Extracts resources from OpenShift/Kubernetes ETCD backup. Works with all default Kubernetes/OpenShift resources. Custom CRD will fail as it doesn't know how to deserialize them from protobuf - modify source code to make it work with custom CRD.
- Restoring something deleted
- Safely inspecting etcd database (especially with wait command) from the snapshot instead of a real system
It might be necessary to use etcd version to match your backup. Default is 3.5.6. Edit here and then run
make docker-build
.
Usage:
etcd-extractor [command]
Available Commands:
completion Generate the autocompletion script for the specified shell
get Get all values (or subset if specifying stdin, args or files as args as keys) in YAML format in etcd database
help Help about any command
list List all keys in etcd database based on prefix (default is "/")
version Print version
wait Restore etcd database and start etcd server running infinitely
Flags:
--endpoint string URL pointing to running etcd instance (default "http://127.0.0.1:2379")
-h, --help help for etcd-extractor
--loglevel string Specify log level (debug, info, warn, error, dpanic, panic, fatal) (default "info")
--skip-etcd-restore Skip restoring etcd
--skip-etcd-start Skip starting etcd
--snapshot string File path to the snapshot location (default "/tmp/snapshot.db")
Use "etcd-extractor [command] --help" for more information about a command.
docker run -it --rm --name etcd-extractor \
-v "$PWD/snapshot_2022-01-21_060859.db:/tmp/snapshot.db:ro" \
camabeh/etcd-extractor:latest wait
docker exec -it etcd-extractor etcd-extractor list
# get with ARGS
docker exec -it etcd-extractor etcd-extractor get /kubernetes.io/configmaps/openshift-logging/fluentd /kubernetes.io/clusterrolebindings/system:basic-user
# get with STDIN
cat keys.txt | docker exec -i etcd-extractor etcd-extractor get
docker run -it --rm \
-v "$PWD/snapshot_2022-01-21_060859.db:/tmp/snapshot.db:ro" \
camabeh/etcd-extractor:latest list
docker run -it --rm \
-v "$PWD/snapshot_2022-01-21_060859.db:/tmp/snapshot.db:ro" \
camabeh/etcd-extractor:latest get /kubernetes.io/configmaps/openshift-logging/fluentd /kubernetes.io/clusterrolebindings/system:basic-user
# Restores DB and starts etcd server and waits infinitely
docker run -it --rm --name etcd-extractor \
-v "$PWD/snapshot_2022-01-21_060859.db:/tmp/snapshot.db:ro" \
camabeh/etcd-extractor:latest get /kubernetes.io/secrets/openshift-logging
docker exec -it etcd-extractor sh
# Gets all keys with / prefix
$ etcdctl get / --prefix --keys-only | head
# Shows the value, but encoded in protocol buffer format
$ etcdctl get /kubernetes.io/configmaps/openshift-logging/fluentd
Heavily inspired by etcdhelper.