本文由 发布,转载请注明出处,如有问题请联系我们! 发布时间: 2021-05-28Kubernetes-3.3:ETCD集群搭建及使用(https认证+数据备份恢复)
加载中Kubernetes-3.3:ETCD群集构建及应用(https验证 备份数据修复)
自然环境详细介绍
根据CentOS Linux release 7.9.2009 (Core)
| ip | hostname | role |
|---|---|---|
| 172.17.0.4 | cd782d0a790b | etcd1 |
| 172.17.0.3 | 83d43a1203f6 | etcd2 |
| 172.17.0.2 | 99dac45f202c | etcd3 |
## 先加上 yum 库房
## docker-ce
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
## epel
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
安裝docker-ce
yum install -y yum-utils device-mapper-persistent-data lvm2 docker-ce
安裝go,非务必(假如编译程序安裝,则要有go自然环境)
yum install golang
别的
yum -y install ansible git iproute
逐渐搭建etcd群集(yum 安裝)
yum -y install etcd
## 查询版本号
[root@cd782d0a790b data]# etcdctl -v
etcdctl version: 3.3.11
API version: 2
1、根据http协议书搭建群集
编写环境变量
cat /etc/etcd/etcd.conf
## etcd储存途径
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
## 用以监视群集内全部etcd通信的URL目录
ETCD_LISTEN_PEER_URLS="http://172.17.0.4:2380"
## 用以监视手机客户端通信的URL目录
ETCD_LISTEN_CLIENT_URLS="http://172.17.0.4:2379,http://127.0.0.1:2379"
## 群集名称
ETCD_NAME="etcd1"
## 开启快照更新到电脑硬盘的已提交事务管理的总数
ETCD_SNAPSHOT_COUNT="10000"
## 心率时间间隔,企业ms
ETCD_HEARTBEAT_INTERVAL="250"
## 大选的请求超时時间,企业ms
ETCD_ELECTION_TIMEOUT="5000"
## 列举该设备的通讯 URL 便于通知给群集的别的组员
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://172.17.0.4:2380"
## 列举该设备的手机客户端联接URL,通知给群集中的别的组员
ETCD_ADVERTISE_CLIENT_URLS="http://172.17.0.4:2379"
## 运行复位群集配备
ETCD_INITIAL_CLUSTER="etcd1=http://172.17.0.4:2380,etcd2=http://172.17.0.3:2380,etcd3=http://172.17.0.2:2380"
## 在运行期内用以 etcd 群集的复位群集标记
ETCD_INITIAL_CLUSTER_TOKEN="k8s_etcd"
## 复位群集情况,一般在新创建群集时填new,如果是添加某一现有的群集,则填好existing
ETCD_INITIAL_CLUSTER_STATE="new"
## 分销模式设定
ETCD_PROXY="off"
## 是不是逐渐全自动缩小,0表明关掉全自动缩小。
ETCD_AUTO_COMPACTION_RETENTION="8"
## METRICS插口,用以给予给监管连接的
ETCD_METRICS="basic"
留意:三个环境变量大致內容基本上类似,必须留意的是ETCD_NAME和该设备的ip详细地址要随着变更
添加systemctl管理方法
cat /usr/lib/systemd/system/etcd.service
[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target
[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
EnvironmentFile=-/etc/etcd/etcd.conf
User=etcd
# set GOMAXPROCS to number of processors
ExecStart=/bin/bash -c "GOMAXPROCS=$(nproc) /usr/bin/etcd --name=\"${ETCD_NAME}\" --data-dir=\"${ETCD_DATA_DIR}\" --listen-client-urls=\"${ETCD_LISTEN_CLIENT_URLS}\""
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
运行服务项目,查验身心健康情况
## 三台都运行
systemctl start etcd
## 查询群集
[root@cd782d0a790b /]# etcdctl member list
d02233d35f3c4b94: name=etcd3 peerURLs=http://172.17.0.2:2380 clientURLs=http://172.17.0.2:2379 isLeader=false
e302fd1dad15f911: name=etcd1 peerURLs=http://172.17.0.4:2380 clientURLs=http://172.17.0.4:2379 isLeader=true
ef7057d9f69d96ad: name=etcd2 peerURLs=http://172.17.0.3:2380 clientURLs=http://172.17.0.3:2379 isLeader=false
## 查验身心健康情况
[root@cd782d0a790b /]# etcdctl cluster-health
