How to backup etcd on a Kubernetes cluster created with kubeadm - rpc error: code = 13

问题

I have a K8s cluster created with kubeadm that consists of a master node and two workers.

I am following this documentation article regarding the etcd backup: https://kubernetes.io/docs/tasks/administer-cluster/configure-upgrade-etcd/#backing-up-an-etcd-cluster

I have to use etcdctl to backup the etcd db so I sh into the etcd pod running on the master node to do it from there: kubectl exec -it -n kube-system etcd-ip-x-x-x-x sh

NOTE: The master node hosts the etcd database in this path /var/lib/etcd which is mounted on the pod as a VolumeMount in /var/lib/etcd.

Following the doc I run: ETCDCTL_API=3 etcdctl --endpoints 127.0.0.1:2379 snapshot save snapshotdb and it returns the following error:

Error:  rpc error: code = 13 desc = transport: write tcp 127.0.0.1:44464->127.0.0.1:2379: write: connection reset by peer

What is the problem here?

回答1:

I managed to make it work adding the certificates info to the command:

ETCDCTL_API=3 etcdctl --endpoints https://127.0.0.1:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt --key /etc/kubernetes/pki/etcd/healthcheck-client.key snapshot save ./snapshot.db

回答2:

You can also check the Etcd configuration file in the following line on a node that Etcd is running.

/etc/kubernetes/manifests/etcd.yaml

After getting the command in the command section of the Etcd configuration,

ETCDCTL_API=3 etcdctl --endpoints https://127.0.0.1:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt --key /etc/kubernetes/pki/etcd/healthcheck-client.key

you can run Etcd commands like below commands.

ETCDCTL_API=3 etcdctl --endpoints https://127.0.0.1:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt --key /etc/kubernetes/pki/etcd/healthcheck-client.key member list
ETCDCTL_API=3 etcdctl --endpoints https://127.0.0.1:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt --key /etc/kubernetes/pki/etcd/healthcheck-client.key snapshot save ./snapshot.db  
ETCDCTL_API=3 etcdctl --endpoints https://127.0.0.1:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt --key /etc/kubernetes/pki/etcd/healthcheck-client.key snapshot status ./snapshot.db

来源：https://stackoverflow.com/questions/51370870/how-to-backup-etcd-on-a-kubernetes-cluster-created-with-kubeadm-rpc-error-cod