Skip to content

Instantly share code, notes, and snippets.

@clementnuss

clementnuss/etcdctl-leader-transfer.md

Created July 7, 2023 05:49
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save clementnuss/1d63abca2e2bea08963a3453d61e89e8 to your computer and use it in GitHub Desktop.
Save clementnuss/1d63abca2e2bea08963a3453d61e89e8 to your computer and use it in GitHub Desktop.
Download ZIP
etcd - move leader away
Raw
etcdctl-leader-transfer.md

etcd - moving the leader away

When patching some Kubernetes control-plane nodes on which etcd also happens to be running, you might want to gracefully transfer the leadership of the etcd cluster away before patching and eventually patching the node.

This can be achieved with the following script, provided you specify the adequate environment variables in /etc/profile.d/etcd-all:

set -o pipefail && \
source /etc/profile.d/etcd-all && \
AM_LEADER=$(etcdctl endpoint status | grep $(hostname) | cut -d ',' -f 5 | tr -d ' ') && \
if [[ $AM_LEADER = "true" ]]
then
  NEW_LEADER=$(etcdctl endpoint status | grep -v $(hostname) | cut -d ',' -f 2 | tr -d ' ' | tail -n '-1') && \
  etcdctl move-leader $NEW_LEADER && sleep 15
fi

Note:

the /etc/profile.d/etcd-all file should contain something similar to:

export ETCDCTL_API=3
export ETCDCTL_ENDPOINTS="https://node1.domain:2379,https://node2.domain:2379,https://node3.domain:2379"
export ETCDCTL_CERT=/etc/kubernetes/pki/etcd/peer.crt
export ETCDCTL_KEY=/etc/kubernetes/pki/etcd/peer.key
export ETCDCTL_CACERT=/etc/kubernetes/pki/etcd/ca.crt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment