0

我有两个 EKS 集群正在运行,即集群 A 和集群 B。Cluster-A 与我在 nginx-namespace 命名空间中的实际应用程序一起运行,这里我的 pod 正在运行。

Cluster-A 我已经使用带有整个命名空间 nginx-namespace 的 velero 组件进行了备份,请参见下面的输出。

[root@anthonycornell ~]# velero backup get
NAME                          STATUS      ERRORS   WARNINGS   CREATED                         EXPIRES   STORAGE LOCATION   SELECTOR
sep-30-2021-nginx-namespace   Completed   0        0          2021-09-30 04:59:51 +0000 UTC   25d       default            <none>

在 cluster-B 内部,我执行了以下命令来安装 velero

velero install \
--provider aws \
--plugins velero/velero-plugin-for-aws:v1.0.1 \
--bucket my-cluster \
--backup-location-config region=eu-central-1 \
--snapshot-location-config region=eu-central-1 \
--pod-annotations iam.amazonaws.com/role=arn:aws:iam::123456789012:role/ServiceAccount-Velero-Backup \
--secret-file /home/ec2-user/.aws/credentials

运行上述命令后,我的 velero pod 已启动并运行,没有任何问题。

time="2021-10-05T03:18:15Z" level=info msg="Caches are synced" controller=gc-controller logSource="pkg/controller/generic_controller.go:83"
time="2021-10-05T03:18:15Z" level=info msg="Caches are synced" controller=backup logSource="pkg/controller/generic_controller.go:83"
time="2021-10-05T03:18:15Z" level=info msg="Caches are synced" controller=restore logSource="pkg/controller/generic_controller.go:83"
time="2021-10-05T03:18:15Z" level=info msg="Checking for expired DeleteBackupRequests" controller=backup-deletion logSource="pkg/controller/backup_deletion_controller.go:456"
time="2021-10-05T03:18:15Z" level=info msg="Done checking for expired DeleteBackupRequests" controller=backup-deletion logSource="pkg/controller/backup_deletion_controller.go:484"
time="2021-10-05T03:18:15Z" level=info msg="Found 1 backups in the backup location that do not exist in the cluster and need to be synced" backupLocation=default controller=backup-sync logSource="pkg/controller/backup_sync_controller.go:196"
time="2021-10-05T03:18:15Z" level=info msg="Attempting to sync backup into cluster" backup=sep-30-2021-nginx-namespace backupLocation=default controller=backup-sync logSource="pkg/controller/backup_sync_controller.go:204"
time="2021-10-05T03:18:15Z" level=info msg="Successfully synced backup into cluster" backup=sep-30-2021-nginx-namespace backupLocation=default controller=backup-sync logSource="pkg/controller/backup_sync_controller.go:234"

我在上面的日志中没有看到任何错误消息,然后我基于集群 B 中的 s3 存储桶执行了 velero restore 命令。

velero restore create --from-backup sep-30-2021-nginx-namespace

执行上述命令后,我可以恢复我的 nginx 命名空间,包括 pod、svc、部署。

kubectl get all -n nginx-namespace
NAME                         READY   STATUS    RESTARTS   AGE
pod/nginx-6799fc88d8-x4tnd   1/1     Running   0          8m38s

NAME                    READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/nginx   1/1     1            1           8m39s

NAME                               DESIRED   CURRENT   READY   AGE
replicaset.apps/nginx-6799fc88d8   1         1         1       8m39s

想象一下昨天(2021 年 10 月 4 日)的所有上述活动,今天(2021 年 10 月 5 日)我计划使用以下命令在 Cluster-A 中使用应用程序名称选择器进行另一次备份。

velero backup create cms-backup --selector app=myapp

这失败了,出现以下错误消息

velero backup create cms-backup --selector app=cm

time="2021-10-05T03:10:30Z" level=error msg="Error listing backups in backup store" backupLocation=default controller=backup-sync error="rpc error: code = Unknown desc = ExpiredToken: The provided token has expired.\n\tstatus code: 400, request id: GGJQSN5M5ZPW5YE1, host id: 8weTlxL6nPXwHJg8QRZpIzj+fNRX+Phr47d8UyUywPqGt11MryRgnQ8ImvaF92gVImniqlbGCRk=" error.file="/go/src/github.com/vmware-tanzu/velero-plugin-for-aws/velero-plugin-for-aws/object_store.go:308" error.function="main.(*ObjectStore).ListCommonPrefixes" logSource="pkg/controller/backup_sync_controller.go:174"

云,请有人帮我,为什么我提供的令牌已过期?

4

0 回答 0