Below is etcdctl command that has to be run on control.master node to backup etcd database. Backup will be snapshot backup. Change /backup direcotry name in below command to directory where you want to backup etcd database.
ETCDCTL_API=3 etcdctl \
--endpoints=https://127.0.0.1:2379 \
--cacert=/etc/kubernetes/pki/etcd/ca.crt \
--cert=/etc/kubernetes/pki/etcd/server.crt \
--key=/etc/kubernetes/pki/etcd/server.key \
snapshot save /backup/etcd.db
After successful execution of above command, you should see output as follows:
Snapshot saved at /backup/etcd.db
Above certs will be the default cert names and location. If the cert names/directories are different for etcd, you can gather those details by looking at /etc/kubernetes/manifests/etcd.yaml etcd yaml file.
Below are the important entry lines in etcd yaml file which shows the etcd URL/port, cert fetials and etcd image version being used.
kubeadm.kubernetes.io/etcd.advertise-client-urls: https://10.XX.XX.219:2379
- --advertise-client-urls=https://10.XX.XX.219:2379
- --cert-file=/etc/kubernetes/pki/etcd/server.crt
- --initial-advertise-peer-urls=https://10.XX.XX.219:2380
- --key-file=/etc/kubernetes/pki/etcd/server.key
- --peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt
- --peer-key-file=/etc/kubernetes/pki/etcd/peer.key
- --peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
- --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
image: container-registry.oracle.com/olcne/etcd:3.5.6
No comments:
Post a Comment