Skip to content

Instantly share code, notes, and snippets.

@pyaillet

pyaillet/Readme.md

Last active November 28, 2018 13:44
Show Gist options
  • Save pyaillet/98305eac43af403deaff7b0ff38e276a to your computer and use it in GitHub Desktop.
Save pyaillet/98305eac43af403deaff7b0ff38e276a to your computer and use it in GitHub Desktop.
Download ZIP
Access etcd from cluster (setup with kubeadm)
Raw
Readme.md

Steps to access etcd from cluster (setup with kubeadm)

Create secret with etcd credentials

cd /etc/kubernetes/pki
kubectl create secret generic etcd-creds --from-file=etcd/ca.crt --from-file=apiserver-etcd-client.crt --from-file=apiserver-etcd-client.key

kubectl describe secret etcd-creds

Create Pod to connect to etcd

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Pod
metadata:
  name: connect-etcd
spec:
  containers:
  - name: connect-etcd
    image: gcr.io/etcd-development/etcd:v3.2.7
    command: [ sh ]
    args: [ "-c", "etcdctl --cacert=/etc/ssl/etcd-connect/ca.crt --cert=/etc/ssl/etcd-connect/apiserver-etcd-client.crt --key=/etc/ssl/etcd-connect/apiserver-etcd-client.key --debug=true --endpoints https://ETCD_HOSTNAME:2379 endpoint status && exec tail -f /dev/null" ]
    env:
    - name: ETCDCTL_API
      value: '3'
    volumeMounts:
    - name: etcd-creds
      mountPath: "/etc/ssl/etcd-connect"
      readOnly: true
  volumes:
  - name: etcd-creds
    secret:
      secretName: etcd-creds
EOF
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment