Hej hej! I am trying to pass the backup and restore practice test (<https://kod . . .

SMP:
Hej hej!

I am trying to pass the backup and restore practice test (https://kodekloud.com/topic/practice-test-backup-and-restore-methods-2/) for etcd. Unfortunately etcd does not come up again and everything goes down or is not reachable anymore as soon as i change the etcd.yaml to point to the new mountPath. I tried the “solution” from the solution tab, but i get the same problems. I am not sure if i do a mistake but what i do is basically:

# make things easier
export ETCDCTL_API=3
alias etcdctl='etcdctl --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key'
# snapshot
etcdctl snapshot save /opt/snapshot-pre-boot.db
# restore
etcdctl snapshot restore --data-dir /var/lib/etcd-from-backup /opt/snapshot-pre-boot.db
# edit manifest
vim /etc/kubernetes/manifests/etcd.yaml
# Change mount path /var/lib/etcd to /var/lib/etcd-from-backup
---
volumeMounts:
    - mountPath: /var/lib/etcd-from-backup
      name: etcd-data
---
# Watch until etcd is backup
watch "docker ps | grep etcd"
# Check everything
k get all -A

In my last try i got the following output when using k get all -A - but i get this error:

root@controlplane /etc/kubernetes/manifests ➜  k get all -A
The connection to the server controlplane:6443 was refused - did you specify the right host or port?
The connection to the server controlplane:6443 was refused - did you specify the right host or port?
The connection to the server controlplane:6443 was refused - did you specify the right host or port?

A second question would be about the exam environment. Is etcd running in Docker environment similiar to kodekloud or is it an installation on the host itself, so i need to use systemd for start/stop like shown in the CKA course video about etcd backups?

edit: i am checking out the solutions video too right now

Radoslaw Czajkowski:
Hej CKA is based on the kubeadm install so etcd is running in a container (as a pod in kubernetes).

AG:
I faced this issue in the lab once. But I didn’t use the aliases as how you have done. :alert: Also, I see that you have not passed --servers as part of the parameter when saving the backup (I think it is --servers=127.0.0.1:2379 :alert:

Not an expert and hence only learning what the CKA session shows to pass the exam. May be that is the reason.

How I have done the alias
alias e=etcdctl - same lines of alias k=kubectl

Then for taking backup, I do the following:

1. Describe the already running etcd-controlplane pod : k describe etcd-controlplane -n kube-system
2. Set environment variable export ETCDCTL_API=3
3. Display the help for the e snapshot save --help
4. Now I try to make attempt for saving the snapshot —

% e snapshot --server=<> \
> --cert= <> \
> --cacert= <> \
> --key= <> \
> /path/to/backup

This way - I do not forget any of the entries.

Radoslaw Czajkowski:
@AGyou can do it even easier with omitting the endpoints. Here’s how i do it in my lab. CKA is also a kubeadm install so the same syntax should work. I go to the /etc/kubernetes/pki/etcd/ dir for etcd certs and simply run this shorter command.

Radoslaw Czajkowski:

image.png2327×317 26.6 KB

AG:
Cool - I think @SMP is the one who needs help.

I learned it exactly how MM showed as I can’t triage if something goes wrong (not that big of an expert).

Radoslaw Czajkowski:
yes, the above is based on the fact that CKA is also a kubeadm install. If you don’t know where the certs are stored then yes, you would need to peek at etcd container / manifest.

SMP:
Thank you very much guys for your input