Skip to content

Instantly share code, notes, and snippets.

@superseb
Last active September 9, 2024 14:53
Show Gist options
  • Save superseb/e9f2628d1033cb20e54f6ee268683a7a to your computer and use it in GitHub Desktop.
Save superseb/e9f2628d1033cb20e54f6ee268683a7a to your computer and use it in GitHub Desktop.
Recover cluster.rkestate file from controlplane node

Recover cluster.rkestate file from controlplane node

RKE

Run on controlplane node, uses any found hyperkube image

k8s 1.19 and higher

docker run --rm --net=host -v $(docker inspect kubelet --format '{{ range .Mounts }}{{ if eq .Destination "/etc/kubernetes" }}{{ .Source }}{{ end }}{{ end }}')/ssl:/etc/kubernetes/ssl:ro --entrypoint bash $(docker inspect $(docker images -q --filter=label=org.opencontainers.image.source=https://github.com/rancher/hyperkube.git) --format='{{index .RepoTags 0}}' | tail -1) -c 'kubectl --kubeconfig /etc/kubernetes/ssl/kubecfg-kube-node.yaml -n kube-system get configmap full-cluster-state -o json | jq -r .data.\"full-cluster-state\" | jq -r .' > cluster.rkestate

k8s 1.18 and lower

docker run --rm --net=host -v $(docker inspect kubelet --format '{{ range .Mounts }}{{ if eq .Destination "/etc/kubernetes" }}{{ .Source }}{{ end }}{{ end }}')/ssl:/etc/kubernetes/ssl:ro --entrypoint bash $(docker inspect $(docker images -q --filter=label=org.label-schema.vcs-url=https://github.com/rancher/hyperkube.git) --format='{{index .RepoTags 0}}' | tail -1) -c 'kubectl --kubeconfig /etc/kubernetes/ssl/kubecfg-kube-node.yaml -n kube-system get configmap full-cluster-state -o json | jq -r .data.\"full-cluster-state\" | jq -r .' > cluster.rkestate

Rancher v2.2.x

Run on controlplane node, uses rancher/rancher-agent image

docker run --rm --net=host -v $(docker inspect kubelet --format '{{ range .Mounts }}{{ if eq .Destination "/etc/kubernetes" }}{{ .Source }}{{ end }}{{ end }}')/ssl:/etc/kubernetes/ssl:ro --entrypoint bash $(docker inspect $(docker images -q --filter=label=io.cattle.agent=true) --format='{{index .RepoTags 0}}' | tail -1) -c 'kubectl --kubeconfig /etc/kubernetes/ssl/kubecfg-kube-node.yaml get configmap -n kube-system full-cluster-state -o json | jq -r .data.\"full-cluster-state\" | jq -r .' > cluster.rkestate
@Crazyscorpio88
Copy link

Thanks @superseb, it saved my day.

@oxr463
Copy link

oxr463 commented Oct 20, 2020

@superseb do you think we could add this to the support-tools repository?

@superseb
Copy link
Author

@oxr463 Yeah we can, it is in progress of being added to RKE CLI here rancher/rke#2258 but it's not in any released version yet.

@alexwiedermann
Copy link

@superseb.... You really saved my day.

@ferdinandosimonetti
Copy link

Hello everybody, I know I'm a bit late on this thread, but... I'm unable to retrieve worker nodes' informations, this way.
I managed to loose both cluster.yml and cluster.rkestate ...

@oxr463
Copy link

oxr463 commented Jun 25, 2021

Hello everybody, I know I'm a bit late on this thread, but... I'm unable to retrieve worker nodes' informations, this way.
I managed to loose both cluster.yml and cluster.rkestate ...

I don't think there is anything to recover the cluster.yml file.

@mitchtys
Copy link

Hello everybody, I know I'm a bit late on this thread, but... I'm unable to retrieve worker nodes' informations, this way.
I managed to loose both cluster.yml and cluster.rkestate ...

I don't think there is anything to recover the cluster.yml file.

kubectl get configmap -n kube-system full-cluster-state -o "jsonpath={.data.full-cluster-state}" | python -c 'import json, yaml, sys; yaml.safe_dump(json.load(sys.stdin).get("currentState", []).get("rkeConfig",[]), sys.stdout)'

@oxr463
Copy link

oxr463 commented Oct 30, 2021

Hello everybody, I know I'm a bit late on this thread, but... I'm unable to retrieve worker nodes' informations, this way.
I managed to loose both cluster.yml and cluster.rkestate ...

I don't think there is anything to recover the cluster.yml file.

kubectl get configmap -n kube-system full-cluster-state -o "jsonpath={.data.full-cluster-state}" | python -c 'import json, yaml, sys; yaml.safe_dump(json.load(sys.stdin).get("currentState", []).get("rkeConfig",[]), sys.stdout)'

Does that work for non rancher-managed clusters? Like say a local cluster provisioned with RKE?

@mitchtys
Copy link

mitchtys commented Nov 1, 2021

Does that work for non rancher-managed clusters? Like say a local cluster provisioned with RKE?

Thats what I tested it with yep, whatever runs rke up should have it, not tried a downstream cluster at all.

@ferdinandosimonetti
Copy link

ferdinandosimonetti commented Mar 23, 2022

Hello, more-than-late on this thread, I'd like to contribute "my 2 cents" (I'm, in fact, using it on a downstream cluster).

# use the desired context (kubie is a great tool!)
kubie ctx mycontext
# get kubeconfig file (this one has only *one* context inside)
kubectl config view --flatten > kube_config_cluster.yml
# get cluster.yml (this one references *master nodes only*)
kubectl get configmap -n kube-system full-cluster-state -o "jsonpath={.data.full-cluster-state}" | python3 -c 'import json, yaml, sys; yaml.safe_dump(json.load(sys.stdin).get("currentState", []).get("rkeConfig",[]), sys.stdout)' > cluster.yml
# get rkestate
rke util get-state-file
# backup etcd
rke etcd snapshot-save --name 20220323-mycluster

I'm using kubectl config view --flatten initially to obtain the kubeconfig file "thru Rancher server", while using rke util get-kubeconfig afterwards will obtain one that bypasses Rancher (direct cluster access).

@irishgordo
Copy link

this was excellent, thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment