Pradeep:
Can someone please give me a good article or docs or videos that explains the etcd restore? I am still not 100% sure about implementing it. I am confused always on how to get the certificates, the necessary flags used. @Mumshad Mannambeth or @Tej_Singh_Rana or @Mohamed Ayman could you guys make another video on how to approach this or point me to the right direction?
JohnC:
the certs paths are in the yaml that is used to start the etcd pod in a static pod - you will know the master node was created with kubeadm (and therefore using static pods for the system) if the /etc?kubernetes/manifest directory has the yaml files for etcd, kube-api, kube-schedule etc. If you do something like:
sudo cat etcd.yaml| grep -E ‘(server|crt)’
it returns:
- –cert-file=/etc/kubernetes/pki/etcd/server.crt
- –key-file=/etc/kubernetes/pki/etcd/server.key
- –peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt
- –peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
- –trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
which are the certs you need for the backup
JohnC:
restore help can be had from:
ETCDCTL_API=3 etcdctl snapshot restore --help