# 单机备份
```
etcdctl --endpoints="https://10.25.72.62:2379" \
        --cert=/etc/etcd/ssl/etcd.pem \
        --key=/etc/etcd/ssl/etcd-key.pem \
        --cacert=/etc/kubernetes/ssl/ca.pem \
        snapshot save snapshot.db
```
# 单机恢复
## etcd停止运行
```
systemctl stop etcd
```
## 使用etcd的v3接口
```
export ETCDCTL_API=3
```
## 恢复
```
etcdctl  snapshot restore snapshot.db \
        --name=SZD-L0105331 \
        --endpoints=https://10.25.72.62:2379 \
        --cacert=/etc/kubernetes/ssl/ca.pem \
        --cert=/etc/etcd/ssl/etcd.pem \
        --key=/etc/etcd/ssl/etcd-key.pem  \
        --initial-cluster=SZD-L0105331=https://10.25.72.62:2380  \
        --initial-advertise-peer-urls=https://10.25.72.62:2380 \
        --initial-cluster-token=etcd-cluster-0 \
        --data-dir=/var/lib/etcd4   # 注意--data-dir参数,以下步骤需要使用
```
#### 修改etcd启动参数--data-dir指向上一步的数据回复目录，一般在/etc/etcd/etcd文件中
```
cat /etc/etcd/etcd
```
```
ETCD_OPTIONS="--name=SZD-L0105331 \
   --client-cert-auth=true \
   --cert-file=/etc/etcd/ssl/etcd.pem \
   --key-file=/etc/etcd/ssl/etcd-key.pem \
   --peer-cert-file=/etc/etcd/ssl/etcd.pem \
   --peer-key-file=/etc/etcd/ssl/etcd-key.pem \
   --trusted-ca-file=/etc/kubernetes/ssl/ca.pem \
   --peer-trusted-ca-file=/etc/kubernetes/ssl/ca.pem \
   --initial-advertise-peer-urls=https://10.25.72.62:2380 \
   --listen-peer-urls=https://10.25.72.62:2380 \
   --listen-client-urls=https://10.25.72.62:2379,https://127.0.0.1:2379 \
   --advertise-client-urls=https://10.25.72.62:2379 \
   --initial-cluster-token=etcd-cluster-0 \
   --initial-cluster=SZD-L0105331=https://10.25.72.62:2380 \
   --initial-cluster-state=new \
   --data-dir=/var/lib/etcd"
```
## etcd启动
```
systemctl start etcd
```

# 集群备份
```
ETCDCTL_API=3 etcdctl --endpoints="https://10.25.84.251:2379,https://10.25.73.25:2379,https://10.25.73.150:2379" --cert=/root/etcd-cluster/etcd.pem --key=/root/etcd-cluster/etcd-key.pem --cacert=/root/etcd-cluster/ca.pem  snapshot save mysnapshot.db
```
# 集群恢复
## 停止集群
***说明：etcd使用RAFT策略完成集群leader选举，且集群数量是奇数，因此，停掉leader不会影响使用，内部会重新选择一个leader***
```
systemctl stop etcd
```
## 删除原数据
***确认已备份***
```
rm -rf /var/lib/etcd
```
## 恢复
```
ETCDCTL_API=3 etcdctl --name=SZD-L0097856 --endpoints="https://10.25.84.251:2379" --cert=/root/etcd-cluster/etcd.pem --key=/root/etcd-cluster/etcd-key.pem --cacert=/root/etcd-cluster/ca.pem --initial-cluster-token=etcd-cluster-0 --initial-advertise-peer-urls=https://10.25.84.251:2380 --initial-cluster=SZD-L0101798=https://10.25.73.25:2380,SZD-L0103739=https://10.25.73.150:2380,SZD-L0097856=https://10.25.84.251:2380 --data-dir=/var/lib/etcd snapshot restore mysnapshot.db
```
## 启动etcd
```
systemctl start etcd
```