This content originally appeared on DEV Community and was authored by Sina Tavakkol
Day 35/40
Kubernetes ETCD Backup And Restore Explained
Video Link
@piyushsachdeva
Git Repository
My Git Repo
In the section we're looking at etcd backup and restore which is a very important for Kubernetes administrators.
We need to take the backup of objects.
- Get all components in yaml format into yaml file:
root@localhost:~# kubectl get all -A -o yaml > backup.yaml
It's not efficient way to backing up the cluster because we didn't backup the persistent data and some other data which is not part of these manifests.
-
etcdmanifest's spec
(Photo from the video)
The
/var/lib/etcdis the default directory whichetcddata stores its configuration data.The
https://127.0.0.1:2379is whereetcdclient is listening and the requests ofkubectlsent byapi-serverto this url.-
The keys of
etcdthat is sent are mentioned too.- --cert-file=/etc/kubernetes/pki/etcd/server.crt
- --key-file=/etc/kubernetes/pki/etcd/server.key
- --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
We have 2 volume mounts:
(Photo from the video)
- `etcd-data`: /var/lib/etcd - the data directory
- `etcd-cets`: /etc/kubernetes/pki/etcd - the cert keys directory
- Install the
etcdctlutility
root@localhost:~# apt install etcd-client -y
- Create an
envfor latest version of the utility because it uses version 2 by default.
root@localhost:~# export ETCDCTL_API=3
- Built-in snapshot source
root@localhost:~# etcdctl --endpoints=https://127.0.0.1:2379 \
--cacert=/etc/kubernetes/pki/etcd/ca.crt \
--cert=/etc/kubernetes/pki/etcd/server.crt \
--key=/etc/kubernetes/pki/etcd/server.key \
snapshot save /opt/etcd-backup.db
- Verify the snapshot
root@localhost:~# etcdctl --write-out=table snapshot status /opt/etcd-backup.db
the output would be like:
(Photo from the video)
- Let's restore the snapshot
Caution:
If any API servers are running in your cluster, you should not attempt to restore instances of etcd. Instead, follow these steps to restore etcd:
- stop all API server instances
- restore state in all etcd instances
- restart all API server instances
root@localhost:~# etcdctl --endpoints=https://127.0.0.1:2379 \
--cacert=/etc/kubernetes/pki/etcd/ca.crt \
--cert=/etc/kubernetes/pki/etcd/server.crt \
--key=/etc/kubernetes/pki/etcd/server.key \
snapshot restore /opt/etcd-backup.db \
--data-dir=/var/lib/etcd-restore-from-backup
Then, we need to edit the etcd manifest in /etc/kubernetes/manifests/etcd.yaml and the value of
- --data-dir option from /var/lib/etcd to /var/lib/etcd-restore-from-backup
- mountPath from /var/lib/etcd to /var/lib/etcd-restore-from-backup
- hostPath from /var/lib/etcd to /var/lib/etcd-restore-from-backup
and restart the kubelet.
This content originally appeared on DEV Community and was authored by Sina Tavakkol
Sina Tavakkol | Sciencx (2024-09-08T02:10:24+00:00) 40 Days Of Kubernetes (35/40). Retrieved from https://www.scien.cx/2024/09/08/40-days-of-kubernetes-35-40/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.