3.3
登录etcd集群中的一台,做移除节点的操作
查看集群成员
etcdctl --endpoints https://127.0.0.1:2379 --ca-file=ca.crt --cert-file=server.crt --key-file=server.key member list
移除节点
etcdctl --endpoints https://127.0.0.1:2379 --ca-file=ca.crt --cert-file=server.crt --key-file=server.key member remove dba859797c59d10b
生成node节点join集群的参数
kubeadm token create --print-join-command
生成master节点join集群的certificate-key
kubeadm init phase upload-certs --upload-certs
--token
--discovery-token-ca-cert-hash sha256: openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
--control-plane --certificate-key
3.4
查询所有key
etcdctl --endpoints="https://192.168.130.207:2379" --cacert=ca.crt --cert=server.crt --key=server.key --prefix --keys-only=true get /
查看集群状态
etcdctl --cacert=/opt/kubernetes/ssl/ca.pem --cert=/opt/kubernetes/ssl/server.pem --key=/opt/kubernetes/ssl/server-key.pem --endpoints=https://192.168.1.36:2379,https://192.168.1.37:2379,https://192.168.1.38:2379 endpoint health
备份
snapshot save /data/etcd_backup_dir/etcd-snapshot-`date +%Y%m%d`.db
恢复
snapshot restore /data/etcd_backup_dir/etcd-snapshot-20191222.db --data-dir=/var/lib/etcd/default.etcd #恢复不用认证
查看集群信息
etcdctl --endpoints="https://192.168.130.207:2379" --cacert=ca.crt --cert=server.crt --key=server.key -w table endpoint --cluster status
