堆棧內存溢出
  簡體   English   中英

如何在CoreOS上的Docker映像中從快照還原etcd集群?

[英]How can I restore etcd cluster from snapshot in docker image on CoreOS?

 原文  2018-06-12 20:37:52       docker/ kubernetes/ coreos/ etcd

問題描述

我在vmware上有一個帶有3個節點的etcd集群(etcd版本3.1.5)的Kubernetes集群(v1.5.6)。 這個etcd節點在vmware上的coreos上的三個docker容器中(在三個主機上)運行。

我嘗試使用以下解決方案備份etcd: 

docker run --rm --net=host -v /tmp:/etcd_backup -e ETCDCTL_API=3 quay.io/coreos/etcd:v3.1.5 etcdctl --endpoints=[1.1.1.1:2379,2.2.2.2:2379,3.3.3.3:2379] snapshot save etcd_backup/snapshot.db

備份已成功完成。

我想在另一個vmware環境中從零創建這個kubernetes集群,但是為此我需要從快照還原etcd。

到目前為止,我還沒有在Docker容器中找到適用於etcd的正確解決方案。

我嘗試使用以下方法進行還原,但不幸的是我沒有成功。

首先,我運行以下命令后創建了一個新的etcd節點: 

docker run --rm --net=host -v /tmp/etcd_bak:/etcd_backup -e ETCDCTL_API=3 registry:5000/quay.io/coreos/etcd:v3.1.5 etcdctl snapshot restore etcd_backup/snapshot.db --name etcd0 --initial-cluster etcd0=http://etcd0:2380,etcd1=http://etcd1:2380,etcd2=http://etcd2:2380 --initial-cluster-token etcd-cluster-1 --initial-advertise-peer-urls http://etcd0:2380

結果: 

2018-06-04 09:25:52.314747 I | etcdserver/membership: added member 7ff5c9c6942f82e [http://etcd0:2380] to cluster 5d1b637f4b7740d5
2018-06-04 09:25:52.314940 I | etcdserver/membership: added member 91b417e7701c2eeb [http://etcd2:2380] to cluster 5d1b637f4b7740d5
2018-06-04 09:25:52.315096 I | etcdserver/membership: added member faeb78734ee4a93d [http://etcd1:2380] to cluster 5d1b637f4b7740d5

不幸的是,什么也沒有發生。

恢復etcd備份的最佳解決方案是什么?

如何創建一個空的etcd群集/節點,如何恢復快照?

2 個解決方案

解決方案1
 4 已采納  2018-06-13 01:54:34

根據Etcd Disaster Recovery文檔,您需要使用諸如您的命令從快照還原所有三個etcd節點,然后使用如下命令運行三個節點: 

etcd \
  --name m1 \
  --listen-client-urls http://host1:2379 \
  --advertise-client-urls http://host1:2379 \
  --listen-peer-urls http://host1:2380 &

另外,您可以從圖像中提取etcdctl,如下所示: 

docker run --rm -v /opt/bin:/opt/bin registry:5000/quay.io/coreos/etcd:v3.1.5 cp /usr/local/bin/etcdctl /opt/bin

然后使用etcdctl還原快照: 

# ETCDCTL_API=3 ./etcdctl snapshot restore snapshot.db \
  --name m1 \
  --initial-cluster m1=http://host1:2380,m2=http://host2:2380,m3=http://host3:2380 \
  --initial-cluster-token etcd-cluster-1 \
  --initial-advertise-peer-urls http://host1:2380 \
  --data-dir /var/lib/etcd

這會將快照還原到/ var / lib / etcd目錄。 然后從docker啟動etcd,不要忘記將/ var / lib / etcd掛載到您的容器中,並為其指定--data-dir。

解決方案2
 2  2018-09-14 02:36:12

kubernetes中的Ectd在Docker容器中運行,這是我恢復群集的操作:

  • 檢索Etcd集群元數據 

     docker inspect etcd1

    您將獲得如下所示的內容: 

