You can demostrate how kubernetes stores everything in etcd (v3):
You can exec etcdctl
rigth in the etc pod:
kubectl exec -it \
-n kube-system etcd-minikube \
-- sh -c 'ETCDCTL_CACERT=/var/lib/localkube/certs/etcd/ca.crt \
ETCDCTL_CERT=/var/lib/localkube/certs/etcd/peer.crt \
ETCDCTL_KEY=/var/lib/localkube/certs/etcd/peer.key \
ETCDCTL_API=3 \
etcdctl \
get \
--keys-only \
--prefix=true \
"/registry/namespaces/" '
Or if you have etcdctl installed on your host. You can run etcdctl
command on your localhost.
Copy certificate and key from container to localhost:
kubectl cp kube-system/etcd-minikube:/var/lib/localkube/certs/etcd/peer.key .
kubectl cp kube-system/etcd-minikube:/var/lib/localkube/certs/etcd/peer.crt .
Set ETCDCTL_
environment variables
export \
ETCDCTL_API=3 \
ETCDCTL_INSECURE_SKIP_TLS_VERIFY=true \
ETCDCTL_CERT=peer.crt \
ETCDCTL_KEY=peer.key
Start a proxy (in a separate terminal) to be able to connect to etcd on localhost:
kubectl port-forward -n kube-system etcd-minikube 2379:2379
etcdctl get --keys-only --prefix=true "/registry/namespaces/"
Thanks!
btw, for who are using minikube, not localkube(cause it is deprecated), should replace terms
localkube
tominikube
and it will work!so above one-liner snippet will be: