我知道服务配置和 secret 存储在RAFT日志中,并且此日志已复制到其他集群管理器。但是,如果整个集群都停止了怎么办? RAFT日志是永久性的还是应该始终保留本地副本?
最佳答案
我最终发现,如果您备份了群集,则应该能够按照文档中的详细说明进行恢复:
Back up the swarm Docker manager nodes store the swarm state and manager logs in the /var/lib/docker/swarm/ directory. In 1.13 and higher, this data includes the keys used to encrypt the Raft logs. Without these keys, you will not be able to restore the swarm.
You can back up the swarm using any manager. Use the following procedure.
If the swarm has auto-lock enabled, you will need the unlock key in order to restore the swarm from backup. Retrieve the unlock key if necessary and store it in a safe location. If you are unsure, read Lock your swarm to protect its encryption key.
Stop Docker on the manager before backing up the data, so that no data is being changed during the backup. It is possible to take a backup while the manager is running (a “hot” backup), but this is not recommended and your results will be less predictable when restoring. While the manager is down, other nodes will continue generating swarm data that will not be part of this backup.
Note: Be sure to maintain the quorum of swarm managers. During the time that a manager is shut down, your swarm is more vulnerable to losing the quorum if further nodes are lost. The number of managers you run is a trade-off. If you regularly take down managers to do backups, consider running a 5-manager swarm, so that you can lose an additional manager while the backup is running, without disrupting your services. Back up the entire /var/lib/docker/swarm directory.
Restart the manager.
关于docker - 如果一群人完全停止了,docker服务配置或 secret 会怎样?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/45617307/