kubeadm集群备份恢复etcd
kubeadm集群备份恢复etcd
利用cronjob备份etcd数据 实例中用得是动态nfs存储卷 etcd_pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: k8s-backup-pvc
namespace: kube-system
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: "30Gi"
volumeName:
storageClassName: nfs-client
etcd_cronjob.yaml 因为是kubeadm安装得环境,所以cronjob再master上执行
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: etcd-disaster-recovery
namespace: kube-system
spec:
schedule: "0 03 * * *"
jobTemplate:
spec:
template:
metadata:
labels:
app: etcd-disaster-recovery
spec:
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- k8s-master
containers:
- name: etcd
#查看当前etcd版本保持一致
image: registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.3-0
imagePullPolicy: "IfNotPresent"
command:
- sh
- -c
- "export ETCDCTL_API=3; \
etcdctl --endpoints=$ENDPOINT \
--cert=/etc/kubernetes/pki/etcd/server.crt \
--key=/etc/kubernetes/pki/etcd/server.key \
--cacert=/etc/kubernetes/pki/etcd/ca.crt \
snapshot save /snapshot/$(date +%Y%m%d_%H%M%S)_snapshot.db; \
echo etcd backup success"
env:
- name: ENDPOINT
value: "https://127.0.0.1:2379"
volumeMounts:
- mountPath: "/etc/kubernetes/pki/etcd"
name: etcd-certs
- mountPath: "/var/lib/etcd"
name: etcd-data
- mountPath: "/snapshot"
name: snapshot
subPath: data/etcd-snapshot
- mountPath: /etc/localtime
name: lt-config
# - mountPath: /etc/timezone/timezone
# name: tz-config
restartPolicy: OnFailure
volumes:
- name: etcd-certs
hostPath:
path: /etc/kubernetes/pki/etcd
- name: etcd-data
hostPath:
path: /var/lib/etcd
- name: snapshot
persistentVolumeClaim:
claimName: k8s-backup-pvc
- name: lt-config
hostPath:
path: /etc/localtime
# - name: tz-config
# #centos7时区修改
# hostPath:
# path: /etc/timezone/timezone
hostNetwork: true
文章作者 🐳Myki
上次更新 2020-08-21