Dalam arsitektur Kubernetes, etcd merupakan bagian integral dari cluster. Semua objek cluster seperti API objects, object states, dan service discovery disimpan di etcd sehingga sangat disarankan untuk melalukan backup secara rutin agar membantu proses pemulihan jika terjadi insiden baik dari hardware atau software.
Kubernetes etcd Backup Using etcdctl #
Login ke node master / control plane.
Lalu download etcdctl melalui repo github etcd-io
wget https://github.com/etcd-io/etcd/releases/download/v3.4.27/etcd-v3.4.27-linux-amd64.tar.gzExtract archive dan pindahkan file biner etcdctl ke /usr/local/bin/
tar -xaf etcd-v3.4.27-linux-amd64.tar.gz
cd etcd-v3.4.27-linux-amd64
mv etcdctl /usr/local/bin/Untuk menggunakan etcdctl, diperlukan certificate beserta private key etcd yang bisa Anda temukan di /etc/kubernetes/manifests/etcd.yaml.
# cat /etc/kubernetes/manifests/etcd.yaml
...
spec:
containers:
- command:
- etcd
- --cert-file=/etc/kubernetes/pki/etcd/server.crt
- --key-file=/etc/kubernetes/pki/etcd/server.key
- --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
...Tambahkan variable berikut pada shell environment
export ETCDCTL_CACERT=/etc/kubernetes/pki/etcd/ca.crt
export ETCDCTL_CERT=/etc/kubernetes/pki/etcd/server.crt
export ETCDCTL_KEY=/etc/kubernetes/pki/etcd/server.keyTes untuk memastikan sudah terhubung ke etcd.
etcdctl endpoint health127.0.0.1:2379 is healthy: successfully committed proposal: took = 7.192771msBuat folder untuk menyimpan backup etcd.
mkdir etcd
cd etcdAmbil snapshot etcd dengan perintah.
etcdctl snapshot save backup.dbCek status snapshot.
etcdctl --write-out=table snapshot status backup.db+----------+----------+------------+------------+
| HASH | REVISION | TOTAL KEYS | TOTAL SIZE |
+----------+----------+------------+------------+
| 2ddb9172 | 97897 | 1497 | 24 MB |
+----------+----------+------------+------------+Kubernetes etcd Restore Using Snapshot Backup #
Hapus atau rename folder etcd.
cd /var/lib/
mv etcd etcd-origLalu restore etcd dengan perintah.
etcdctl snapshot restore --data-dir etcd /root/etcd/backup.db{"level":"info","ts":1690686164.8587801,"caller":"snapshot/v3_snapshot.go:306","msg":"restoring snapshot","path":"/root/etcd/backup.db","wal-dir":"etcd/member/wal","data-dir":"etcd","snap-dir":"etcd/member/snap"}
{"level":"info","ts":1690686164.8927898,"caller":"mvcc/kvstore.go:388","msg":"restored last compact revision","meta-bucket-name":"meta","meta-bucket-name-key":"finishedCompactRev","restored-compact-revision":63305}
{"level":"info","ts":1690686164.9036953,"caller":"membership/cluster.go:392","msg":"added member","cluster-id":"cdf818194e3a8c32","local-member-id":"0","added-peer-id":"8e9e05c52164694d","added-peer-peer-urls":["http://localhost:2380"]}
{"level":"info","ts":1690686164.9086843,"caller":"snapshot/v3_snapshot.go:326","msg":"restored snapshot","path":"/root/etcd/backup.db","wal-dir":"etcd/member/wal","data-dir":"etcd","snap-dir":"etcd/member/snap"}Cek ID container etcd.
crictl ps --name etcdCONTAINER IMAGE CREATED STATE NAME ATTEMPT POD ID POD
4c7b96af61c12 86b6af7dd652c1b38118be1c338e9354b33469e69a218f7e290a0ca5304ad681 7 minutes ago Running etcd 10 49b4587e6ae44 etcd-manStop container etcd.
crictl stop 4c7b96af61c12Tunggu beberapa saat sampai container etcd dibuat ulang.
etcdctl command usage #
Check performance etcd cluster
etcdctl check perfCheck status and health endpoint etcd
etcdctl endpoint health && etcdctl endpoint statusGet all keys
etcdctl get --prefix=true --keys-only /Delete key
etcdctl del --prefix=true /registry/pods/site/demo-c96794899-sgcgzBisa untuk menghapus paksa pods atau membuat ulang pod jika menggunakan deployment {: .prompt-tip }
