ETCD

 

What is ETCD?

etcd is a distributed, consistent, highly-available key-value store used to store critical cluster data.

It is a core component of Kubernetes.

etcd port : 2379

 

Why ETCD Is Important

In Kubernetes, etcd stores the entire cluster state, including:

  • Nodes

  • Pods

  • Services

  • ConfigMaps

  • Secrets

  • Deployments

  • RBAC policies

If etcd goes down → the cluster control plane stops functioning.

ETCD Architecture

etcd is based on:

  • Distributed consensus algorithm: Raft

  • Leader–Follower model

  • Strong consistency

     

 High-Level Architecture

           ───────────────┐
          │   ETCD Leader │
          └───────┬───────┘
                  │
        ┌─────────┴─────────┐
        │                   │
┌───────────────┐   ┌───────────────┐
│     ETCD Follower │                      │ ETCD Follower │
└───────────────┘   └───────────────┘

 How Kubernetes Uses ETCD

 kubectl apply → API Server → etcd

  •  User sends request
  • API Server validates
  • State stored in etcd
  • Controllers reconcile state

 ETCD Data Storage

  • Data stored as key-value pairs

  • Hierarchical structure

Example keys in Kubernetes:

/registry/pods/default/nginx
/registry/services/default/my-service

ETCD Deployment in Kubernetes

Single Master (Not Recommended for Production)

 Master Node
 ├── kube-apiserver
 ├── kube-controller-manager
 ├── kube-scheduler
 └── etcd

  HA Multi-Master (Production)

Master 1 ─┐
Master 2 ─┼── etcd Cluster (3 or 5 nodes)
Master 3 ─┘

Best practice:

  • 3 or 5 etcd members

  • Odd number only (quorum)

Important ETCD Ports 

PortPurpose
2379      Client communication
2380      Peer communication

ETCD Commands

Using etcdctl CLI:

Check Cluster Health

etcdctl endpoint health

List Members

etcdctl member list

Get Key

etcdctl get /registry/pods --prefix

Put Key

etcdctl put mykey "value"

Backup ETCD (Very Important in Production)

Take Snapshot

etcdctl snapshot save snapshot.db

 

Installing ETCD as a service 
 

✅ 1️⃣ Download etcd

Official binaries are available from the etcd GitHub releases.

Example (Linux):

 ETCD_VERSION=v3.5.12

wget https://github.com/etcd-io/etcd/releases/download/${ETCD_VERSION}/etcd-${ETCD_VERSION}-linux-amd64.tar.gz

tar -xvf etcd-${ETCD_VERSION}-linux-amd64.tar.gz
cd etcd-${ETCD_VERSION}-linux-amd64

sudo mv etcd etcdctl /usr/local/bin/

Verify:

etcd --version
etcdctl version

✅ 2️⃣ Create etcd User (Best Practice)

sudo useradd --system --no-create-home --shell /sbin/nologin etcd

Create data directory:

sudo mkdir -p /var/lib/etcd
sudo chown -R etcd:etcd /var/lib/etcd

✅ 3️⃣ Create systemd Service File

sudo nano /etc/systemd/system/etcd.service

 Paste  

[Unit]
Description=etcd key-value store
Documentation=https://etcd.io
After=network.target

[Service]
User=etcd
Type=notify
ExecStart=/usr/local/bin/etcd \
  --name node1 \
  --data-dir=/var/lib/etcd \
  --listen-client-urls=http://127.0.0.1:2379 \
  --advertise-client-urls=http://127.0.0.1:2379 \
  --listen-peer-urls=http://127.0.0.1:2380 \
  --initial-advertise-peer-urls=http://127.0.0.1:2380 \
  --initial-cluster=node1=http://127.0.0.1:2380 \
  --initial-cluster-state=new

Restart=always
RestartSec=5

[Install]
WantedBy=multi-user.target 

 ✅ 4️⃣ Start the Service

sudo systemctl daemon-reload
sudo systemctl enable etcd
sudo systemctl start etcd

 Check status:

sudo systemctl status etcd 

 ✅ 5️⃣ Test etcd

etcdctl put name "ckA-prep"
etcdctl get name

 If successful → etcd is running correctly 🎉

 

List all keys stored by Kubernetes :

 

Comments

Post a Comment

Popular posts from this blog

Kubernetes - Components

Image
Kubernetes is built from several core components that work together to run and manage containerized applications. These components are usually grouped into: Control Plane Components (manage the cluster) Node Components (run workloads) 1️ .  Control Plane Components The control plane is responsible for managing the Kubernetes cluster. 1. kube-apiserver The API server is the entry point to the cluster . Everything in Kubernetes goes through it. Responsibilities Exposes the Kubernetes REST API Validates requests Processes CRUD operations for resources Communicates with the cluster datastore Example operations: Creating a Pod Scaling deployments Updating configurations Flow example:   User → kubectl → API Server → etcd   Key points: Stateless Can be horizontally scaled All components talk to it   2. etcd   etcd is the key-value database of Kubernetes.   It stores all cluster state.   Stores ...
Read more

Command Line tools : nerdctl | crictrl | ctr

Container Runtime CLI Tools Runtime: containerd Used commonly in: Kubernetes 1️⃣ ctr – containerd Native CLI ✅ What It Is Low-level CLI for containerd Used mainly for debugging and advanced runtime operations ⚠ Not user-friendly (No Docker-style UX) Common ctr Commands Image Management ctr images pull nginx:latest ctr images list ctr images rm nginx:latest Container Management ctr containers create docker.io/library/nginx:latest mynginx ctr containers list ctr containers delete mynginx Task (Running Container) Management ctr tasks start mynginx ctr tasks list ctr tasks kill mynginx ctr tasks rm mynginx Namespaces (Important in Kubernetes) ctr namespaces list ctr -n k8s.io containers list When to Use ctr Debugging containerd directly Troubleshooting runtime issues Not recommended for daily use 2️⃣ nerdctl – Docker-like CLI for containerd Project: nerdctl ✅ What It Is Docker-compatible CLI for containerd Feels similar to Docker CLI Common n...
Read more

Service

Image
  The mandatory one is the port , the targetport if not mentioned will be assumed to be the same as port and nodeport will be assigned with a range between 30000 to 32767 , if not explicitly defined.
Read more