ETCD - Commands (Optional)
(Optional) Additional information about ETCDCTL Utility
ETCDCTL is the CLI tool used to interact with(与…相互作用) ETCD.
ETCDCTL can interact with ETCD Server using 2 API versions - Version 2 and Version 3. By default its set to use Version 2. Each version has different sets of commands.
For example ETCDCTL version 2 supports the following commands:(ETCDCTL 版本2支持一下的命令)
etcdctl backupetcdctl cluster-healthetcdctl mketcdctl mkdir``etcdctl set`
Whereas(尽管) the commands are different in version 3(版本3中的命令有所不同)
etcdctl snapshot saveetcdctl endpoint healthetcdctl getetcdctl put
- To set the right version of API set the environment variable ETCDCTL_API command(要设置正确的APIversion,请设置环境变量ETCDCTL_API)
export ETCDCTL_API=3
When API version is not set, it is assumed to be set to version 2. And version 3 commands listed above don’t work. When API version is set to version 3, version 2 commands listed above don’t work.(如果未设置API版本,则假定它设置为版本2。上面列出的版本3命令不起作用。当API版本设置为版本3时,上面列出的版本2命令不起作用。)
Apart from that, you must also specify path to certificate files so that ETCDCTL can authenticate to the ETCD API Server. The certificate files are available in the etcd-master at the following path. We discuss more about certificates in the security section of this course. So don’t worry if this looks complex:(除此之外,还必须指定证书文件的路径,以便ETCDCTL可以向ETCD API服务器进行身份验证。证书文件位于etcd-master中的以下路径中。我们将在本课程的安全性部分讨论有关证书的更多信息。因此,不要担心这看起来是否复杂:)
1 | --cacert /etc/kubernetes/pki/etcd/ca.crt |
So for the commands I showed in the previous video to work you must specify the ETCDCTL API version and path to certificate files. Below is the final form:
1 | kubectl exec etcd-master -n kube-system -- sh -c "ETCDCTL_API=3 etcdctl get / --prefix --keys-only --limit=10 --cacert /etc/kubernetes/pki/etcd/ca.crt --cert /etc/kubernetes/pki/etcd/server.crt --key /etc/kubernetes/pki/etcd/server.key" |