Exploring etcd cluster for Kubernetes

Filed Under: Random
Exploring An Etcd Cluster For Kubernetes

Hello, readers. This article talks about Exploring an etcd cluster for Kubernetes with more details around its operations and setup.

So, let us begin!! 馃檪


What is a etcd cluster?

An etcd cluster is the lead member which can be considered as a distributed system. It can be considered as a database that stores all the information with regard to the cluster. The data stored in the etcd cluster is in the form of a key-value pair.

The stability of the cluster is essential to maintain the state and stability of the Kubernetes Cluster. In any Disaster Recovery scenario, when the cluster goes down, the etcd backup enables us to restore the state of the cluster in a quick manner.

For the same, we need to make sure that the cluster is never running out of resources.


Starting a etcd cluster

In order to start an etcd cluster for a Kubernetes setup, we can make use of the below command in case the cluster is a single node piece-

etcd --listen-client-urls=http://$PRIVATE_IP:2379 \
   --advertise-client-urls=http://$PRIVATE_IP:2379

Post which we start the Kubernetes API server using the flag –etcd-servers=$etcd client IP:2379.

In the case of multiple member etcd clusters, we can concatenate the IP values for the client URLs.


Secured communication

As an etcd cluster is the heart of your entire Kubernetes structure. It is very important for us to secure the permissions to reach the etcd cluster. Access to the etcd cluster is as equal as root permissions on the cluster level.

Thus, in order to create a secure channel of communication, we serve the interaction between the etcd cluster and the client using the client.key key and the client.cert certificate.

Example–

ETCDCTL_API=3 etcdctl --endpoints 10.2.0.9:2379 \
  --cert=/etc/kubernetes/pki/etcd/server.crt \
  --key=/etc/kubernetes/pki/etcd/server.key \
  --cacert=/etc/kubernetes/pki/etcd/ca.crt \
  member list

Taking backup of a ETCD cluster

In order to be prepared for the disaster recovery scenario, it is essential for us to take backups of the etcd cluster.

For example, you plan and upgrade your cluster to a higher version. But the things do not go as expected. That is, you face some issues with the cluster and now plan to shift to the lower level of the cluster i.e. the previous version. For the same, in the easiest manner, we can restore the backup of the etcd cluster. As the state of the cluster is maintained by the etcd cluster.

ETCDCTL_API=3 etcdctl --endpoints=https://127.0.0.1:2379 \
  --cacert=<trusted-ca-file> --cert=<cert-file> --key=<key-file> \
  snapshot save <backup-file-location>

Using the above command, we can store the snapshot of the etcd cluster at any specific location.


Restoring etcd cluster backup

By restoring an etcd cluster, we get the Kubernetes cluster to the state that is recorded in the snapshot.

We can make use of the below command to restore the backup of the cluster-

ETCDCTL_API=3 etcdctl --endpoints 10.2.0.9:2379 snapshot restore snapshotdb

In case the API server is running in the cluster, we first need to stop the running instances. Then, restore the etcd cluster and restart the API server instances again.

It is also recommended to restart the Kubernetes components such as kube-schedulerkube-controller-managerkubelet, etc. This is done to make sure that they do not run on some older versions.


Conclusion

By this, we have approached the end of this topic. Feel free to comment below, in case you come across any questions.

For more such posts related to Docker and Kubernetes, Stay tuned with us.

Till then, Happy Learning!! 馃檪

Leave a Reply

Your email address will not be published. Required fields are marked *

close
Generic selectors
Exact matches only
Search in title
Search in content