sealos部署的k8s集群进行备份及恢复

环境简介

  • 系统环境:CentOS7.9 5.4.228-1.el7.elrepo.x86_64
  • sealos:4.1.5 RC3
  • kubernetes:v1.26.1
  • helm:v3.10.3
  • calico:v3.24.5
  • etcd:3.5.6

k8s数据保存在etcd中,通过sealos安装的集群会创建基于容器的etcd集群,默认配置文件在/etc/kubernetes/manifests/,默认存储路径在/var/lib/etcd/下.

备份etcd

备份是比较简单的,通过容器里的etcdctl直接进行快照备份即可

crictl exec -i `crictl ps |grep etcd |awk '{print $1}'` /bin/sh -c "ETCDCTL_API=3 /usr/local/bin/etcdctl-3.5.6 --endpoints https://127.0.0.1:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key snapshot save /var/lib/etcd/etcsnapshot_`date +%Y%m%d`.db"

通过上述命令会在/var/lib/etcd/生成一个备份文件,这样就相当于备份成功了

恢复etcd

恢复起来相对就比较复杂一些,因为3个节点都要恢复快照,直接执行恢复是不行,会发现删除的资源无法恢复,正确的恢复步骤如下:

1,关闭所有的apiserver以及etcd容器

#分别在master服务器上执行
mv /etc/kubernetes/manifests/ /root/

2,将每个节点的etcd存储下的member目录,备份到可信存储中

#分别在所有的etcd存储中执行
mv /var/lib/etcd/member /data/bak/

3,通过etcdutl恢复数据

#分别在不同的etcd上恢复数据
ETCDCTL_API=3 etcdutl snapshot restore /root/etcsnapshot.db \
--name bj-yjtc-k8s-master-192-168-2-65 \
--initial-cluster "bj-yjtc-k8s-master-192-168-2-65=https://192.168.2.65:2380,bj-yjtc-k8s-master-192-168-2-67=https://192.168.2.67:2380,bj-yjtc-k8s-master-192-168-2-66=https://192.168.2.66:2380" \
--initial-advertise-peer-urls https://192.168.2.65:2380 \
--data-dir /var/lib/etcd/

ETCDCTL_API=3 etcdutl snapshot restore /root/etcsnapshot.db \
--name bj-yjtc-k8s-master-192-168-2-66 \
--initial-cluster "bj-yjtc-k8s-master-192-168-2-65=https://192.168.2.65:2380,bj-yjtc-k8s-master-192-168-2-67=https://192.168.2.67:2380,bj-yjtc-k8s-master-192-168-2-66=https://192.168.2.66:2380" \
--initial-advertise-peer-urls https://192.168.2.66:2380 \
--data-dir /var/lib/etcd/


ETCDCTL_API=3 etcdutl snapshot restore /root/etcsnapshot.db \
--name bj-yjtc-k8s-master-192-168-2-67 \
--initial-cluster "bj-yjtc-k8s-master-192-168-2-65=https://192.168.2.65:2380,bj-yjtc-k8s-master-192-168-2-67=https://192.168.2.67:2380,bj-yjtc-k8s-master-192-168-2-66=https://192.168.2.66:2380" \
--initial-advertise-peer-urls https://192.168.2.67:2380 \
--data-dir /var/lib/etcd/

#进入/var/lib/etcd/下看到member即恢复成功

4,启动apiserver和etcd

mv /root/manifests /etc/kubernetes/manifests

5,恢复成功,可以看到之前删除的资源了

此条目发表在kubernetes分类目录。将固定链接加入收藏夹。

发表回复

您的电子邮箱地址不会被公开。 必填项已用 * 标注