Kubernetes - ETCD Haute disponibilité
Alasta 24 Août 2024 kubernetes kubernetes etcd backup
Description : Kubernetes, haute disponibilité
ETCD HA
Dans un cluster, il y a 2 méthodes pour le HA ETCD:
- Sur le control plane (stacked) ou ETCD est adressé en localhost
- Dans un cluster ETCD externe, qui doit être configuré avant de configuré Kubernetes
Liste des membres dans un cluster ETCD:
ETCDCTL_API=3 etcdctl \
--endpoints=https://127.0.0.1:2379 \
--cacert=/etc/etcd/pki/ca.pem \
--cert=/etc/etcd/pki/etcd.pem \
--key=/etc/etcd/pki/etcd-key.pem \
member list
95d6ef15e562b474, started, etcd-server, https://192.20.36.19:2380, https://192.20.36.19:2379, falseNote: le endpoint est en localhost donc ETCD stacked.
ETCD Externe
Backup
Copie du snapshot sur le serveur ETCD
backup-server$ scp /opt/cluster2.db etcd-server:/rootRestauration
etcd-server$ ETCDCTL_API=3 etcdctl --endpoints=https://127.0.0.1:2379 --cacert=/etc/etcd/pki/ca.pem --cert=/etc/etcd/pki/etcd.pem --key=/etc/etcd/pki/etcd-key.pem snapshot restore /root/cluster2.db --data-dir /var/lib/etcd-data-new
{"level":"info","ts":1721940922.0441437,"caller":"snapshot/v3_snapshot.go:296","msg":"restoring snapshot","path":"/root/cluster2.db","wal-dir":"/var/lib/etcd-data-new/member/wal","data-dir":"/var/lib/etcd-data-new","snap-dir":"/var/lib/etcd-data-new/member/snap"}
{"level":"info","ts":1721940922.060755,"caller":"mvcc/kvstore.go:388","msg":"restored last compact revision","meta-bucket-name":"meta","meta-bucket-name-key":"finishedCompactRev","restored-compact-revision":951}
{"level":"info","ts":1721940922.0667593,"caller":"membership/cluster.go:392","msg":"added member","cluster-id":"cdf818194e3a8c32","local-member-id":"0","added-peer-id":"8e9e05c52164694d","added-peer-peer-urls":["http://localhost:2380"]}
{"level":"info","ts":1721940922.0732546,"caller":"snapshot/v3_snapshot.go:309","msg":"restored snapshot","path":"/root/cluster2.db","wal-dir":"/var/lib/etcd-data-new/member/wal","data-dir":"/var/lib/etcd-data-new","snap-dir":"/var/lib/etcd-data-new/member/snap"}MAJ du service
etcd-server$ vi /etc/systemd/system/etcd.service
[Unit]
Description=etcd key-value store
Documentation=https://github.com/etcd-io/etcd
After=network.target
[Service]
User=etcd
Type=notify
ExecStart=/usr/local/bin/etcd \
--name etcd-server \
--data-dir=/var/lib/etcd-data-new \
---End of Snippet---Note: Modification de –data-dir
Refaire les permission
etcd-server$ chown -R etcd:etcd /var/lib/etcd-data-new
etcd-server$ ls -ld /var/lib/etcd-data-new/
drwx------ 3 etcd etcd 4096 Jul 15 20:55 /var/lib/etcd-data-new/Redémarrage des services
etcd-server$ systemctl daemon-reload
etcd-server$ systemctl etcd restartOptionnellement il est recommendé de redémarrer les composants du control plane.