停止api-server(k8s的所有master节点)
复制代码
# 所有master节点执行:
# 停api-server
mkdir -p tpm_api_conf
mv /etc/kubernetes/manifests/kube-apiserver.yaml /root/tpm_api_conf/
etcd备份(集群中某一节点)
复制代码
# etcd备份
ETCDCTL_API=3;/usr/local/bin/etcdctl --endpoints='https://192.168.1.30:2379' --cacert="/etc/ssl/etcd/ssl/ca.pem" --cert="/etc/ssl/etcd/ssl/admin-ks-master01.pem" --key="/etc/ssl/etcd/ssl/admin-ks-master01-key.pem" snapshot save snapshot_20230928.db
查看备份数据状态
复制代码
# 查看备份数据状态
ETCDCTL_API=3;/usr/local/bin/etcdctl --write-out=table snapshot status snapshot_20230928.db
停止etcd服务并备份数据目录(etcd所有节点)
复制代码
# 停etcd:
systemctl stop etcd
mv /var/lib/etcd/ /root/etcd_bak
各个etcd节点恢复数据
复制代码
# 节点30:
ETCDCTL_API=3;/usr/local/bin/etcdctl snapshot restore /root/snapshot_20230928.db \
--name etcd-ks-master01 \
--cert="/etc/ssl/etcd/ssl/admin-ks-master01.pem" \
--key="/etc/ssl/etcd/ssl/admin-ks-master01-key.pem" \
--cacert="/etc/ssl/etcd/ssl/ca.pem" \
--endpoints="https://127.0.0.1:2379" \
--initial-advertise-peer-urls="https://192.168.1.30:2380" \
--initial-cluster="etcd-ks-master01=https://192.168.1.30:2380,etcd-ks-master02=https://192.168.1.31:2380,etcd-ks-master03=https://192.168.1.32:2380" \
--data-dir=/var/lib/etcd
# 节点31:
ETCDCTL_API=3;/usr/local/bin/etcdctl snapshot restore /root/snapshot_20230928.db \
--name etcd-ks-master02 \
--cert="/etc/ssl/etcd/ssl/admin-ks-master02.pem" \
--key="/etc/ssl/etcd/ssl/admin-ks-master02-key.pem" \
--cacert="/etc/ssl/etcd/ssl/ca.pem" \
--endpoints="https://127.0.0.1:2379" \
--initial-advertise-peer-urls="https://192.168.1.31:2380" \
--initial-cluster="etcd-ks-master01=https://192.168.1.30:2380,etcd-ks-master02=https://192.168.1.31:2380,etcd-ks-master03=https://192.168.1.32:2380" \
--data-dir=/var/lib/etcd
# 节点32:
ETCDCTL_API=3;/usr/local/bin/etcdctl snapshot restore /root/snapshot_20230928.db \
--name etcd-ks-master03 \
--cert="/etc/ssl/etcd/ssl/admin-ks-master03.pem" \
--key="/etc/ssl/etcd/ssl/admin-ks-master03-key.pem" \
--cacert="/etc/ssl/etcd/ssl/ca.pem" \
--endpoints="https://127.0.0.1:2379" \
--initial-advertise-peer-urls="https://192.168.1.32:2380" \
--initial-cluster="etcd-ks-master01=https://192.168.1.30:2380,etcd-ks-master02=https://192.168.1.31:2380,etcd-ks-master03=https://192.168.1.32:2380" \
--data-dir=/var/lib/etcd
etcd节点修改数据目录权限并启动etcd
复制代码
# 所有节点执行:
# 修改属组
chown -R etcd:root /var/lib/etcd/
# 启动etcd
systemctl start etcd
启动api-server(所有k8s master节点)
复制代码
# etcd启动完成后,恢复api配置
mv /root/tpm_api_conf/kube-apiserver.yaml /etc/kubernetes/manifests/kube-apiserver.yaml