1. 备份
备份策略:
每两个小时用命令对etcd进行备份
备份数据保留2天
ETCDCTL_API=3 /opt/etcd/bin/etcdctl snapshot save /root/backup/etcd_$(date "+%Y%m%d%H%M%S").db
2. 恢复
(1)、停止kube-apiserver,确保不会再写入数据
systemctl stop kube-apiserver
(2)、停止所有节点etcd
systemctl stop etcd
(3)、将etcd节点上原有的数据目录备份(具体的目录可以在etcd的配置文件中查看)
mv /var/lib/etcd/default.etcd{,.bak}
(4)、将备份的数据拷贝到所有etcd节点
scp etcd_20200106152240.db 10.1.10.129:/root/backup/
scp etcd_20200106152240.db 10.1.10.130:/root/backup/
(5)、使用命令进行恢复
# 在etcd-1上
ETCDCTL_API=3 /opt/etcd/bin/etcdctl snapshot --endpoints="https://10.1.10.128:2379,https://10.1.10.129:2379,https://10.1.10.130:2379" --cacert=/opt/etcd/ssl/etcd-ca.pem --cert=/opt/etcd/ssl/etcd-server.pem --key=/opt/etcd/ssl/etcd-server-key.pem restore ~/backup/etcd_20200106152240.db --name=etcd-1 --data-dir=/var/lib/etcd/default.etcd --initial-cluster="etcd-1=https://10.1.10.128:2380,etcd-2=https://10.1.10.129:2380,etcd-3=https://10.1.10.130:2380" --initial-cluster-token="etcd-cluster" --initial-advertise-peer-urls=https://10.1.10.128:2380
# 在etcd-2上
ETCDCTL_API=3 /opt/etcd/bin/etcdctl snapshot --endpoints="https://10.1.10.128:2379,https://10.1.10.129:2379,https://10.1.10.130:2379" --cacert=/opt/etcd/ssl/etcd-ca.pem --cert=/opt/etcd/ssl/etcd-server.pem --key=/opt/etcd/ssl/etcd-server-key.pem restore ~/backup/etcd_20200106152240.db --name=etcd-2 --data-dir=/var/lib/etcd/default.etcd --initial-cluster="etcd-1=https:/