一、单机

说明:执行etcd备份数据的恢复的机器必须和原先etcd所在机器一致

1、单机备份

 etcdctl --endpoints="https://10.25.72.62:2379" \

 --cert=/etc/etcd/ssl/etcd.pem \

 --key=/etc/etcd/ssl/etcd-key.pem \

 --cacert=/etc/kubernetes/ssl/ca.pem \

 snapshot save snapshot.db

2、单机数据恢复

 [root@SZD-L0105331 ~]# systemctl stop etcd   # 停止etcd服务

 [root@SZD-L0105331 ~]# export ETCDCTL_API=; # 使用ETCDCTL API

 [root@SZD-L0105331 ~]# etcdctl  snapshot restore snapshot.db \

         --name=SZD-L0105331 \

         --endpoints=https://10.25.72.62:2379 \

         --cacert=/etc/kubernetes/ssl/ca.pem \

         --cert=/etc/etcd/ssl/etcd.pem \

         --key=/etc/etcd/ssl/etcd-key.pem  \

         --initial-cluster=SZD-L0105331=https://10.25.72.62:2380  \

         --initial-advertise-peer-urls=https://10.25.72.62:2380 \

         --initial-cluster-token=etcd-cluster- \

         --data-dir=/var/lib/etcd4   # 注意--data-dir参数,以下步骤需要使用

 [root@SZD-L0105331 ~]# # 修改etcd启动参数--data-dir指向上一步的数据回复目录,一般在/etc/etcd/etcd文件中

 [root@SZD-L0105331 ~]# cat /etc/etcd/etcd  # 完整参数文件如下

 ETCD_OPTIONS="--name=SZD-L0105331 \

    --client-cert-auth=true \

    --cert-file=/etc/etcd/ssl/etcd.pem \

    --key-file=/etc/etcd/ssl/etcd-key.pem \

    --peer-cert-file=/etc/etcd/ssl/etcd.pem \

    --peer-key-file=/etc/etcd/ssl/etcd-key.pem \

    --trusted-ca-file=/etc/kubernetes/ssl/ca.pem \

    --peer-trusted-ca-file=/etc/kubernetes/ssl/ca.pem \

    --initial-advertise-peer-urls=https://10.25.72.62:2380 \

    --listen-peer-urls=https://10.25.72.62:2380 \

    --listen-client-urls=https://10.25.72.62:2379,https://127.0.0.1:2379 \

    --advertise-client-urls=https://10.25.72.62:2379 \

    --initial-cluster-token=etcd-cluster- \

    --initial-cluster=SZD-L0105331=https://10.25.72.62:2380 \

    --initial-cluster-state=new \

    --data-dir=/var/lib/etcd"

 [root@SZD-L0105331 ~]# systemctl start etcd # 启动etcd服务

二、集群

1、模拟写入数据到Etcd集群

 # 使用API 3写入数据库

 [root@SZD-L0097856 etcd-cluster]# ETCDCTL_API= etcdctl --endpoints="https://10.25.84.251:2379,https://10.25.73.25:2379,https://10.25.73.150:2379" --cert=/root/etcd-cluster/etcd.pem --key=/root/etcd-cluster/etcd-key.pem --cacert=/root/etcd-cluster/ca.pem put /name/ zxg

 # 读取数据

 [root@SZD-L0097856 etcd-cluster]# ETCDCTL_API= etcdctl --endpoints="https://10.25.84.251:2379,https://10.25.73.25:2379,https://10.25.73.150:2379" --cert=/root/etcd-cluster/etcd.pem --key=/root/etcd-cluster/etcd-key.pem --cacert=/root/etcd-cluster/ca.pem get  /name/

 -- ::13.017586 I | warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated

 /name/

 zxg

 # 使用API 2写入数据库

 [root@SZD-L0097856 etcd-cluster]# ETCDCTL_API= etcdctl --cert-file /root/etcd-cluster/etcd.pem --ca-file /root/etcd-cluster/ca.pem --key-file /root/etcd-cluster/etcd-key.pem --endpoints="https://10.25.73.25:2379,https://10.25.73.150:2379,https://10.25.84.251:2379" set /name1 zxg1

 -- ::35.060559 I | warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated

 zxg1

 # 读取数据

 [root@SZD-L0097856 etcd-cluster]# ETCDCTL_API= etcdctl --cert-file /root/etcd-cluster/etcd.pem --ca-file /root/etcd-cluster/ca.pem --key-file /root/etcd-cluster/etcd-key.pem --endpoints="https://10.25.73.25:2379,https://10.25.73.150:2379,https://10.25.84.251:2379" get /name1