member d02233d35f3c4b94 is healthy: got healthy result from http://172.17.0.2:2379
member e302fd1dad15f911 is healthy: got healthy result from http://172.17.0.4:2379
member ef7057d9f69d96ad is healthy: got healthy result from http://172.17.0.3:2379
之上为默认设置的 API version: 2,能够将 API version 改成 3,再度查询
export ETCDCTL_API=3
HOST_1=172.17.0.2
HOST_2=172.17.0.3
HOST_3=172.17.0.4
ENDPOINTS=$HOST_1:2379,$HOST_2:2379,$HOST_3:2379
## 查询list
[root@cd782d0a790b /]# etcdctl --endpoints=$ENDPOINTS member list
d02233d35f3c4b94, started, etcd3, http://172.17.0.2:2380, http://172.17.0.2:2379
e302fd1dad15f911, started, etcd1, http://172.17.0.4:2380, http://172.17.0.4:2379
ef7057d9f69d96ad, started, etcd2, http://172.17.0.3:2380, http://172.17.0.3:2379
## 查验health
[root@cd782d0a790b /]# etcdctl --endpoints=$ENDPOINTS endpoint health
172.17.0.2:2379 is healthy: successfully committed proposal: took = 7.5093ms
172.17.0.4:2379 is healthy: successfully committed proposal: took = 5.568两米s
172.17.0.3:2379 is healthy: successfully committed proposal: took = 8.0291ms
## 查看status
[root@cd782d0a790b /]# etcdctl --write-out=table --endpoints=$ENDPOINTS endpoint status
----------------- ------------------ --------- --------- ----------- ----------- ------------
| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | RAFT TERM | RAFT INDEX |
----------------- ------------------ --------- --------- ----------- ----------- ------------
| 172.17.0.2:2379 | d02233d35f3c4b94 | 3.3.11 | 16 kB | false | 129 | 12 |
| 172.17.0.3:2379 | ef7057d9f69d96ad | 3.3.11 | 16 kB | false | 129 | 12 |
| 172.17.0.4:2379 | e302fd1dad15f911 | 3.3.11 | 20 kB | true | 129 | 12 |
----------------- ------------------ --------- --------- ----------- ----------- ------------
实际大量实际操作能够查询etcd官方网站demo:https://etcd.io/docs/v3.4/demo/
2、根据https搭建群集
最先必须转化成资格证书,免费下载资格证书转化成专用工具
curl -s -L -o /usr/local/bin/cfssl https://pkg.cfssl.org/R1.2/cfssl_linux-amd64
curl -s -L -o /usr/local/bin/cfssljson https://pkg.cfssl.org/R1.2/cfssljson_linux-amd64
curl -s -L -o /usr/local/bin/cfssl-certinfo https://pkg.cfssl.org/R1.2/cfssl-certinfo_linux-amd64
chmod x /usr/local/bin/cfssl*
逐渐转化成资格证书
## CA组织 配备,有效期限十年
[root@cd782d0a790b cert]# cat > ca-config.json << EOF
{
"signing": {
"default": {
"expiry": "87600h"
},
"profiles": {
"etcd": {
"expiry": "87600h",
"usages": [
"signing",
"key encipherment",
"server auth",
"client auth"
]
}
}
}
}
EOF
"字段名表明"
"ca-config.json":能够界定好几个 profiles,各自特定不一样的到期時间、应用情景等主要参数;事后在签字资格证书时应用某一 profile;
"signing":表明该资格证书可用以签字其他资格证书;转化成的 ca.pem 资格证书中 CA=TRUE;
"server auth":表明client可以用该 CA 对server给予的资格证书开展认证;
"client auth":表明server可以用该 CA 对client给予的资格证书开展认证;
## CA组织 配备,机构Comman Name,所在城市Country我国, State省, Locality市
[root@cd782d0a790b cert]# cat > ca-csr.json << EOF
{
"CN": "etcd CA",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"ST": "Beijing",
"L": "Beijing"
}
]
}
EOF
## 向ca机构申请办理:资格证书申请注册 (我国,北京省,北京),每一个连接点用同样的资格证书,因此要填好全部主机ip
[root@cd782d0a790b cert]# cat > server-csr.json << EOF
{
"CN": "etcd",
"hosts": [
"172.17.0.2",
"172.17.0.3",
"172.17.0.4"
],
"names": [
{
"C": "CN",
"ST": "BeiJing",
"L": "BeiJing",
"O":"aa.com",
"CN":"beijing.aa.com"
}
]
}
EOF
要求文档所有编写好后:## 转化成ca证书和key
cfssl gencert -initca ca-csr.json | cfssljson -bare ca -
## 转化成etcd资格证书和key,留意这儿的-profile的值务必和ca-config中的profiles的值一样
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=etcd server-csr.json | cfssljson -bare server
## 转化成资格证书以下
[root@cd782d0a790b ssl]# ls *.pem
ca-key.pem ca.pem server-key.pem server.pem
## 取值读管理权限
chmod 644 *.pem
之上状况是手机客户端、服务器端、群集内peer通讯全是用同一个资格证书,具体情况中,能够把它分成好几个,设定不一样的作用,不一样的期满時间,比如以下:
## ca证书转化成,在这里界定了几类不一样的资格证书种类
[root@cd782d0a790b cert]# cat > ca-config.json << EOF
{
"signing": {
"default": {
"expiry": "168h"
},
"profiles": {
"server": {
"expiry": "8760h",
"usages": [
"signing",
"key encipherment",
"server auth"
]
},
"client": {
"expiry": "8760h",
"usages": [
"signing",
"key encipherment",
"client auth"
]
},
"peer": {
"expiry": "8760h",
"usages": [
"signing",
"key encipherment",
"server auth",
"client auth"
]
}
}
}
}
EOF
"种类表明"
在这其中界定3个profile
"server" 做为网络服务器与手机客户端通讯时的服务器证书
"client" 做为网络服务器与手机客户端通讯时的客户端证书
"peer" 做为网络服务器间通信时要的资格证书,既验证网络服务器也验证手机客户端
cat > ca-csr.json << EOF
{
"CN": "etcd CA",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"ST": "Beijing",
"L": "Beijing"
}
]
}
EOF
## 这类是独立的,分别应用自身的peer资格证书,留意名称要不一样,全部的设备都需要实行一次
[root@cd782d0a790b cert]# cat > etcd1-csr.json << EOF
{
"CN": "etcd1",
"hosts": [
"172.17.0.2"
],
"names": [
{
"C": "CN",
"ST": "BeiJing",
"L": "BeiJing",
"O":"aa.com",
"CN":"beijing.aa.com"
}
]
}
EOF
要求文档所有编写好后:
## 转化成ca证书和key
cfssl gencert -initca ca-csr.json | cfssljson -bare ca -
## 转化成etcd资格证书和key,留意这儿的-profile的值务必和ca-config中的profiles的值一样
for i in `seq 1 5`;do cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=peer etcd${i}-csr.json | cfssljson -bare etcd${i};done
[root@cd782d0a790b ssl]# ls
ca-config.json ca.csr etcd1-key.pem etcd2-csr.json etcd2.pem etcd3.csr etcd4-key.pem etcd5-csr.json etcd5.pem
ca-csr.json ca.pem etcd1.csr etcd2-key.pem etcd3-csr.json etcd3.pem etcd4.csr etcd5-key.pem server.pem
ca-key.pem etcd1-csr.json etcd1.pem etcd2.csr etcd3-key.pem etcd4-csr.json etcd4.pem etcd5.csr
## 取值读管理权限
chmod 644 *.pem
如果是每一个网络服务器独立的资格证书,下面etcd的配备,包含查询、查验情况时,所特定的资格证书,都特定该设备的就可以
改动etcd.conf配备
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="https://172.17.0.4:2380"
ETCD_LISTEN_CLIENT_URLS="https://172.17.0.4:2379,https://127.0.0.1:2379"
ETCD_NAME="etcd1"
ETCD_SNAPSHOT_COUNT="10000"
ETCD_HEARTBEAT_INTERVAL="250"
ETCD_ELECTION_TIMEOUT="5000"
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://172.17.0.4:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://172.17.0.4:2379"
