#查看成员列表
ETCDCTL_API=3 etcdctl -w table --endpoints=etcd-1:2379,etcd-2:2379,etcd-0:2379 member list
#查看集群状态
ETCDCTL_API=3 etcdctl -w table --endpoints=etcd-1:2379,etcd-2:2379,etcd-0:2379 endpoint status
#或者不必使用--endpoints标志来单独指定每个端点
ETCDCTL_API=3 etcdctl endpoint status --cluster -w table
#查看etcd版本信息
curl -L http://127.0.0.1:2379/version
#查看暴露的监控指标 prometheus采集指标
curl -L http://127.0.0.1:2379/metrics
#备份数据目录
etcdctl backup --data-dir /var/lib/etcd --backup-dir /tmp/etcd
--参数说明:
--data-dir:指明数据目录的位置
--backup-dir:指明备份的位置
#备份快照
ETCDCTL_API=3 etcdctl snapshot save snapshot.db
#恢复快照
ETCDCTL_API=3 etcdctl snapshot restore snapshot.db \
--name {{ NODE_NAME }} \
--initial-cluster {{ ETCD_NODES }} \
--initial-cluster-token etcd-cluster-0 \
--initial-advertise-peer-urls https://{{ inventory_hostname }}:2380
--name:表示当前etcd节点的名字(非主机名)
--initial-cluster:集群中所有节点的peer访问地址;例:etcd01=https://10.10.5.217:2380 ,etcd02=https://10.10.5.219:2380,etcd03=https://10.10.5.220:2380
--initial-cluster-token:集群中各节点通信的token
--initial-advertise-peer-urls:当前节点对其它节点的通信地址
#查看所有key
etcdctl get / --prefix --keys-only
#将所有的key重定向输出到文件
ETCDCTL_API=3 etcdctl get "" --from-key > keys.yaml
#用户和权限管理
etcdctl user add saguser --添加用户
etcdctl user list --查看列表
etcdctl role list --查看列表
etcdctl role add sagrole --添加角色
etcdctl role grant-permission --help --查看赋权限帮助信息
etcdctl role grant-permission --prefix=true sagrole readwrite /userinfo/ --为角色配置权限
etcdctl role get sagrole --查看角色信息
etcdctl auth enable --开启权限验证
etcdctl user passwd saguser --重置用户密码
etcdctl role revoke sagrole --path /userinfo/* --readwrite 取消角色权限
k8s 二进制安装 etcd集群常用操作命令
1. 查看集群成员列表
ETCDCTL_API=3 etcdctl -w table --cacert=/k8s/ssl/ca.pem --cert=/k8s/ssl/etcd.pem --key=/k8s/ssl/etcd-key.pem --endpoints=https://192.168.110.251:2379,https://192.168.110.250:2379,https://192.168.110.252:2379 member list
2. 查看集群健康状态
ETCDCTL_API=3 etcdctl -w table --cacert=/k8s/ssl/ca.pem --cert=/k8s/ssl/etcd.pem --key=/k8s/ssl/etcd-key.pem --endpoints=https://192.168.110.251:2379,https://192.168.110.250:2379,https://192.168.110.252:2379 endpoint health
3. 获取某个key信息
ETCDCTL_API=3 etcdctl --cacert=/k8s/ssl/ca.pem --cert=/k8s/ssl/etcd.pem --key=/k8s/ssl/etcd-key.pem --endpoints=https://192.168.110.251:2379,https://192.168.110.250:2379,https://192.168.110.252:2379 get /registry/apiregistration.k8s.io/apiservices/v1.apps
4. 获取etcd版本信息
ETCDCTL_API=3 etcdctl --cacert=/k8s/ssl/ca.pem --cert=/k8s/ssl/etcd.pem --key=/k8s/ssl/etcd-key.pem --endpoints=https://192.168.110.251:2379,https://192.168.110.250:2379,https://192.168.110.252:2379 version
5. 获取etcd所有key
ETCDCTL_API=3 etcdctl --cacert=/k8s/ssl/ca.pem --cert=/k8s/ssl/etcd.pem --key=/k8s/ssl/etcd-key.pem --endpoints=https://192.168.110.251:2379,https://192.168.110.250:2379,https://192.168.110.252:2379 get / --prefix --keys-only
6. 备份数据
备份使用 snapshot save , 每次备份一个节点就行
ETCDCTL_API=3 etcdctl --cacert=/k8s/ssl/ca.pem --cert=/k8s/ssl/etcd.pem --key=/k8s/ssl/etcd-key.pem --endpoints=https://192.168.110.251:2379 snapshot save ./etcd-snapshot-`date +%Y%m%d`.db
7. 恢复数据
ETCDCTL_API=3 etcdctl snapshot restore ./etcd-snapshot-20200414.db --name bjxg-sy-test \
--initial-cluster "bjxg-sy-test=https://192.168.100.250:2380" \
--initial-cluster-token etcd-cluster-0 \
--initial-advertise-peer-urls https://192.168.100.250:2380 \
--data-dir=/data/k8s/etcd/data --wal-dir=/data/k8s/etcd/wal
https://www.cnblogs.com/Qing-840/p/17036101.html