etcd-ocp.md

Alias Initial Setup

• Docker

alias etcdctl3="docker run --rm --net=host -v /etc/etcd:/etc/etcd -e ETCDCTL_API=3 --entrypoint etcdctl registry.access.redhat.com/rhel7/etcd --cert /etc/etcd/peer.crt --cacert /etc/etcd/ca.crt --key /etc/etcd/peer.key --endpoints https://`hostname`:2379"

alias etcdctl2="docker run --rm --net=host -v /etc/etcd:/etc/etcd -e ETCDCTL_API=2 --entrypoint etcdctl registry.access.redhat.com/rhel7/etcd --cert-file /etc/etcd/peer.crt --ca-file /etc/etcd/ca.crt --key-file /etc/etcd/peer.key -C https://`hostname`:2379"

• RPM

alias etcdctl3="ETCDCTL_API=3 etcdctl --cert /etc/etcd/peer.crt --cacert /etc/etcd/ca.crt --key /etc/etcd/peer.key --endpoints https://`hostname`:2379"

alias etcdctl2="ETCDCTL_API=2 etcdctl --cert-file /etc/etcd/peer.crt --ca-file /etc/etcd/ca.crt --key-file /etc/etcd/peer.key -C https://`hostname`:2379"

---

Commands

• Run interactive shell

# docker run --rm -it --net=host -v /etc/etcd:/etc/etcd --entrypoint /bin/bash registry.access.redhat.com/rhel7/etcd

# docker run --rm -it --net=host -v /etc/etcd:/etc/etcd --entrypoint /bin/bash -e ETCDCTL_API=3 -e PROMPT_COMMAND='alias etcdctl3="etcdctl --cert /etc/etcd/peer.crt --cacert /etc/etcd/ca.crt --key /etc/etcd/peer.key --endpoints https://`hostname`:2379"' registry.access.redhat.com/rhel7/etcd

• 3.10 etcd container

  #  docker exec -it `docker ps -q --filter "label=io.kubernetes.container.name=etcd"` /bin/bash

v3

• General

# etcdctl3 --write-out=table endpoint status
# etcdctl3 get /openshift.io --prefix --keys-only

• Watch

  # timeout 5m etcdctl3 watch / --prefix  --write-out=fields > etcdwatchraw.log
  # grep -v Value etcdwatchraw.log >  etcdwatch.log
  # awk  'BEGIN{FS="/"; OFS="/";} /^\"Key/{print $2,$3}' etcdwatch.log | sort | uniq -c | sort -nr
  

• Backup / Restore

  # mkdir /backup
  # docker run --privileged --rm -it --user root  --net=host -v /etc/etcd:/etc/etcd -v /backup/:/backup/ -v /var/lib:/var/lib --entrypoint /bin/bash -e ETCDCTL_API=3 -e PROMPT_COMMAND='alias etcdctl3="etcdctl --cert /etc/etcd/peer.crt --cacert /etc/etcd/ca.crt --key /etc/etcd/peer.key --endpoints https://`hostname`:2379"' registry.access.redhat.com/rhel7/etcd
  
  # etcdctl3 snapshot save /backup/backup-db
  
  # rm -rf /var/lib/etcd
  # source /etc/etcd/etcd.conf
  # etcdctl3 snapshot restore /backup/backup-db \
   --data-dir /var/lib/etcd \
   --name $ETCD_NAME \
   --initial-cluster $ETCD_INITIAL_CLUSTER \
   --initial-cluster-token $ETCD_INITIAL_CLUSTER_TOKEN \
   --initial-advertise-peer-urls $ETCD_INITIAL_ADVERTISE_PEER_URLS \
   --skip-hash-check=true
  
  # chmod etcd:etcd /var/lib/etcd -r
   ```
  
  

• Compact

# rev=$(etcdctl3 endpoint status --write-out="json" |  egrep -o '"revision":[0-9]*' | egrep -o '[0-9]*' -m1)
# etcdctl3 compact $rev
# etcdctl3 defrag
# etcdctl3 alarm disarm

• bolt

# etcdctl3 snapshot save backup.db
# go get github.com/boltdb/bolt/...
# bolt stats  backup.db

v2

• Watch

# timeout 5m etcdctl2 watch --forever --recursive / > etcdwatch.log
# awk  'BEGIN{FS="/"; OFS="/";} /^\[compare/{print $2,$3}' etcdwatch.log | sort | uniq -c | sort -nr

Curl from Master

curl --cert  /etc/origin/master/master.etcd-client.crt --cacert /etc/origin/master/master.etcd-ca.crt --key /etc/origin/master/master.etcd-client.key  https://`hostname`:2379"


/v2/stats/leader
/v2/stats/self
/health
/metrics
/config/local/log -XPUT -d '{"Level":"DEBUG"}

• Compact

# rev=$(etcdctl3 endpoint status --write-out="json" |  egrep -o '"revision":[0-9]*' | egrep -o '[0-9]*' -m1)
# etcdctl3 compact $rev
# etcdctl3 defrag
# etcdctl3 alarm disarm

• bolt

# etcdctl3 snapshot save backup.db
# go get github.com/boltdb/bolt/...
# bolt stats  backup.db

Links

what-does-the-etcd-warning-failed-to-send-out-heartbeat-on-time-mean