ETCD_INITIAL_CLUSTER="etcd1=https://172.17.0.4:2380,etcd2=https://172.17.0.3:2380,etcd3=https://172.17.0.2:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd"
ETCD_INITIAL_CLUSTER_STATE="new"
ETCD_PROXY="off"
## etcd 手机客户端与服务器端通讯的资格证书和key
ETCD_CERT_FILE="/data/cert/ssl/etcd1.pem"
ETCD_KEY_FILE="/data/cert/ssl/etcd1-key.pem"
ETCD_CLIENT_CERT_AUTH="true"
## ca证书
ETCD_TRUSTED_CA_FILE="/data/cert/ssl/ca.pem"
## etcd 群集內部通讯资格证书和key
ETCD_PEER_CERT_FILE="/data/cert/ssl/etcd1.pem"
ETCD_PEER_KEY_FILE="/data/cert/ssl/etcd1-key.pem"
ETCD_PEER_CLIENT_CERT_AUTH="true"
ETCD_PEER_TRUSTED_CA_FILE="/data/cert/ssl/ca.pem"
ETCD_AUTO_COMPACTION_RETENTION="8"
ETCD_METRICS="basic"
将http所有更改成https,随后特定资格证书的途径的途径
重新启动服务项目
systemctl restart etcd
## 重新启动时,报相近不正确
request sent was ignored (cluster ID mismatch: peer[61c68880c0fd8e67]=47ca0413c1aaf745, local=755bf44e2e1770ae)
或
publish error: etcdserver: request timed out
## 由于以前运行过http的etcd群集,早已有数据信息储存,因为这种脏数据造成的,全部连接点所有数据删除后,重新启动就可以
rm -rf /var/lib/etcd/default.etcd/*
查验情况
export ETCDCTL_API=3
HOST_1=https://172.17.0.2
HOST_2=https://172.17.0.3
HOST_3=https://172.17.0.4
ENDPOINTS=$HOST_1:2379,$HOST_2:2379,$HOST_3:2379
## list
etcdctl --endpoints=$ENDPOINTS --cacert="/data/cert/ssl/ca.pem" --cert="/data/cert/ssl/etcd1.pem" --key="/data/cert/ssl/etcd1-key.pem" member list --write-out=table
------------------ --------- ------- ------------------------- -------------------------
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS |
------------------ --------- ------- ------------------------- -------------------------
| 37ab29a4575d84d2 | started | etcd3 | https://172.17.0.2:2380 | https://172.17.0.2:2379 |
| 3e6a29fd4717a79a | started | etcd2 | https://172.17.0.3:2380 | https://172.17.0.3:2379 |
| 653155eddc689793 | started | etcd1 | https://172.17.0.4:2380 | https://172.17.0.4:2379 |
------------------ --------- ------- ------------------------- -------------------------
## status
etcdctl --endpoints=$ENDPOINTS --cacert="/data/cert/ssl/ca.pem" --cert="/data/cert/ssl/etcd1.pem" --key="/data/cert/ssl/etcd1-key.pem" endpoint status --write-out=table
------------------------- ------------------ --------- --------- ----------- ----------- ------------
| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | RAFT TERM | RAFT INDEX |
------------------------- ------------------ --------- --------- ----------- ----------- ------------
| https://172.17.0.2:2379 | 37ab29a4575d84d2 | 3.3.11 | 20 kB | false | 1064 | 139 |
| https://172.17.0.3:2379 | 3e6a29fd4717a79a | 3.3.11 | 20 kB | true | 1064 | 139 |
| https://172.17.0.4:2379 | 653155eddc689793 | 3.3.11 | 20 kB | false | 1064 | 139 |
------------------------- ------------------ --------- --------- ----------- ----------- ------------
3、ETCD群集中加上连接点
member add 加上
## add
etcdctl --endpoints=$ENDPOINTS --cacert="/data/cert/ssl/ca.pem" --cert="/data/cert/ssl/etcd1.pem" --key="/data/cert/ssl/etcd1-key.pem" member add etcd4 --peer-urls=https://172.17.0.5:2380
