes
Java之美12 天前
一次k8s升级引发的DevicePlugin注册失败
云原生·kubernetes
java_cj18 天前
深入kube-apiserver认证机制:从Bearer Token到mTLS的完整认证链解析
linux·运维·服务器·云原生·容器·kubernetes
qq_4523962318 天前
第十三篇:《K8s 安全基础:RBAC、ServiceAccount、Pod Security》
java·安全·kubernetes