Kubernetes之etcd集群的v2 api数据恢复
LiuSw Lv6
 2022-12-20 15:02:38      715 字  3 分钟  

Kubernetes之etcd集群的v2 api数据恢复

1.将备份文件或者之前的etcd数据解压到etcd集群的某一个节点(这里是master1)的工作目录/var/lib/etcd/

1
2
3
4
# 停止集群所有节点的etcd服务,并清空(或者重命名)工作目录/var/lib/etcd/
ll /var/lib/etcd/

member_bak

2.使用“–force-new-cluster”参数启动 重新创建一个新的etcd服务:

1
2
3
4
5
6
7
8
9
10
11
12
# 例如:
# 删除了“--initial-cluster”参数,添加了“--force-new-cluster”参数
[root@test-master-001 kubernetes]# /usr/local/bin/etcd \
  --data-dir=/var/lib/etcd/ \
  --name=test-master-001 \
  --advertise-client-urls=http://192.168.200.101:2381 \
  --listen-client-urls=http://192.168.200.101:2381,http://127.0.0.1:2381 \
  --initial-advertise-peer-urls=http://192.168.200.101:2382 \
  --listen-peer-urls=http://192.168.200.101:2382 \
  --initial-cluster-state=new \
  --initial-cluster-token=etcd-cluster \
  --force-new-cluster
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
# 修改/etc/kubernetes/manifests/etcd.yaml参数
spec:
  containers:
  - command:
    - etcd
    - --advertise-client-urls=https://192.168.11.51:2379
    - --cert-file=/etc/kubernetes/pki/etcd/server.crt
    - --client-cert-auth=true
    - --data-dir=/var/lib/etcd
    - --initial-advertise-peer-urls=https://192.168.11.51:2380
    - --key-file=/etc/kubernetes/pki/etcd/server.key
    - --listen-client-urls=https://127.0.0.1:2379,https://192.168.11.51:2379
    - --listen-metrics-urls=http://127.0.0.1:2381
    - --listen-peer-urls=https://192.168.11.51:2380
    - --name=master1
    - --peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt
    - --peer-client-cert-auth=true
    - --peer-key-file=/etc/kubernetes/pki/etcd/peer.key
    - --peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
    - --snapshot-count=10000
    - --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
    - --force-new-cluster # 此处为添加

3.使用etcdctl member update命令修改test-master-001节点的advertised peer URLs:

1
2
3
4
5
6
7
8
9
10
11
12
13
# 在etcd正常的节点 登录到docker容器内执行etcd命令
docker ps |grep etcd
docker exec -it 容器ID sh

# 列出成员
etcdctl --endpoints=http://192.168.200.101:2381 member list

etcdctl --cert /etc/kubernetes/pki/etcd/peer.crt --key /etc/kubernetes/pki/etcd/peer.key  --endpoints https://127.0.0.1:2379 --insecure-skip-tls-verify  member list

# 更新数据
etcdctl --cert /etc/kubernetes/pki/etcd/peer.crt --key /etc/kubernetes/pki/etcd/peer.key  --endpoints https://127.0.0.1:2379 --insecure-skip-tls-verify  member update 6f7eb0614101 http://192.168.200.101:2382

# Updated member with ID 6f7eb0614101 in cluster

4.使用etcdctl member add命令添加第二个etcd节点

1
2
3
4
5
6
7
# 方式1
etcdctl --endpoints=http://192.168.200.101:2381 member add test-master-002 http://192.168.200.102:2382  -w table

Added member named test-master-002 with ID ff69528fcc000b88 to cluster
ETCD_NAME="test-master-002"
ETCD_INITIAL_CLUSTER="test-master-001=http://192.168.200.101:2382,test-master-002=http://192.168.200.102:2382"
ETCD_INITIAL_CLUSTER_STATE="existing"
1
2
3
4
etcdctl --cert /etc/kubernetes/pki/etcd/peer.crt --key /etc/kubernetes/pki/etcd/peer.key  --endpoints https://127.0.0.1:2379 --insecure-skip-tls-verify  -w table member list

# 方式2
etcdctl --cert /etc/kubernetes/pki/etcd/peer.crt --key /etc/kubernetes/pki/etcd/peer.key --endpoints=https://192.168.11.51:2379 --insecure-skip-tls-verify member add master2 --peer-urls="https://192.168.11.52:2380"
1
2
# 移除成员
etcdctl --cert /etc/kubernetes/pki/etcd/peer.crt --key /etc/kubernetes/pki/etcd/peer.key --endpoints=https://192.168.11.51:2379 --insecure-skip-tls-verify member remove 29be125b3f05ac68

5.同理添加第三个etcd节点:

6.etcdctl member list命令看到etcd集群恢复成功

至此,成功使用备份文件恢复了etcd集群v2 api的数据,可见etcd的健壮和易用。

来自 运维有道

 评论