Member 71f4582f1c4ba901 added to cluster a89c967de8e14b61
ETCD_NAME="etcd4"
ETCD_INITIAL_CLUSTER="etcd3=https://172.17.0.2:2380,etcd2=https://172.17.0.3:2380,etcd1=https://172.17.0.4:2380,etcd4=https://172.17.0.5:2380"
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://172.17.0.5:2380"
ETCD_INITIAL_CLUSTER_STATE="existing"
## list
etcdctl --endpoints=$ENDPOINTS --cacert="/data/cert/ssl/ca.pem" --cert="/data/cert/ssl/etcd1.pem" --key="/data/cert/ssl/etcd1-key.pem" member list --write-out=table
------------------ ----------- ------- ------------------------- -------------------------
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS |
------------------ ----------- ------- ------------------------- -------------------------
| 37ab29a4575d84d2 | started | etcd3 | https://172.17.0.2:2380 | https://172.17.0.2:2379 |
| 3e6a29fd4717a79a | started | etcd2 | https://172.17.0.3:2380 | https://172.17.0.3:2379 |
| 653155eddc689793 | started | etcd1 | https://172.17.0.4:2380 | https://172.17.0.4:2379 |
| e321a980939fe867 | unstarted | | https://172.17.0.5:2380 | |
------------------ ----------- ------- ------------------------- -------------------------
留意:加上连接点时,务必把群集情况修补结束,才可以再次加上下一个,不然出错相近:Error: etcdserver: unhealthy cluster
最后etcd4的环境变量以下
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="https://172.17.0.5:2380"
ETCD_LISTEN_CLIENT_URLS="https://172.17.0.5:2379,https://127.0.0.1:2379"
ETCD_NAME="etcd4"
ETCD_SNAPSHOT_COUNT="10000"
ETCD_HEARTBEAT_INTERVAL="250"
ETCD_ELECTION_TIMEOUT="5000"
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://172.17.0.5:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://172.17.0.5:2379"
ETCD_INITIAL_CLUSTER="etcd1=https://172.17.0.4:2380,etcd2=https://172.17.0.3:2380,etcd3=https://172.17.0.2:2380,etcd4=https://172.17.0.5:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd"
ETCD_INITIAL_CLUSTER_STATE="existing"
ETCD_PROXY="off"
ETCD_CERT_FILE="/data/cert/ssl/etcd4.pem"
ETCD_KEY_FILE="/data/cert/ssl/etcd4-key.pem"
ETCD_CLIENT_CERT_AUTH="true"
ETCD_TRUSTED_CA_FILE="/data/cert/ssl/ca.pem"
ETCD_PEER_CERT_FILE="/data/cert/ssl/etcd4.pem"
ETCD_PEER_KEY_FILE="/data/cert/ssl/etcd4-key.pem"
ETCD_PEER_CLIENT_CERT_AUTH="true"
ETCD_PEER_TRUSTED_CA_FILE="/data/cert/ssl/ca.pem"
ETCD_AUTO_COMPACTION_RETENTION="8"
ETCD_METRICS="basic"
运行etcd4,查询群集情况
systemctl start etcd
export ETCDCTL_API=3
HOST_1=https://172.17.0.2
HOST_2=https://172.17.0.3
HOST_3=https://172.17.0.4
HOST_4=https://172.17.0.5
ENDPOINTS=$HOST_1:2379,$HOST_2:2379,$HOST_3:2379,$HOST_4:2379
## list
etcdctl --endpoints=$ENDPOINTS --cacert="/data/cert/ssl/ca.pem" --cert="/data/cert/ssl/etcd1.pem" --key="/data/cert/ssl/etcd1-key.pem" member list --write-out=table
------------------ --------- ------- ------------------------- -------------------------