     "Binds": [ "/etc/ssl/certs:/etc/ssl/certs:ro", "/etc/ssl/etcd/ssl:/etc/ssl/etcd/ssl:ro", "/var/lib/etcd:/var/lib/etcd:rw" ], ... "Env": [ "ETCD_DATA_DIR=/var/lib/etcd", "ETCD_ADVERTISE_CLIENT_URLS=https://172.16.60.1:2379", "ETCD_INITIAL_ADVERTISE_PEER_URLS=https://172.16.60.1:2380", "ETCD_INITIAL_CLUSTER_STATE=existing", "ETCD_METRICS=basic", "ETCD_LISTEN_CLIENT_URLS=https://172.16.60.1:2379,https://127.0.0.1:2379", "ETCD_ELECTION_TIMEOUT=5000", "ETCD_HEARTBEAT_INTERVAL=250", "ETCD_INITIAL_CLUSTER_TOKEN=k8s_etcd", "ETCD_LISTEN_PEER_URLS=https://172.16.60.1:2380", "ETCD_NAME=etcd1", "ETCD_PROXY=off", "ETCD_INITIAL_CLUSTER=etcd1=https://172.16.60.1:2380,etcd2=https://172.16.60.2:2380,etcd3=https://172.16.60.2:2380", "ETCD_AUTO_COMPACTION_RETENTION=8", "ETCD_TRUSTED_CA_FILE=/etc/ssl/etcd/ssl/ca.pem", "ETCD_CERT_FILE=/etc/ssl/etcd/ssl/member-node01.pem", "ETCD_KEY_FILE=/etc/ssl/etcd/ssl/member-node01-key.pem", "ETCD_PEER_TRUSTED_CA_FILE=/etc/ssl/etcd/ssl/ca.pem", "ETCD_PEER_CERT_FILE=/etc/ssl/etcd/ssl/member-node01.pem", "ETCD_PEER_KEY_FILE=/etc/ssl/etcd/ssl/member-node01-key.pem", "ETCD_PEER_CLIENT_CERT_AUTH=true", "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ], "Cmd": [ "/usr/local/bin/etcd" ],

  • 將etcd snapshotdb復制到其他etcd節點 

     scp snapshotdb_20180913 node02:/root/ scp snapshotdb_20180913 node03:/root/

  • 用原始信息重建新集群 

     # etcd1 docker stop etcd1 rm -rf /var/lib/etcd ETCDCTL_API=3 etcdctl snapshot restore snapshotdb_20180913 \\ --cacert /etc/ssl/etcd/ssl/ca.pem \\ --cert /etc/ssl/etcd/ssl/member-node01.pem \\ --key /etc/ssl/etcd/ssl/member-node01-key.pem \\ --name etcd1 \\ --initial-cluster etcd1=https://node01:2380,etcd2=https://node02:2380,etcd3=https://node03:2380 \\ --initial-cluster-token k8s_etcd \\ --initial-advertise-peer-urls https://node01:2380 \\ --data-dir /var/lib/etcd # etcd2 docker stop etcd2 rm -rf /var/lib/etcd ETCDCTL_API=3 etcdctl snapshot restore snapshotdb_20180913 \\ --cacert /etc/ssl/etcd/ssl/ca.pem \\ --cert /etc/ssl/etcd/ssl/member-node02.pem \\ --key /etc/ssl/etcd/ssl/member-node02-key.pem \\ --name etcd2 \\ --initial-cluster etcd1=https://node01:2380,etcd2=https://node02:2380,etcd3=https://node03:2380 \\ --initial-cluster-token k8s_etcd \\ --initial-advertise-peer-urls https://node02:2380 \\ --data-dir /var/lib/etcd # etcd3 docker stop etcd3 rm -rf /var/lib/etcd ETCDCTL_API=3 etcdctl snapshot restore snapshotdb_20180913 \\ --cacert /etc/ssl/etcd/ssl/ca.pem \\ --cert /etc/ssl/etcd/ssl/member-node03.pem \\ --key /etc/ssl/etcd/ssl/member-node03-key.pem \\ --name etcd3 \\ --initial-cluster etcd1=https://node01:2380,etcd2=https://node02:2380,etcd3=https://node03:2380 \\ --initial-cluster-token k8s_etcd \\ --initial-advertise-peer-urls https://node03:2380 \\ --data-dir /var/lib/etcd

  • 啟動容器並檢查集群狀態 

     cd /etc/ssl/etcd/ssl etcdctl \\ --endpoints=https://node01:2379 \\ --ca-file=./ca.pem \\ --cert-file=./member-node01.pem \\ --key-file=./member-node01-key.pem \\ member list

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 CoreOS / etcd群集最低主機 如果沒有外殼,如何從運行官方etcd映像的docker容器中獲取文件? 如何還原Docker映像的快照(出於測試目的,在同一Docker映像上進行的每個測試) 如何從 ssh 連接后面的私有注冊表中提取 Kubernetes 集群中的 docker 映像 如何在coreos中更新docker 將Docker容器調度到Cluster:Swarm或CoreOS? 如何在Docker中訪問etcd 我可以用/到CoreOS rkt運行/轉換Docker-Compose項目嗎? 在CoreOS上使用etcd進行服務發現時如何處理陳舊數據? 如何從 docker 容器連接到 mongoDB 雲集群?
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM