[Kubernetes](Backup)Kubernetes ETCD backup and restore

업데이트:

Check ETCD information

check ETCD version

kubectl describe pod etcd-controlplane -n kube-system

At what address do you reach the ETCD cluster from you master node?

check listen urls(endpoint)

kubectl describe pod etcd-controlplane -n kube-system

## 중략
--listen-client-urls=https://127.0.0.1:2379,https://172.17.0.62:2379

ETCD server certificate file located

find server cert

kubectl describe pod etcd-controlplane -n kube-system
## 중략

--cert-file=/etc/kubernetes/pki/etcd/server.crt

ETCD CA Certificate file located

find ca cert

kubectl describe pod etcd-controlplane -n kube-system
## 중략

--trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt

ETCD Key file located

find key file

kubectl describe pod etcd-controlplane -n kube-system
##  중략
--key-file=/etc/kubernetes/pki/etcd/server.key

ETCD backup and restore

etcdctl snapshot save [filename]

check etcd member first

  • –endpoints
  • –cacert
  • –cert
  • –key
ETCDCTL_API=3 etcdctl member list --endpoints=https://127.0.0.1:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt \
     --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key

Backup ETCD

ETCDCTL_API=3 etcdctl snapshot save /opt/snapshot-pre-boot.db \
--endpoints=https://127.0.0.1:2379 \
--cacert=/etc/kubernetes/pki/etcd/ca.crt \
--cert=/etc/kubernetes/pki/etcd/server.crt \
--key=/etc/kubernetes/pki/etcd/server.key \
     

Restore ETCD

ETCDCTL_API=3 etcdctl snapshot restore /opt/snapshot-pre-boot.db \
--endpoints=https://127.0.0.1:2379 \
--cacert=/etc/kubernetes/pki/etcd/ca.crt \
--cert=/etc/kubernetes/pki/etcd/server.crt \
--key=/etc/kubernetes/pki/etcd/server.key \
--data-dir /var/lib/etcd-from-backup

댓글남기기