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS |
------------------ --------- ------- ------------------------- -------------------------
| 37ab29a4575d84d2 | started | etcd3 | https://172.17.0.2:2380 | https://172.17.0.2:2379 |
| 3e6a29fd4717a79a | started | etcd2 | https://172.17.0.3:2380 | https://172.17.0.3:2379 |
| 653155eddc689793 | started | etcd1 | https://172.17.0.4:2380 | https://172.17.0.4:2379 |
| e321a980939fe867 | started | etcd4 | https://172.17.0.5:2380 | https://172.17.0.5:2379 |
------------------ --------- ------- ------------------------- -------------------------
## status
etcdctl --endpoints=$ENDPOINTS --cacert="/data/cert/ssl/ca.pem" --cert="/data/cert/ssl/etcd1.pem" --key="/data/cert/ssl/etcd1-key.pem" endpoint status --write-out=table
------------------------- ------------------ --------- --------- ----------- ----------- ------------
| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | RAFT TERM | RAFT INDEX |
------------------------- ------------------ --------- --------- ----------- ----------- ------------
| https://172.17.0.2:2379 | 37ab29a4575d84d2 | 3.3.11 | 20 kB | false | 1066 | 159 |
| https://172.17.0.3:2379 | 3e6a29fd4717a79a | 3.3.11 | 20 kB | false | 1066 | 159 |
| https://172.17.0.4:2379 | 653155eddc689793 | 3.3.11 | 20 kB | true | 1066 | 159 |
| https://172.17.0.5:2379 | e321a980939fe867 | 3.3.11 | 20 kB | false | 1066 | 159 |
------------------------- ------------------ --------- --------- ----------- ----------- ------------
4、备份数据及修复ETCD群集数据信息
备份数据
## 自然环境配备
export ETCDCTL_API=3
kubectl get nodes -o wide
HOST_1=https://10.36.234.169
HOST_2=https://10.36.234.180
HOST_3=https://10.36.235.19
ENDPOINTS=$HOST_1:2379,$HOST_2:2379,$HOST_3:2379
## 备份数据
etcdctl --endpoints=$ENDPOINTS --cacert="/etc/ssl/etcd/ssl/ca.pem" --cert="/etc/ssl/etcd/ssl/member-gzbh-intelmbx043.gzbh.baidu.com.pem" --key="/etc/ssl/etcd/ssl/member-gzbh-intelmbx043.gzbh.baidu.com-key.pem" snapshot save my.db
Snapshot saved at my.db
## 查询
[root@gzbh-intelmbx043 etcd_data]# ls
my.db
修复
## 终止etcd服务项目
systemctl stop etcd
## 删掉原数据信息(如原数据信息关键,还记得备份数据!)
rm -rf /var/lib/etcd
## 修复,如果是几台设备群集方式,每一个设备都需要导进
etcdctl --endpoints=https://10.61.187.39:2379 --cacert="/etc/ssl/etcd/ssl/ca.pem" --cert="/etc/ssl/etcd/ssl/member-yq01-aip-aikefu06e1a866.yq01.baidu.com.pem" --key="/etc/ssl/etcd/ssl/member-yq01-aip-aikefu06e1a866.yq01.baidu.com-key.pem" snapshot restore my.db --name=etcd1 --initial-cluster etcd1=https://10.61.187.39:2380 --initial-cluster-token etcd_test --initial-advertise-peer-urls https://10.61.187.39:2380 --data-dir=/var/lib/etcd/
2021-05-25 16:05:02.784608 I | mvcc: restore compact to 6104817
2021-05-25 16:05:02.802119 I | etcdserver/membership: added member 67745b5848ce7e3c [https://10.61.187.39:2380] to cluster 1256ee7f1ba66254
## 运行服务项目就可以
systemctl start etcd
必须留意:数据信息的备份与恢复是个比较敏感实际操作,一定要慎重!
