etcdadm is a command-line tool for operating an etcd cluster. It makes it easy to create a new cluster, add a member to, or remove a member from an existing cluster. Its user experience is inspired by kubeadm.
For major project goals, see the roadmap
Table of Contents
- Getting Started
- Advanced Usage
- Caveats & Limitations
- Clone the git repository.
- Build on the host:
- Build in a container, using docker:
Creating a new cluster
etcdadmto each machine that will become a member.
- Choose one machine and run
Adding a member
- Copy the CA certificate and key from any machine in the cluster to the machine being added.
rsync -avR /etc/etcd/pki/ca.* <Member IP address>:/
- Choose a cluster endpoint (i.e. client URL of some member) and run
etcdadm join <endpoint>
Removing a member
On the machine being removed, run
Creating a new cluster from a snapshot
If you have an existing etcd snapshot, you can use it to create a new cluster:
etcdadm init --snapshot /path/to/etcd.snapshot
Caveats and Limitations
- Must run as root. (This is because etcdadm creates a systemd service)
- Does not support etcd v2.
- Currently tested on Container Linux, with plans for other platforms.
The goal of etcdadm is to make it easy to operate an etcd cluster. It downloads a specific etcd release, installs the binary, configures a systemd service, generates certificates, calls the etcd API to add (or remove) a member, and verifies that the new member is healthy.
Etcdadm must be run on the machine that is being added or removed. As a consequence, if a member permanently fails, and the operator cannot invoke
etcdadm reset on that machine, the operator must use the etcd API to delete the failed member from the list of members.
On its own, etcdadm does not automate cluster operation, but a cluster orchestrator can delegate all the above tasks to etcdadm.
docs/diagrams for sequence diagrams of init, join, and reset.
For more information reach out to etcdadm slack channel