 -- ::47.884908 I | warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated

 zxg1

2、备份etcd数据

 [root@SZD-L0097856 etcd-cluster]# ETCDCTL_API= etcdctl --endpoints="https://10.25.84.251:2379,https://10.25.73.25:2379,https://10.25.73.150:2379" --cert=/root/etcd-cluster/etcd.pem --key=/root/etcd-cluster/etcd-key.pem --cacert=/root/etcd-cluster/ca.pem  snapshot save mysnapshot.db

 -- ::47.206334 I | warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated

 Snapshot saved at mysnapshot.db

3、停止etcd集群

停止方法:分别在3台etcd的宿主机上执行以下命令停止etcd服务
systemctl stop etcd

停掉Leader 10.25.73.25, 查看集群状况,重新选举出了leader,集群可正常使用

 [root@SZD-L0097856 etcd-cluster]# ETCDCTL_API= etcdctl --endpoints="https://10.25.84.251:2379,https://10.25.73.25:2379,https://10.25.73.150:2379" --cert=/root/etcd-cluster/etcd.pem --key=/root/etcd-cluster/etcd-key.pem --cacert=/root/etcd-cluster/ca.pem  endpoint status --write-out=table

 -- ::50.686352 I | warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated

 Failed to get the status of endpoint https://10.25.73.25:2379 (context deadline exceeded)

 +---------------------------+------------------+---------+---------+-----------+-----------+------------+

 |         ENDPOINT          |        ID        | VERSION | DB SIZE | IS LEADER | RAFT TERM | RAFT INDEX |

 +---------------------------+------------------+---------+---------+-----------+-----------+------------+

 | https://10.25.84.251:2379 | 2a53eb67dfa37cc0 | 3.1.10  | 25 kB   | false     |        14 |         19 |

 | https://10.25.73.150:2379 | c267a0ca02c6bff7 | 3.1.10  | 25 kB   | true      |        14 |         19 |

 +---------------------------+------------------+---------+---------+-----------+-----------+------------+

停掉10.25.73.150,查看集群状况,集群已经无法正常使用,说明3节点的Etcd容错为1

 [root@SZD-L0097856 etcd-cluster]# ETCDCTL_API= etcdctl --endpoints="https://10.25.84.251:2379,https://10.25.73.25:2379,https://10.25.73.150:2379" --cert=/root/etcd-cluster/etcd.pem --key=/root/etcd-cluster/etcd-key.pem --cacert=/root/etcd-cluster/ca.pem  endpoint status --write-out=table

 -- ::44.526382 I | warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated

 Failed to get the status of endpoint https://10.25.73.25:2379 (context deadline exceeded)

 Failed to get the status of endpoint https://10.25.73.150:2379 (context deadline exceeded)

 +---------------------------+------------------+---------+---------+-----------+-----------+------------+

 |         ENDPOINT          |        ID        | VERSION | DB SIZE | IS LEADER | RAFT TERM | RAFT INDEX |

 +---------------------------+------------------+---------+---------+-----------+-----------+------------+

 | https://10.25.84.251:2379 | 2a53eb67dfa37cc0 | 3.1.10  | 25 kB   | false     |        14 |         19 |

 +---------------------------+------------------+---------+---------+-----------+-----------+------------+

删除etcd数据,方法:登录etcd所在主机执行:(注意:危险操作,请谨慎操作,确保在有数据备份并且确定Etcd集群无法正常工作后操作)
rm -rf /var/lib/etcd

4、使用备份数据进行恢复

恢复10.25.84.251节点数据到/var/lib/etcd
[root@SZD-L0097856 etcd-cluster]# ETCDCTL_API=3 etcdctl --name=SZD-L0097856 --endpoints="https://10.25.84.251:2379" --cert=/root/etcd-cluster/etcd.pem --key=/root/etcd-cluster/etcd-key.pem --cacert=/root/etcd-cluster/ca.pem --initial-cluster-token=etcd-cluster-0 --initial-advertise-peer-urls=https://10.25.84.251:2380 --initial-cluster=SZD-L0101798=https://10.25.73.25:2380,SZD-L0103739=https://10.25.73.150:2380,SZD-L0097856=https://10.25.84.251:2380 --data-dir=/varlib/etcd snapshot restore mysnapshot.db
2018-08-16 19:52:33.409406 I | etcdserver/membership: added member 2a53eb67dfa37cc0 [https://10.25.84.251:2380] to cluster 4741a9e2cf17e1fa
2018-08-16 19:52:33.409481 I | etcdserver/membership: added member 304bcbfa92e84c75 [https://10.25.73.25:2380] to cluster 4741a9e2cf17e1fa
2018-08-16 19:52:33.409499 I | etcdserver/membership: added member c267a0ca02c6bff7 [https://10.25.73.150:2380] to cluster 4741a9e2cf17e1fa
[root@SZD-L0097856 etcd-cluster]#
恢复10.25.73.25节点数据到/var/lib/etcd
[root@SZD-L0101798 etcd-cluster]# ETCDCTL_API=3 etcdctl --name=SZD-L0101798 --endpoints="https://10.25.73.25:2379" --cert=/root/etcd-cluster/etcd.pem --key=/root/etcd-cluster/etcd-key.pem --cacert=/root/etcd-cluster/ca.pem --initial-cluster-token=etcd-cluster-0 --initial-advertise-peer-urls=https://10.25.73.25:2380 --initial-cluster=SZD-L0101798=https://10.25.73.25:2380,SZD-L0103739=https://10.25.73.150:2380,SZD-L0097856=https://10.25.84.251:2380 --data-dir=/varlib/etcd snapshot restore mysnapshot.db
2018-08-16 19:55:30.735518 I | etcdserver/membership: added member 2a53eb67dfa37cc0 [https://10.25.84.251:2380] to cluster 4741a9e2cf17e1fa
2018-08-16 19:55:30.735601 I | etcdserver/membership: added member 304bcbfa92e84c75 [https://10.25.73.25:2380] to cluster 4741a9e2cf17e1fa
2018-08-16 19:55:30.735617 I | etcdserver/membership: added member c267a0ca02c6bff7 [https://10.25.73.150:2380] to cluster 4741a9e2cf17e1fa
[root@SZD-L0101798 etcd-cluster]#
恢复10.25.73.150节点数据到/var/lib/etcd
[root@SZD-L0103739 etcd-cluster]# ETCDCTL_API=3 etcdctl --name=SZD-L0103739 --endpoints="https://10.25.73.150:2379" --cert=/root/etcd-cluster/etcd.pem --key=/root/etcd-cluster/etcd-key.pem --cacert=/root/etcd-cluster/ca.pem --initial-cluster-token=etcd-cluster-0 --initial-advertise-peer-urls=https://10.25.73.150:2380 --initial-cluster=SZD-L0101798=https://10.25.73.25:2380,SZD-L0103739=https://10.25.73.150:2380,SZD-L0097856=https://10.25.84.251:2380 --data-dir=/varlib/etcd snapshot restore mysnapshot.db
2018-08-16 19:58:21.892719 I | etcdserver/membership: added member 2a53eb67dfa37cc0 [https://10.25.84.251:2380] to cluster 4741a9e2cf17e1fa
2018-08-16 19:58:21.892796 I | etcdserver/membership: added member 304bcbfa92e84c75 [https://10.25.73.25:2380] to cluster 4741a9e2cf17e1fa
2018-08-16 19:58:21.892812 I | etcdserver/membership: added member c267a0ca02c6bff7 [https://10.25.73.150:2380] to cluster 4741a9e2cf17e1fa
[root@SZD-L0103739 etcd-cluster]#

5、启动Etcd服务

分别在etcd所在主机执行如下命令:
systemctl start etcd

6、验证数据完整性

经过验证,使用ETCDCTL_API=2 存放的数据会丢失,使用ETCDCTL_API=3存放的数据能正常恢复
附录:
查询etcd API3的键
[root@SZD-L0101798 ~]# ETCDCTL_API=3 etcdctl --endpoints="https://10.25.84.251:2379,https://10.25.73.25:2379,https://10.25.73.150:2379" --cert=/root/etcd-cluster/etcd.pem --key=/root/etcd-cluster/etcd-key.pem --cacert=/root/etcd-cluster/ca.pem get / --prefix --keys-only
2018-08-16 20:38:06.954368 I | warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated
/name/1

/name/2

/name/3

/name/4

etcd数据备份与恢复验证的更多相关文章

  1. redis基础操作~~数据备份与恢复、数据安全、性能测试、客户端连接、分区

    数据备份与恢复 数据备份redis save 命令用于创建当前数据库的备份. redis 127.0.0.1:6379> SAVE OK 该命令将在 redis 安装目录中创建dump.rdb文 ...

  2. Redis 数据备份与恢复,安全,性能测试,客户端连接,管道技术,分区(四)

    Redis 数据备份与恢复 Redis SAVE 命令用于创建当前数据库的备份. 语法 redis Save 命令基本语法如下: redis 127.0.0.1:6379> SAVE 实例 re ...

