k8s單節點備份及還原

A、yum –y install etcd

etcdctl –v  查看etc版本

建議備份 /var/lib/etcd   /etc/kubernetes/

查看文件位置及Liveness

kubectl describe pod etcd-master-test –n kube-system > etcd.txt

ETCDCTL_API=3 etcdctl –endpoints=https://[127.0.0.1]:2379 –cacert=/etc/kubernetes/pki/etcd/ca.crt –cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt –key=/etc/kubernetes/pki/etcd/healthcheck-client.key

B、手動備份

ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt --key=/etc/kubernetes/pki/etcd/healthcheck-client.key snapshot save /backup/etcd-snapshot-$(date +%Y-%m-%d_%H:%M:%S_%Z).db

自動備份，創建cronjob.yaml

apiVersion: batch/v1beta1

kind: CronJob

metadata:

  name: etcdbackup

  namespace: kube-system

spec:

  schedule: "0 0 * * *"

  jobTemplate:

    spec:

      template:

        spec:

          containers:

          - name: backup

            image: k8s.gcr.io/etcd:3.3.10    #docker images version

            env:

            - name: ETCDCTL_API

              value: "3"

            command: ["/bin/sh"]

            args: ["-c", "etcdctl --endpoints=https://127.0.0.1:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt --key=/etc/kubernetes/pki/etcd/healthcheck-client.key snapshot save /backup/etcd-snapshot-$(date +%Y-%m-%d_%H:%M:%S_%Z).db"]

            volumeMounts:

            - mountPath: /etc/kubernetes/pki/etcd

              name: etcd-certs

              readOnly: true

            - mountPath: /backup

              name: backup

            - mountPath: /etc/localtime

              name: localtime

          restartPolicy: OnFailure

          nodeSelector:

            node-role.kubernetes.io/master: ""

          tolerations:

          - key: "node-role.kubernetes.io/master"

            effect: "NoSchedule"

          hostNetwork: true

          volumes:

          - name: etcd-certs

            hostPath:

              path: /etc/kubernetes/pki/etcd

              type: DirectoryOrCreate

          - name: backup

            nfs:

              server: 10.*.*.*

              path: /nfs/etcd_backup/

          - name: localtime

            hostPath:

              path: /usr/share/zoneinfo/Asia/Shanghai

 

C、恢復備份

修改/etc/kubernetes/manifests/kube-apiserver.yaml& etcd.yaml鏡像版本使其不可用

Systemctl stop docker kubelet.service

rm –rf /var/lib/etcd

ETCDCTL_API=3 etcdctl snapshot restore /backup/etcd-snapshot-2020-05-05_14\:21\:49_CST.db --data-dir=/var/lib/etcd 

恢復/etc/kubernetes/manifests/kube-apiserver.yaml& etcd.yaml鏡像版本

systemctl restart docker

systemctl restart kubelet.service

etcd kube-apiserver pod 等啟動正常。

新Mater重建安裝docker&kubelet後初始化，然後執行‘C恢復備份’。