Certified Kubernetes Administrator (CKA) — Tips and Tricks — Part 3

Today let’s look into ETCD backup. If you get this question it’s a jackpot. You can score the full mark in less than a minute, if you know how to do it. This will save some time for other questions. ETCD back up is a one-line command, but you need to collect a few pieces of information needed to execute the command.

Tip 1: Parts of the ETCD Backup Command

To back up the cluster, we should use the below command

ETCDCTL_API=3 etcdctl — endpoints=[ENDPOINT] — cacert=[CA CERT] — cert=[ETCD SERVER CERT] — key=[ETCD SERVER KEY] snapshot save [BACKUP FILE NAME]

Executing the command will immediately give feedback if the backup is taken correctly. In case if you have not got the command correctly, you will have immediate feedback of failure.

The above instruction has 6 important parts to it

  1. Command to take a backup — See Tip 2 on how to escape memorizing
  2. ENDPOINT — See Tip 3 on how to get this value
  3. CA CERT — See Tip 3 on how to get this value
  4. ETCD SERVER CERT — See Tip 3 on how to get this value
  5. ETCD SERVER KEY — See Tip 3 on how to get this value
  6. BACKUP FILE NAME — This will be given as a part of question itself

Any missing options will throw an error

Tips 2: No Need to Memorize the Command

You don’t need to memorize the command for backing up ETCD. You will be allowed to refer to the Kubernetes documentation page during the exam. From the Kubernetes documentation page ( doc page ) search for “etcd backup”, then from the results click the first link “Operating etcd clusters …”.

Look for the word “backup” in the resulting page, you will be able to locate the command for the backup.

ETCDCTL_API=3 etcdctl — endpoints $ENDPOINT snapshot save snapshotdb

Now wait, this is not the full command that we saw in the beginning. There are some missing parts. Should I memorize the rest? No, run “ETCDCTL_API=3 etcdctl help” you will see all the options, you can recognize the missed options here.

Tips 3: Finding the Values

  1. Exam cluster setup is done with kubeadm, this means ETCD used by the kubernetes cluster is coming from static pod. Confirm this by looking into pods in kube-system namespace.

kubectl get pod -n kube-system

2. Once you recognize the pod in kube-system namespace, just describe the pod to see command line options from container section.

kubectl describe pod etcd-master -n kube-system

You can locate the information on

  1. endpoint: — advertise-client-urls=
  2. ca certificate: — trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
  3. server certificate : — cert-file=/etc/kubernetes/pki/etcd/server.crt
  4. key: — key-file=/etc/kubernetes/pki/etcd/server.key

Tips 4: Difference in Option Names [IMP]

Please note that the command option name, you get from pod describes and actual “ETCDCTL_API=3 etcdctl” are different.

You are all done. The ETCD back will be in the specified location.

Also, visit other tips and tricks for Certified Kubernetes Administrator (CKA)

We will look into other tips and tricks in an upcoming article. Let you pass with flying colors :)




#ContinuousDevOps #Kubernetes #Microservices #CloudNativeApps #DevOps #Agile

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Your business will suck until you apply this!

What OAuth 2.0 isn’t

Java 8 :: Behavior parameterization

Developing UI Micro Frontends way

Troubleshooting: A journey into the unknown

DevOps Transformation & Cognitive Overload — Part 2

Azure Functions SDK update of CosmosDB Trigger — Identity Based Connections

Docker Multi-Architecture Images

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Arun Ramakani

Arun Ramakani

#ContinuousDevOps #Kubernetes #Microservices #CloudNativeApps #DevOps #Agile

More from Medium

Top 10 Reason to use VMware Tanzu as K8S platform

Difference between Terraform and Kubernetes

Surprising facts about Docker and Kubernetes

Setting up a remote debugging for Java microservices running inside Kubernetes pods