Backing up etcd data

  1. Back up the cluster etcd data.

    Store the backup in a secure location outside the OpenShift Container Platform environment.

  2. Back up etcd data by creating a snapshot. You must only save a snapshot from a single master host. You do not need a snapshot from each master host in the cluster.

    If your cluster is behind a proxy, export proxy on master nodes (applicable only for online mode of installation).

    1. Access the master host as a core user.
    2. If the cluster-wide proxy is enabled, ensure that you have exported the NO_PROXY, HTTP_PROXY, and HTTPS_PROXY environment variables.
      To check whether the proxy is enabled, run the following command in bastion node:
      oc get proxy cluster -o yaml

      This step is only applicable in case of online mode of installation.

    3. Run the script and pass in the location to save the backup to.
      sudo /usr/local/bin/ ./assets/backup
      Creating asset directory ./assets
      etcdctl version 3.3.17
      API version: 3.3
      Trying to backup etcd client certs..
      etcd client certs found in /etc/kubernetes/static-pod-resources/kube-apiserver-pod-12 backing up to ./assets/backup/
      Backing up /etc/kubernetes/manifests/etcd-member.yaml to ./assets/backup/
      Trying to backup latest static pod resources..
      {"level":"warn","ts":"2020-06-25T08:19:51.500Z","caller":"clientv3/retry_interceptor.go:116","msg":"retry stream intercept"}
      Snapshot saved at ./assets/backup/snapshot_2020-06-25_081950.db
      snapshot db and kube resources are successfully saved to ./assets/backup!
    4. Copy the snapshot_<YYYY-MM-DD_HHMMSS>.db file to a secure location outside the cluster.