An error report of etcd viewing data

After using kubeadm to install k8s cluster, you want to view the information about k8s cluster in etcd, but use kubectl exec XXX -- etcdctl -- Ca file XXX -- cert file XXXX -- key file XXX endpoints HTTPS: member list to prompt error: unknown flag: - Ca file, as shown below

[root@k8s-3 manifests]# kubectl exec -it  -n kube-system  etcd-k8s-3  \
> -- etcdctl \
> --ca-file=/etc/kubernetes/pki/etcd/ca.crt \
> --cert-file=/etc/kubernetes/pki/etcd/peer.crt \
> --key-file=/etc/kubernetes/pki/etcd/peer.key \
>  member list 
Error: unknown flag: --ca-file
member list - Lists all members in the cluster
etcdctl member list [flags]
When --write-out is set to simple, this command prints out comma-separated member lists for each endpoint.
The items in the lists are ID, Status, Name, Peer Addrs, Client Addrs, Is Learner.
  -h, --help[=false]help for list
      --cacert=""verify certificates of TLS-enabled secure servers using this CA bundle
      --cert=""identify secure client using this TLS certificate file
      --command-timeout=5stimeout for short running command (excluding dial timeout)
      --debug[=false]enable client-side debug logging
      --dial-timeout=2sdial timeout for client connections
  -d, --discovery-srv=""domain name to query for SRV records describing cluster endpoints
      --discovery-srv-name=""service name to query when using DNS discovery
      --endpoints=[]gRPC endpoints
      --hex[=false]print byte strings as hex encoded strings
      --insecure-discovery[=true]accept insecure SRV records describing cluster endpoints
      --insecure-skip-tls-verify[=false]skip server certificate verification
      --insecure-transport[=true]disable transport security for client connections
      --keepalive-time=2skeepalive time for client connections
      --keepalive-timeout=6skeepalive timeout for client connections
      --key=""identify secure client using this TLS key file
      --password=""password for authentication (if this option is used, --user option shouldn't include password)
      --user=""username[:password] for authentication (prompt if password is not supplied)
  -w, --write-out="simple"set the output format (fields, json, protobuf, simple, table)
Error: unknown flag: --ca-file
command terminated with exit code 1

Tips don't recognize -- Ca file, in fact, the above information has prompted the entry point of the problem, but I feel too dependent on Baidu. I didn't check the tips carefully. I collected a lot of information on the Internet, and operated a lot of the same errors. Finally, I suddenly woke up and looked at the help of etcdctl, and saw the options of -- Ca cert =, -- cert =, -- key =, and these information has been There is a prompt in the prompt message of command execution error. I didn't check it carefully. Alas, because this problem has delayed a lot of time, it's really not worth it. In the future, you should trust yourself and observe the log carefully.

etcdctl version: VERSION:3.4.3 API=3

Final execution information:

[root@k8s-3 manifests]# kubectl exec -it  -n kube-system  etcd-k8s-3 -- etcdctl  --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/peer.crt --key=/etc/kubernetes/pki/etcd/peer.key --endpoints member list  -w table
|        ID        | STATUS  | NAME  |         PEER ADDRS          |        CLIENT ADDRS         | IS LEARNER |
| 74cd7be96f035358 | started | k8s-3 | | |      false |

View under API=2:

kubectl exec -it  -n kube-system  etcd-k8s-3  -- etcdctl --ca-file=xxxxx --cert-file=/xxx   --key-file=xxxxx \

Tags: Operation & Maintenance Kubernetes DNS JSON

Posted on Tue, 24 Mar 2020 10:16:32 -0400 by AlexRodr