Certified Kubernetes Administrator (CKA) — Tips and Tricks — Part 3
Today let’s look into ETCD backup. If you get this question it’s a jackpot. You can score the full mark in less than a minute, if you know how to do it. This will save some time for other questions. ETCD back up is a one-line command, but you need to collect a few pieces of information needed to execute the command.
Tip 1: Parts of the ETCD Backup Command
To back up the cluster, we should use the below command
ETCDCTL_API=3 etcdctl — endpoints=[ENDPOINT] — cacert=[CA CERT] — cert=[ETCD SERVER CERT] — key=[ETCD SERVER KEY] snapshot save [BACKUP FILE NAME]
Executing the command will immediately give feedback if the backup is taken correctly. In case if you have not got the command correctly, you will have immediate feedback of failure.
The above instruction has 6 important parts to it
- Command to take a backup — See Tip 2 on how to escape memorizing
- ENDPOINT — See Tip 3 on how to get this value
- CA CERT — See Tip 3 on how to get this value
- ETCD SERVER CERT — See Tip 3 on how to get this value
- ETCD SERVER KEY — See Tip 3 on how to get this value
- BACKUP FILE NAME — This will be given as a part of question itself
Any missing options will throw an error
Tips 2: No Need to Memorize the Command
You don’t need to memorize the command for backing up ETCD. You will be allowed to refer to the Kubernetes documentation page during the exam. From the Kubernetes documentation page ( doc page ) search for “etcd backup”, then from the results click the first link “Operating etcd clusters …”.
Look for the word “backup” in the resulting page, you will be able to locate the command for the backup.
ETCDCTL_API=3 etcdctl — endpoints $ENDPOINT snapshot save snapshotdb
Now wait, this is not the full command that we saw in the beginning. There are some missing parts. Should I memorize the rest? No, run “ETCDCTL_API=3 etcdctl help” you will see all the options, you can recognize the missed options here.
Tips 3: Finding the Values
- Exam cluster setup is done with kubeadm, this means ETCD used by the kubernetes cluster is coming from static pod. Confirm this by looking into pods in kube-system namespace.
kubectl get pod -n kube-system
2. Once you recognize the pod in kube-system namespace, just describe the pod to see command line options from container section.
kubectl describe pod etcd-master -n kube-system
You can locate the information on
- endpoint: — advertise-client-urls=https://172.17.0.15:2379
- ca certificate: — trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
- server certificate : — cert-file=/etc/kubernetes/pki/etcd/server.crt
- key: — key-file=/etc/kubernetes/pki/etcd/server.key
Tips 4: Difference in Option Names [IMP]
Please note that the command option name, you get from pod describes and actual “ETCDCTL_API=3 etcdctl” are different.
You are all done. The ETCD back will be in the specified location.
Also, visit other tips and tricks for Certified Kubernetes Administrator (CKA)
Certified Kubernetes Administrator (CKA) — Tips and Tricks — Part 1
Certified Kubernetes Administrator is a challenging exam by CNCF. Unlike many other certifications, it’s a practical…
Certified Kubernetes Administrator (CKA) — Tips and Tricks — Part 2
Today let’s see about a static pod question, that I faced on both of the attempts. Of course, I got it correct only in…
Certified Kubernetes Administrator (CKA) — Tips and Tricks — Part 4
Mastering “Field Selectors”, “Custom Column” and “Sort By” will help us in a few questions at the CKA exam. In this…
Certified Kubernetes Administrator (CKA) — Tips and Tricks — Part 5
Init Container is the way to do some setup task before the actual container starts 🏄♀
Certified Kubernetes Administrator (CKA) — Tips and Tricks — Part 6
How to store sensitive information into the cluster with kubernetes secrets ㊙️
We will look into other tips and tricks in an upcoming article. Let you pass with flying colors :)