![]()
简介
家里有两个k8s,树莓派使用的是k3s,nuc上就是正常的x86的k8s,树莓派k3s使用的是mysql,mysql也是使用cronjob每天跑的备份,但是nuc中的etcd一直没有备份过,所以今天就准备备份下
要做的事情很简单,就是etcd快照,完了之后就直接扔到minio中
操作
本来想的是使用python的etcd库做备份的,但是不知道为什么依赖一直没有安装好,索性就不装逼了直接使用etcd cli去snapshot,因为etcd的备份需要使用证书,所以就直接拿出证书放到项目的ssl目录下面了
导入库
1 2 3 4
| import os import time from minio import Minio from minio.error import S3Error
|
下面是脚本的一些配置参数
1 2 3 4 5 6 7 8
| now=time.strftime("%Y%m%d", time.localtime())
etcd_url="" cacert="./ssl/ca.pem" cert="./ssl/node-node1.pem" key="./ssl/node-node1-key.pem" backup_file_name="etcd-"+ now
|
没错,snapshot文件就使用时间去命名了
之后就是创建快照函数
1 2 3
| def create_snapshot(): command="ETCDCTL_API=3 etcdctl --endpoints=" + etcd_url + " --cacert=" + cacert + " --cert=" + cert + " --key="+ key + " snapshot save " + backup_file_name os.system(command=command)
|
完了之后就直接上传到minio
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
| def upload_to_minio(): client=Minio( "oss.example.cn:9000", access_key="", secret_key="", secure=False ) found=client.bucket_exists("etcd-backup") if not found: client.make_bucket("etcd-backup") print("etcd-backup bucket created") else: pass client.fput_object("etcd-backup",backup_file_name,backup_file_name)
|
因为我的minio是没有配置https的所以配置了secure=False
之后就是主函数
1 2 3 4 5 6 7 8 9
| if __name__ == "__main__": try: create_snapshot() except Exception as e: print(e) try: upload_to_minio() except S3Error as e: print("upload failed: "+ e)
|
接着就是cronjob的配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
| apiVersion: batch/v1beta1 kind: CronJob metadata: creationTimestamp: null name: etcd-backup namespace: cronjob spec: failedJobsHistoryLimit: 5 jobTemplate: metadata: creationTimestamp: null spec: template: metadata: creationTimestamp: null spec: containers: - image: registry.bboysoul.cn/rpi/etcd-backup:87abd366c81cbe4b7d0edb20670a5755e0506d13 imagePullPolicy: IfNotPresent name: etcd-backup resources: {} restartPolicy: Never schedule: 0 3 * * * successfulJobsHistoryLimit: 5 status: {}
|
之后就是配置流水线,我使用的是drone加argocd,这里有个问题就是argocd是没有arm二进制的,我就网上找了一个arm的镜像复制出来,自己做了一个镜像,下面是dockerfile
1 2 3 4 5 6
| FROM debian:stable-slim RUN apt update -y && \ apt install git -y && \ rm -rf /var/lib/apt/lists/* COPY ./argocd /bin COPY ./kubectl /bin
|
然后是drone的流水线
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
| --- kind: pipeline type: kubernetes name: build
platform: os: linux arch: arm
steps: - name: docker image: plugins/docker settings: username: ???? password: ??? repo: registry.bboysoul.cn/rpi/etcd-backup registry: registry.bboysoul.cn tags: - latest - ${DRONE_COMMIT_SHA}
- name: sync app image: bboysoul/argocd:v2.0.0-1 commands: - git clone ?????? - cd argocd-yaml/etcd-backup - kubectl set image -f cronjob.yaml etcd-backup=registry.bboysoul.cn/rpi/etcd-backup:${DRONE_COMMIT_SHA} --local --dry-run=client -o yaml >temp - mv temp cronjob.yaml - git add . - git commit -m "change image registry.bboysoul.cn/rpi/etcd-backup:${DRONE_COMMIT_SHA}" - git push origin master - argocd login --insecure --username ????? --password ?????? 10.10.100.76 - argocd app sync etcd-bakcup - argocd app wait etcd-bakcup
|
argocd的app
1 2 3 4 5 6 7 8 9 10 11 12 13 14
| apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: 'etcd-bakcup' spec: destination: namespace: 'cronjob' server: '?????' source: path: './etcd-backup' repoURL: '????????????' targetRevision: HEAD project: 'default'
|
之后看下怎么完善下加个备份完成之后的通知啊什么的
欢迎关注我的博客www.bboy.app
Have Fun