etcd数据备份和恢复--转发

对于etcd api v3数据备份与恢复方法

 # export ETCDCTL_API=3

 # etcdctl --endpoints localhost:2379 snapshot save snapshot.db （备份）

 # etcdctl snapshot restore snapshot.db --name m3 --data-dir=/home/etcd_data （还原）

恢复后的文件需要修改权限为 etcd:etcd
–name:重新指定一个数据目录，可以不指定，默认为 default.etcd
–data-dir：指定数据目录
建议使用时不指定 name 但指定 data-dir，并将 data-dir 对应于 etcd 服务中配置的 data-dir

实践方法

单机备份

[root@k8s-master1 ~]# etcdctl --endpoints 127.0.0.1:2379 snapshot save snashot.db
Snapshot saved at snashot.db
[root@k8s-master1 ~]# ll
-rw-r--r--   1 root root 3756064 Apr 18 10:38 snashot.db
[root@k8s-master1 ~]#

集群备份

[root@k8s-master1 ~]# etcdctl --endpoints="https://192.168.32.129:2379,https://192.168.32.130:2379,192.168.32.128:2379" --cacert=/etc/kubernetes/cert/ca.pem --key=/etc/etcd/cert/etcd-key.pem --cert=/etc/etcd/cert/etcd.pem  snapshot save snashot1.db
Snapshot saved at snashot1.db
[root@k8s-master1 ~]#
[root@k8s-master1 ~]# ll
-rw-r--r--   1 root root 3756064 Apr 18 10:53 snashot1.db
-rw-r--r--   1 root root 3756064 Apr 18 10:38 snashot.db

数据恢复

做下面的操作,请慎重,有可能造成集群崩溃数据丢失.请在实验环境测试.

执行命令:systemctl stop etcd
所有节点的etcd服务全部停止.

执行命令:rm -rf /var/lib/etcd/
所有节点删除etcd的数据

恢复v3的数据

[root@k8s-master1 ~]#  etcdctl --name=k8s-master1 --endpoints="https://192.168.32.128:2379" --cacert=/etc/kubernetes/cert/ca.pem --key=/etc/etcd/cert/etcd-key.pem --cert=/etc/etcd/cert/etcd.pem --initial-cluster-token=etcd-cluster-1 --initial-advertise-peer-urls=https://192.168.32.128:2380 --initial-cluster=k8s-master1=https://192.168.32.128:2380,k8s-master2=https://192.168.32.129:2380,k8s-master3=https://192.168.32.130:2380 --data-dir=/var/lib/etcd snapshot restore snashot1.db
2019-04-18 13:43:42.570882 I | mvcc: restore compact to 148651
2019-04-18 13:43:42.584194 I | etcdserver/membership: added member 4c99f52323a3e391 [https://192.168.32.129:2380] to cluster 2a0978507970d828
2019-04-18 13:43:42.584224 I | etcdserver/membership: added member 5a74b01f28ece933 [https://192.168.32.128:2380] to cluster 2a0978507970d828
2019-04-18 13:43:42.584234 I | etcdserver/membership: added member b29b94ace458096d [https://192.168.32.130:2380] to cluster 2a0978507970d828

[root@k8s-master2 ~]# etcdctl --name=k8s-master2 --endpoints="https://192.168.32.129:2379" --cacert=/etc/kubernetes/cert/ca.pem --key=/etc/etcd/cert/etcd-key.pem --cert=/etc/etcd/cert/etcd.pem --initial-cluster-token=etcd-cluster-1 --initial-advertise-peer-urls=https://192.168.32.129:2380 --initial-cluster=k8s-master1=https://192.168.32.128:2380,k8s-master2=https://192.168.32.129:2380,k8s-master3=https://192.168.32.130:2380 --data-dir=/var/lib/etcd snapshot restore snashot1.db
2019-04-18 13:43:56.313096 I | mvcc: restore compact to 148651
2019-04-18 13:43:56.324779 I | etcdserver/membership: added member 4c99f52323a3e391 [https://192.168.32.129:2380] to cluster 2a0978507970d828
2019-04-18 13:43:56.324806 I | etcdserver/membership: added member 5a74b01f28ece933 [https://192.168.32.128:2380] to cluster 2a0978507970d828
2019-04-18 13:43:56.324819 I | etcdserver/membership: added member b29b94ace458096d [https://192.168.32.130:2380] to cluster 2a0978507970d828

[root@k8s-master3 ~]# etcdctl --name=k8s-master3 --endpoints="https://192.168.32.130:2379" --cacert=/etc/kubernetes/cert/ca.pem --key=/etc/etcd/cert/etcd-key.pem --cert=/etc/etcd/cert/etcd.pem --initial-cluster-token=etcd-cluster-1 --initial-advertise-peer-urls=https://192.168.32.130:2380 --initial-cluster=k8s-master1=https://192.168.32.128:2380,k8s-master2=https://192.168.32.129:2380,k8s-master3=https://192.168.32.130:2380 --data-dir=/var/lib/etcd snapshot restore snashot1.db
2019-04-18 13:44:10.643115 I | mvcc: restore compact to 148651
2019-04-18 13:44:10.649920 I | etcdserver/membership: added member 4c99f52323a3e391 [https://192.168.32.129:2380] to cluster 2a0978507970d828
2019-04-18 13:44:10.649957 I | etcdserver/membership: added member 5a74b01f28ece933 [https://192.168.32.128:2380] to cluster 2a0978507970d828
2019-04-18 13:44:10.649973 I | etcdserver/membership: added member b29b94ace458096d [https://192.168.32.130:2380] to cluster 2a0978507970d828

服务起不来

[root@k8s-master1 ~]# tail -n 30 /var/log/messages
Apr 18 13:46:41 k8s-master1 systemd: Starting Etcd Server...
Apr 18 13:46:41 k8s-master1 etcd: etcd Version: 3.3.7
Apr 18 13:46:41 k8s-master1 etcd: Git SHA: 56536de55
Apr 18 13:46:41 k8s-master1 etcd: Go Version: go1.9.6
Apr 18 13:46:41 k8s-master1 etcd: Go OS/Arch: linux/amd64
Apr 18 13:46:41 k8s-master1 etcd: setting maximum number of CPUs to 1, total number of available CPUs is 1
Apr 18 13:46:41 k8s-master1 etcd: error listing data dir: /var/lib/etcd
Apr 18 13:46:41 k8s-master1 systemd: etcd.service: main process exited, code=exited, status=1/FAILURE
Apr 18 13:46:41 k8s-master1 systemd: Failed to start Etcd Server.
Apr 18 13:46:41 k8s-master1 systemd: Unit etcd.service entered failed state.
Apr 18 13:46:41 k8s-master1 systemd: etcd.service failed.
Apr 18 13:46:41 k8s-master1 flanneld: timed out
Apr 18 13:46:41 k8s-master1 flanneld: E0418 13:46:41.858283   63943 main.go:349] Couldn't fetch network config: client: etcd cluster is unavailable or misconfigured; error #0: EOF
Apr 18 13:46:41 k8s-master1 flanneld: ; error #1: EOF
Apr 18 13:46:41 k8s-master1 flanneld: ; error #2: EOF
[root@k8s-master1 ~]#

修改数据目录权限,默认是root:root
chown -R etcd:etcd /var/lib/etcd
恢复正常.

[root@k8s-master1 ~]# etcdctl member list
4c99f52323a3e391, started, k8s-master2, https://192.168.32.129:2380, https://192.168.32.129:2379
5a74b01f28ece933, started, k8s-master1, https://192.168.32.128:2380, https://192.168.32.128:2379
b29b94ace458096d, started, k8s-master3, https://192.168.32.130:2380, https://192.168.32.130:2379
[root@k8s-master1 ~]#

可以看到v3的数据恢复成功.

参考地址

https://blog.csdn.net/liukuan73/article/details/78986652

https://blog.51cto.com/goome/2380854

https://yq.aliyun.com/articles/336781