etcd cheatsheet
etcdctl — environment
export ETCDCTL_API=3
export ETCDCTL_ENDPOINTS=https://127.0.0.1:2379
export ETCDCTL_CACERT=/etc/kubernetes/pki/etcd/ca.crt
export ETCDCTL_CERT=/etc/kubernetes/pki/etcd/server.crt
export ETCDCTL_KEY=/etc/kubernetes/pki/etcd/server.key
Key-value operations
| Command | Description |
|---|---|
etcdctl put mykey myvalue | Write a key |
etcdctl get mykey | Read a key |
etcdctl get --prefix /registry/ | Prefix scan (K8s paths) |
etcdctl del mykey | Delete a key |
etcdctl watch mykey | Stream changes to a key |
etcdctl txn -i | Interactive transaction |
Cluster health
| Command | Description |
|---|---|
etcdctl endpoint health | Health per endpoint |
etcdctl endpoint status -w table | Leader, revision, db size, alarms |
etcdctl member list -w table | Cluster members |
etcdctl alarm list | Active alarms (NOSPACE, CORRUPT) |
Replication / Raft status
# Table: which member is leader, raft index, db size
etcdctl endpoint status -w table
# Check all endpoints (comma-separated)
ETCDCTL_ENDPOINTS=https://node1:2379,https://node2:2379,https://node3:2379 \
etcdctl endpoint health --cluster
Maintenance
| Command | Description |
|---|---|
etcdctl snapshot save /backup/snap.db | Consistent backup |
etcdctl snapshot status /backup/snap.db -w table | Verify snapshot |
etcdctl compact $(etcdctl endpoint status -w json | jq '.[0].Header.revision') | Compact old revisions |
etcdctl defrag --cluster | Reclaim disk on all members |
etcdctl alarm disarm | Clear alarm after fixing cause |
Kubernetes — find etcd
# Static pod on control plane (kubeadm)
crictl pods | grep etcd
crictl logs $(crictl ps --name etcd -q)
# Or docker/containerd
docker ps | grep etcd
# API server etcd connection (manifest)
grep etcd /etc/kubernetes/manifests/kube-apiserver.yaml
Service and ports
| Check | Description |
|---|---|
ss -tlnp | grep 2379 | Client API listening |
ss -tlnp | grep 2380 | Peer (Raft) port |
systemctl status etcd | Standalone etcd service |
Pro tips
- Kubernetes control plane stops when etcd loses quorum — prioritize odd-member clusters
- Always use
ETCDCTL_API=3— v2 API is deprecated NOSPACEalarm means disk full — free space, defrag, thenalarm disarm- Never copy the data dir on a running member — use
snapshot save - Schedule snapshots before upgrades; test restore on a non-production cluster
Practice scenarios
Hands-on etcd scenarios on live Linux VMs: etcd