How to restore etcd backup from remote node

diegoashraf · February 11, 2022, 2:28pm

Hi ,

Setup:
1 Master node
3 worker node
1 remote node with etcdctl client available where backup has been stored

I need to restore from a remote node where I have etcd backup,

On the below command which parameter is instructing my remote node to update the etcd on my master node ?

ETCDCTL_API=3 etcdctl snapshot restore snapshot2.db --data-dir=/var/lib/etcd-bkp --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key --name=“kubemaster” --initial-cluster=“kubemaster=https://192.168.56.2:2380” --initial-advertise-peer-urls=“https://192.168.56.2:2380” --initial-cluster-token=“kubemaster1”

Thank You…!!!

Ayman · March 28, 2022, 6:12pm

Hello diegoashraf,
you should copy the all certificate from the master node to the remote node,
and replace the value of –endpoints,–initial-cluster, and --initial-advertise-peer-urls with the IP-Master-Node

ETCDCTL_API=3 etcdctl --endpoints=https://[IP-Master-Node]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt \
     --name=master \
     --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key \
     --data-dir /var/lib/etcd-from-backup \
     --initial-cluster=master=https://IP-Master-Node:2380 \
     --initial-cluster-token etcd-cluster-1 \
     --initial-advertise-peer-urls=https://IP-Master-Node:2380 \
     snapshot restore /tmp/snapshot-pre-boot.db

Thanks,
KodeKloud Support

sriramk.kannan · March 15, 2023, 2:29pm

I dont think this will work, Can you please suggest where will the data-dir get created? When i tried the data-dir was getting created in the remote node. If so how do we update the data-dir in the etcd.yaml file

Alistair_KodeKloud · September 20, 2023, 8:15pm

Always fun are etcd questions! There are a few things

You can make a backup from a remote host (e.g. student node) and the backup will be written to the student node. For this you need the endpoint address of the etcd server, and the 2 certs and the key copied locally.
You cannot make a restore from a remote location. In restore mode, etcdctl does not talk to the etcd server, therefore the only argument it respects is --data-dir - and this directory will be created on the node where you are running etcdctl.

Therefore to restore, there are two ways to do it

Copy your snapshot file up to the control plane node or whatever node the etcd server is running on, and run etcdctl restore there.
Run etcdctl restore locally, then make a tarball (.tar.gz file) of the restored directory, copy that to the etcd node, then unzip it there.

Finally, for both methods, update etcd to use the newly created data directory. Why does etcdctl not talk to the etcd server during restore? What if your etcd database was so corrupt that etcd cannot run? How would you restore the backup if it was a requirement to communicate with etcd server? See also https://github.com/kodekloudhub/community-faq/blob/main/docs/etcd-faq.md