root@master2:~# find / -iname "etcdctl"
/var/lib/docker/overlay2/70f2d53b00677864ae52f604f8fe4c229619b0e9635f0ba807489694d3d30219/diff/usr/local/bin/etcdctl
root@master2:~# cp /var/lib/docker/overlay2/70f2d53b00677864ae52f604f8fe4c229619b0e9635f0ba807489694d3d30219/diff/usr/local/bin/etcdctl /usr/local/bin/etcdctl
root@master2:~# export ETCDCTL_API=3
root@master2:~# alias etcdctl='etcdctl --endpoints=https://127.0.0.1:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key'
到这里已经可以在node节点上使用etcdctl这个命令
root@master2:~# etcdctl member list -w table
+------------------+---------+---------+---------------------------+---------------------------+------------+
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS | IS LEARNER |
+------------------+---------+---------+---------------------------+---------------------------+------------+
| 5683c8e00663838 | started | master2 | https://192.168.1.28:2380 | https://192.168.1.28:2379 | false |
| 24de4a5dd6970656 | started | master1 | https://192.168.1.27:2380 | https://192.168.1.27:2379 | false |
| 65a63d55520e3147 | started | master3 | https://192.168.1.29:2380 | https://192.168.1.29:2379 | false |
+------------------+---------+---------+---------------------------+---------------------------+------------+
root@master2:~# etcdctl --endpoints=https://192.168.1.27:2379 --endpoints=https://192.168.1.28:2379 --endpoints=https://192.168.1.29:2379 endpoint health -w table
+---------------------------+--------+-------------+-------+
| ENDPOINT | HEALTH | TOOK | ERROR |
+---------------------------+--------+-------------+-------+
| https://192.168.1.28:2379 | true | 9.606197ms | |
| https://192.168.1.27:2379 | true | 12.163244ms | |
| https://127.0.0.1:2379 | true | 12.994907ms | |
| https://192.168.1.29:2379 | true | 14.684804ms | |
+---------------------------+--------+-------------+-------+
root@master2:~# etcdctl endpoint status -w table
+------------------------+-----------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS |
+------------------------+-----------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
| https://127.0.0.1:2379 | 5683c8e00663838 | 3.5.9 | 346 MB | false | false | 43 | 2339425 | 2339425 | |
+------------------------+-----------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
root@master2:~# etcdctl get / --prefix=true --keys-only=true
root@master2:~# etcdctl get /registry/storageclasses/nfs-storage --prefix=true
root@master2:~# etcdctl snapshot save `hostname`_etcd_`date +%Y%m%d%H%M`.db
{"level":"info","ts":"2024-06-01T19:50:37.444096+0800","caller":"snapshot/v3_snapshot.go:65","msg":"created temporary db file","path":"master2_etcd_202406011950.db.part"}
{"level":"info","ts":"2024-06-01T19:50:37.451006+0800","logger":"client","caller":"v3@v3.5.9/maintenance.go:212","msg":"opened snapshot stream; downloading"}
{"level":"info","ts":"2024-06-01T19:50:37.451041+0800","caller":"snapshot/v3_snapshot.go:73","msg":"fetching snapshot","endpoint":"https://127.0.0.1:2379"}
{"level":"info","ts":"2024-06-01T19:50:40.284455+0800","logger":"client","caller":"v3@v3.5.9/maintenance.go:220","msg":"completed snapshot read; closing"}
{"level":"info","ts":"2024-06-01T19:50:40.846846+0800","caller":"snapshot/v3_snapshot.go:88","msg":"fetched snapshot","endpoint":"https://127.0.0.1:2379","size":"346 MB","took":"3 seconds ago"}
{"level":"info","ts":"2024-06-01T19:50:40.846939+0800","caller":"snapshot/v3_snapshot.go:97","msg":"saved","path":"master2_etcd_202406011950.db"}
Snapshot saved at master2_etcd_202406011950.db
这个命令的目的是使用ETCDCTL工具通过HTTPS连接到本地主机上的ETCD集群,并使用提供的证书和密钥来执行快照备份操作
恢复的模版
ETCDCTL_API=3 etcdctl snapshot restore +备份文件名 \
--name \ #当前实例在集群中的名字
--initial-cluster \ #集群中所有实例通讯地址。
--initial-cluster-token etcd-cluster \ #集群名字,不要与已有集群冲突
--initial-advertise-peer-urls \ #当前实例进群通讯地址
--data-dir /data/mydata_etcd_3.4.9 #数据恢复目录