Welcome to the Linux Foundation Forum!

Lab 4.1 - etcd DB backup issues

chrispokornichrispokorni Posts: 1,062
edited December 2020 in LFS258 Class Forum

@dctheroux, your latest comments from a previous discussion thread, reporting issues on LFS258 Lab 4.1, have been moved here, to keep discussions organized and relevant to a specific topic.

The two prior comments from the other discussion thread shall be removed.

Please continue posting on this discussion thread with any additional issues encountered with the etcd DB backup exercise of Lab 4.1.

STEP 4:

Chris, I am getting this error when I try to see how many databases? I am using the command : kubectl -n kube-system exec -it etcd-master -- sh -c \
"ETCDCTL_API=3 etcdctl --cert=./peer.crt --key=./peer.key --cacert=./ca.crt \
--endpoints=https://127.0.0.1:2379 member list" . So, after I initiate the command it gives me the error : Error: open ./peer.crt: no such file or directory
command terminated with exit code 128. I read that openshift has a bug with this. This is exercise 4.1 and the printout it says I should be getting is this: fb50b7ddbf4930ba, started, master, https://10.128.0.35:2380,
2 https://10.128.0.35:2379, false. instead I am getting the error. I think perhaps it is a bug or maybe the command spacing again. I tried typing it and copy and paste it to no avail. the chart works fine and I copied and pasted and typed it for practice. I checked and it has all the files were I saved them from in the etcd shell. please advise? Thank You!

STEP 6:

I cant get passed item 6 in the first lab of chapter 4. It might be working but none of the output looks like what you have printed out on the screen. number 6 seems to bring me into a sub shell of some sort and that is this command: kubectl -n kube-system exec -it etcd-master -- sh -c "ETCDCTL_API=3 \
ETCDCTL_CACERT=/etc/kubernetes/pki/etcd/ca.crt ETCDCTL_CERT=/etc/kubernetes/pki/etcd/server.crt \
ETCDCTL_KEY=/etc/kubernetes/pki/etcd/server.key etcdctl --endpoints=https://127.0.0.1:2379 \
snapshot save /var/lib/etcd/snapshot.db. This command just puts me in another shell and i am not sure what to do with it.

Comments

  • @dctheroux,

    In step 4 you need to ensure you are using the correct etcd pod name. The same etcd pod name you have used in step 2 of this exercise, has to be reused in subsequent steps 3, 4, 5, and 6. In the lab manual, the etcd-master is the name of the author's pod - yours will have a slightly different name.

    In step 6 it seems that you are missing a closing double-quote (") at the very end of your command, right after ... snapshot.db.

    Regards,
    -Chris

  • Thank you Chris, Sorry for for that again I will make sure to start a new thread for each one, Let me try the things you have suggested. I used tab completion and it gave me master. which is the name of my master instance.

  • Hi @dctheroux,

    You could try providing the absolute path from Step 2 (b) when running Step 3, and update the ./peer... and ./ca.crt with /etc/kubernetes/pki/etcd/peer... and /etc/kubernetes/pki/etcd/ca.crt.

    Regards,
    -Chris

  • i did the absolute and it worked.

  • deepakgcpdeepakgcp Posts: 10
    edited December 2020

    This step needs to be reviewed and reupload to the course material.. I dont understand what do they mean by "50" in the second sentence and the command with ./ wont work. we need to provide the absolute path..

    Poor Documentation from Linux Foundation.. It seems like nobody reviewed the Lab Exercises..

  • coopcoop Posts: 726

    Poor Documentation from Linux Foundation.. It seems like nobody reviewed the Lab Exercises..

    K8s is updated every 3 months and so are the exams and the courses (even more often) and the upstream is constantly shifting in ways out of the course maintainers' control. Your snarky attitude is not helpful, so if you have very specific suggestions they are always welcome, but the course material is put through extensive review and testing at every step so your criticism is both inaccurate and unfair. I do not maintain this specific course but I am familiar with the process. Your tone is not one that welcomes productive collaboration between teacher and student. So please be more respectful, everyone else is.

  • I'm having issues on
    Exercise 4.1: Basic Node Maintenance

    1. Check the health of the database using the loopback IP and port 2379. You will need to pass then peer cert and key as
      well as the Certificate Authority as environmental variables. The command is commented, you do not need to type out
      the comments or the backslashes.
      [email protected]:˜$ kubectl -n kube-system exec -it etcd-master -- sh \ #Same as before
      -c "ETCDCTL_API=3 \ #Version to use
      ETCDCTL_CACERT=/etc/kubernetes/pki/etcd/ca.crt \ # Pass the certificate authority
      ETCDCTL_CERT=/etc/kubernetes/pki/etcd/server.crt \ #Pass the peer cert and key
      ETCDCTL_KEY=/etc/kubernete

    Could you kindly help please

  • serewiczserewicz Posts: 917

    @dino.farinha what is the error or issue you are encountering?

  • step 4 command, i was able to run, is like below. I think it is important where you put the word etcdctl between double-quote (").

    kubectl -n kube-system exec -it etcd-master -- sh -c "ETCDCTL_API=3 ETCDCTL_CACERT=/etc/kubernetes/pki/etcd/ca.crt ETCDCTL_CERT=/etc/kubernetes/pki/etcd/peer.crt ETCDCTL_KEY=/etc/kubernetes/pki/etcd/peer.key etcdctl --endpoints=https://127.0.0.1:2379 member list"

  • serewiczserewicz Posts: 917

    Hello,

    Correct, the placement of the command and how the shell parses the variables does have an effect. Good catch!