  3. etcd数据备份和恢复--转发

    对于etcd api v3数据备份与恢复方法 # export ETCDCTL_API=3 # etcdctl --endpoints localhost:2379 snapshot save sna ...

  4. Database基础(四):密码恢复及设置、 用户授权及撤销、数据备份与恢复、MySQL管理工具

    一.密码恢复及设置 目标: 本案例要求熟悉MySQL管理密码的控制,完成以下任务操作: 练习重置MySQL管理密码的操作 通过正常途径设置MySQL数据库的管理密码 步骤: 步骤一:重置MySQL管理 ...

  5. ETCD数据迁移

    ETCD数据迁移 本文阅读对象为想要将Rainbond平台rbd-etcd切换至外部etcd的相关人员. 在k8s master节点创建secret 本文中将要切换的ETCD为根据Rainbond官方 ...

  6. 解决Yii2 启用_csrf验证后POST数据仍提示“您提交的数据无法验证”

    一 CSRF 概念 CSRF(Cross-site request forgery跨站请求伪造,也被称为“One Click Attack”或者Session Riding,通常缩写为CSRF或者XS ...

  7. wicket基础应用(1)--使用wicket对表单中的数据进行验证

    作者:lhx1026 出处:http://lhx1026.iteye.com/ wicket基础应用(1)--使用wicket对表单中的数据进行验证 举个例子: 1.有一个Java文件SysCharg ...

  8. InfluxDB数据备份与恢复

    数据备份与恢复 Example:(192.167.8.13 InfluxDB:DeviceHistory备份到192.167.8.52,然后恢复到该服务器上)   steps:   login 192 ...

  9. Mysql 数据备份与恢复,用户创建,授权

    Mysql 数据备份与恢复,用户创建,授权 1. Mysqldump >outfile.sql 2. Mysql –uxxx –pxxx < backfile.sql 3. Create  ...

随机推荐

  1. 【译】x86程序员手册11- 4.1系统寄存器

    4.1 Systems Registers 系统寄存器 The registers designed for use by systems programmers fall into these cl ...

  2. for循环中索引值和取值的迷惑

    利用for循环和range从100——10,倒序讲所有的偶数添加到一个新列表中,然后对列表的元素进行筛选,将能被4整除的数留下来. even = []for i in range(100,9,-1): ...

  3. 洛谷——P2342 叠积木

    P2342 叠积木   题目大意:   给你一堆积木,排成一行,初始时每对积木都只有一个,支持两种操作  第一种是移动操作,格式为“移动X到Y的上面”.X和Y代表两块积木的编号,意思是将X所的那堆积 ...

  4. [Luogu] P4198 楼房重建

    题目描述 小A的楼房外有一大片施工工地,工地上有N栋待建的楼房.每天,这片工地上的房子拆了又建.建了又拆.他经常无聊地看着窗外发呆,数自己能够看到多少栋房子. 为了简化问题,我们考虑这些事件发生在一个 ...

  5. git 的简单使用(2)

    一般情况下,你通常直接在文件管理器中把没用的文件删了,或者用rm命令删了: $ rm test.txt 你可以使用 git rm test.txt来删除 然后用git commit -m " ...

  6. 腾讯云,搭建LAMP服务

    lamp (Web应用软件) 编辑 Linux+Apache+Mysql/MariaDB+Perl/PHP/Python一组常用来搭建动态网站或者服务器的开源软件,本身都是各自独立的程序,但是因为常被 ...

  7. 3 Java的基本程序设计结构

        本章主要内容: 一个简单的Java应用程序 注释 数据类型 变量 运算符 字符串 输入输出 控制流 大数值 数组       本章主要介绍程序设计的基本概念(如数据类型.分支以及循环)在Jav ...

  8. java常见知识

    在JSP页面获取当前项目名称的方法: 方法1: <%= this.getServletContext().getContextPath() %> 方法2: 使用EL表达式 ${pageCo ...

  9. flask中的session cookie 测试 和 项目中的用户状态保持

    # -*- coding:utf-8 -*- # Author: json_steve from flask import Flask, current_app, make_response, req ...

  10. [国家集训队2012]tree(陈立杰)

    [国家集训队2012]tree(陈立杰) 题目 给你一个无向带权连通图,每条边是黑色或白色.让你求一棵最小权的恰好有need条白色边的生成树.题目保证有解. INPUT 第一行V,E,need分别表示 ...