Openshift实现Etcd一键备份与一键恢复脚本
2019-03-05 本文已影响0人
潘晓华Michael
Openshift etcd
一键备份etcd脚本
[root@master01 ~]# cat backup_etcd.sh
#!/bin/bash
export ETCD_POD_MANIFEST="/etc/origin/node/pods/etcd.yaml"
export ETCD_EP=$(grep https ${ETCD_POD_MANIFEST} | cut -d '/' -f3)
oc login -u system:admin
export ETCD_POD=$(oc get pods -n kube-system | grep -o -m 1 '\S*etcd\S*')
oc project kube-system
oc exec ${ETCD_POD} -c etcd -- /bin/sh -c "ETCDCTL_API=3 etcdctl --cert /etc/etcd/peer.crt --key /etc/etcd/peer.key --cacert /etc/etcd/ca.crt --endpoints $ETCD_EP snapshot save /var/lib/etcd/snapshot.db"
today_date=$(date +%Y%m%d)
mkdir -p /backup/${today_date}/etcd
mv /var/lib/etcd/snapshot.db /backup/${today_date}/etcd/snapshot.db
ls /backup/${today_date}/etcd/
echo "success backup etcd"
一键恢复etcd脚本
[root@master01 ~]# cat restore_etcd.sh
#!/bin/bash
snapshot_file_dir=$1
if [ $# -lt 1 ]
then
echo "Please input snapshot file path"
exit 2
fi
export ETCD_POD_MANIFEST="/etc/origin/node/pods/etcd.yaml"
mv ${ETCD_POD_MANIFEST} .
rm -rf /var/lib/etcd
## 获取etcd相关初始化配置项
ETCD_CONFIG_FILE="/etc/etcd/etcd.conf"
etcd_data_dir=$(grep ^ETCD_DATA_DIR= $ETCD_CONFIG_FILE|cut -d= -f2)
etcd_name=$(grep ^ETCD_NAME= $ETCD_CONFIG_FILE|cut -d= -f2)
etcd_initial_cluster=$(grep ^ETCD_INITIAL_CLUSTER= $ETCD_CONFIG_FILE|awk -F'ETCD_INITIAL_CLUSTER=' '{print $2}')
etcd_initial_cluster_token=$(grep ^ETCD_INITIAL_CLUSTER_TOKEN= $ETCD_CONFIG_FILE|cut -d= -f2)
etcd_initial_advertise_peer_urls=$(grep ^ETCD_INITIAL_ADVERTISE_PEER_URLS= $ETCD_CONFIG_FILE|cut -d= -f2)
## 恢复etcd数据
export ETCDCTL_API=3
etcdctl snapshot restore $snapshot_file_dir --data-dir $etcd_data_dir --name $etcd_name --initial-cluster "$etcd_initial_cluster" --initial-cluster-token "$etcd_initial_cluster_token" --initial-advertise-peer-urls $etcd_initial_advertise_peer_urls --skip-hash-check=true
chown -R etcd.etcd /var/lib/etcd/
restorecon -Rv /var/lib/etcd
mv etcd.yaml $ETCD_POD_MANIFEST
一键整理etcd数据,解决证书问题
[root@master01 ~]# cat reset.sh
#!/bin/bash
oc login -u system:admin
projects=$(oc get projects | awk '{print $1}' | grep -v kube-system|grep -v NAME)
for project in $(echo $projects)
do
oc delete secret $(oc get secret -n $project | grep token | awk '{print $1}') -n $project
oc delete pod $(oc get pod -n $project | grep -v NAME | awk '{print $1}') -n $project --force --grace-period=0
done