    Regards,

  • tjghosttjghost Posts: 2
    edited February 9

    I'm having a different problem at Step 3.

    kubectl -n kube-system exec -it etcd-lfs-main -- sh
    # cd /etc/kubernetes/pki/etcd
    # ls -la
    total 40
    drwxr-xr-x 2 root root 4096 Nov  8 22:20 .
    drwxr-xr-x 3 root root 4096 Feb  9 15:17 ..
    -rw-r--r-- 1 root root 1017 Nov  8 22:20 ca.crt
    -rw------- 1 root root 1675 Nov  8 22:20 ca.key
    -rw-r--r-- 1 root root 1094 Nov  8 22:20 healthcheck-client.crt
    -rw------- 1 root root 1679 Nov  8 22:20 healthcheck-client.key
    -rw-r--r-- 1 root root 1131 Nov  8 22:20 peer.crt
    -rw------- 1 root root 1679 Nov  8 22:20 peer.key
    -rw-r--r-- 1 root root 1131 Nov  8 22:20 server.crt
    -rw------- 1 root root 1679 Nov  8 22:20 server.key
    
    [email protected]:~$ kubectl -n kube-system exec -it etcd-lfs-main -- sh -c "ETCDCTL_API=3 \ #Version to use
    ETCDCTL_CACERT=/etc/kubernetes/pki/etcd/ca.crt \ # Pass the certificate authority
    ETCDCTL_CERT=/etc/kubernetes/pki/etcd/server.crt \ #Pass the peer cert and key
    ETCDCTL_KEY=/etc/kubernetes/pki/etcd/server.key \
    etcdctl endpoint health"
    

    Give this output

    sh: 1:  #Version: not found
    sh: 2:  #: not found
    sh: 3:  #Pass: not found
    Error: KeyFile and CertFile must both be present[key: /etc/kubernetes/pki/etcd/server.key, cert: ]
    command terminated with exit code 128
    
  • chrispokornichrispokorni Posts: 1,062

    Hi @tjghost,

    From the error it seems to be complaining about the comments following each line of command. Removing the comments may help, and/or converting the entire command into a single line command may save you of headaches too :wink:

    Regards,
    -Chris

  • rosaiahrosaiah Posts: 2
    edited February 12

    Hi Team,
    I'm not getting the output for Step 5 as mentioned in the document to view cluster info in Table format.

    I ran below command to view in Table format.

    kubectl -n kube-system exec -it etcd-master -- sh -c "ETCDCTL_API=3 ETCDCTL_CACERT=/etc/kubernetes/pki/etcd/ca.crt ETCDCTL_CERT=/etc/kubernetes/pki/etcd/server.crt ETCDCTL_KEY=/etc/kubernetes/pki/etcd/server.key etcdctl --endpoints=https://127.0.0.1:2379"

    and also I modified the command but I'm unable to get.

    [email protected]:~$ kubectl -n kube-system exec -it etcd-master -- sh -c "ETCDCTL_API=3 ETCDCTL_CACERT=/etc/kubernetes/pki/etcd/ca.crt ETCDCTL_CERT=/etc/kubernetes/pki/etcd/server.crt ETCDCTL_KEY=/etc/kubernetes/pki/etcd/server.key etcdctl --endpoints=https://127.0.0.1:2379 --write-out="table" "

  • chrispokornichrispokorni Posts: 1,062

    Hi @rosaiah,

    The Discussion on the same topic was removed in order to eliminate duplicates. This keeps all relevant comments on the same thread.

    Due to continuous changes in the etcd container image, the etcdctl command shifts in behavior as well. The following command worked for me:

    kubectl -n kube-system exec -it etcd-master -- sh -c "ETCDCTL_API=3 ETCDCTL_CACERT=/etc/kubernetes/pki/etcd/ca.crt ETCDCTL_CERT=/etc/kubernetes/pki/etcd/server.crt ETCDCTL_KEY=/etc/kubernetes/pki/etcd/server.key etcdctl --endpoints=https://127.0.0.1:2379 member list --write-out=table"

    If this does not work, you may try to replace /server. with /peer.

    Regards,
    -Chris

  • rosaiahrosaiah Posts: 2

    Thank you @chrispokorni .
    it works. Happy for your assistance.

  • rshimizurshimizu Posts: 1
    edited February 14

    Thank you for your post, @rosaiah !

    kubectl -n kube-system exec -it etcd-master -- sh -c "ETCDCTL_API=3 ETCDCTL_CACERT=/etc/kubernetes/pki/etcd/ca.crt ETCDCTL_CERT=/etc/kubernetes/pki/etcd/server.crt ETCDCTL_KEY=/etc/kubernetes/pki/etcd/server.key etcdctl --endpoints=https://127.0.0.1:2379 endpoint status --write-out=table"

    also worked for me :)
    (this command will return a result similar to the text.)

  • vishwas2f4uvishwas2f4u Posts: 4

    Where to find kubeadm-config.yaml? I don't see that in the location mentioned in the lab. Thanks

    [email protected]:~$ find kubeadm-config.yaml
    find: ‘kubeadm-config.yaml’: No such file or directory

  • chrispokornichrispokorni Posts: 1,062

    Hi @vishwas2f4u,

    Please post your questions in Discussions that are on the same topic as your issue, or create a new Discussion if necessary - assuming it is a completely new issue. The current Discussion thread is for Lab 4, whereas your issue is related to Lab 3.

    However, it seems that your find command is incomplete. You should try the find $HOME -name <file-name> syntax instead. For additional help on the usage of find you may try find --help, or man find, or info find.

    Regards,
    -Chris

Sign In or Register to comment.