kubernetes-CronJob备份etcd
在kube-system创建pvc:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: k8s-backup-pvc
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: "30Gi"
volumeName:
storageClassName: nfs
创建CronJob:
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: etcd-disaster-recovery
namespace: kube-system
spec:
schedule: "0 03 * * *"
jobTemplate:
spec:
template:
metadata:
labels:
app: etcd-disaster-recovery
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- node01
containers:
- name: etcd
image: k8s.gcr.io/etcd:3.3.10
imagePullPolicy: "IfNotPresent"
command:
- sh
- -c
- "export ETCDCTL_API=3; \
etcdctl --endpoints=$ENDPOINT \
--cert=/etc/kubernetes/pki/etcd/server.crt \
--key=/etc/kubernetes/pki/etcd/server.key \
--cacert=/etc/kubernetes/pki/etcd/ca.crt \
snapshot save /snapshot/$(date +%Y%m%d_%H%M%S)_snapshot.db; \
echo etcd backup success"
env:
- name: ENDPOINT
value: "https://127.0.0.1:2379"
volumeMounts:
- mountPath: "/etc/kubernetes/pki/etcd"
name: etcd-certs
- mountPath: "/var/lib/etcd"
name: etcd-data
- mountPath: "/snapshot"
name: snapshot
subPath: data/etcd-snapshot
- mountPath: /etc/localtime
name: lt-config
- mountPath: /etc/timezone
name: tz-config
restartPolicy: OnFailure
volumes:
- name: etcd-certs
hostPath:
path: /etc/kubernetes/pki/etcd
- name: etcd-data
hostPath:
path: /var/lib/etcd
- name: snapshot
persistentVolumeClaim:
claimName: k8s-backup-pvc
- name: lt-config
hostPath:
path: /etc/localtime
- name: tz-config
hostPath:
path: /etc/timezone
hostNetwork: true
