ETCD in Kubernetes

Understanding etcd in Kubernetes

Source: KodeCloud

What is etcd?

etcd is a distributed, consistent key-value store used as the primary data store for Kubernetes. It stores all cluster configuration data, including the state of nodes, Pods, Deployments, ConfigMaps, Secrets, and other cluster-related objects. It ensures that data is consistent and highly available across the cluster.

• Developed by: CoreOS (now part of Red Hat)

• Uses: Written in Go and uses the Raft consensus algorithm for distributed consistency.

---

Why is etcd Important in Kubernetes?

Kubernetes is a distributed system, and etcd acts as the brain of the cluster by storing all its state information. Without etcd, Kubernetes cannot keep track of workloads, nodes, or configurations.

---

How etcd Works in Kubernetes?

1. Kubernetes components interact with etcd

   • The Kubernetes API Server is the only component that directly interacts with etcd.

   • Other components like the Scheduler, Controller Manager, and Kubelet communicate with the API Server, which then updates etcd.

2. Data is stored as key-value pairs

   • Example:

       /registry/pods/default/my-pod
       /registry/services/default/my-service
       /registry/nodes/ip-192-168-1-100
     

   • Kubernetes resources (like Pods, Deployments, Services) are stored hierarchically.

3. Ensuring High Availability

   • A production-grade Kubernetes cluster runs multiple etcd nodes for fault tolerance.

   • If one etcd node fails, others in the cluster take over.

---

Use Cases of etcd in Kubernetes

1. Storing Cluster State:

   • etcd stores the desired and current state of Kubernetes resources.

   • Example: If a node crashes, Kubernetes can recover its state from etcd.

2. Leader Election:

   • Kubernetes controllers use etcd for leader election in HA (High Availability) setups.

   • Example: The Kubernetes Controller Manager ensures only one active leader at a time.

3. Configuration Management:

   • Stores configuration details, such as network policies, cluster secrets, and more.

   • Example: ConfigMaps and Secrets are stored in etcd.

4. Service Discovery:

   • Helps Kubernetes keep track of available services and their endpoints.

   • Example: If a new Pod is added to a Service, the updated state is stored in etcd.

---

Example to Remember etcd

Think of etcd like a distributed notebook for Kubernetes.

📒 Example Analogy:

• Imagine Kubernetes is a library 🏛️

• etcd is the library catalog system 📖

• Every book (Pod, Service, ConfigMap) is registered in etcd

• If a book is borrowed (a Pod crashes), the catalog (etcd) still keeps a record

• A librarian (API Server) always checks etcd before making decisions

---

Practical Example: How to Interact with etcd

You can interact with etcd using etcdctl, the command-line tool for etcd.

1. Checking the Cluster Health

ETCDCTL_API=3 etcdctl --endpoints=https://127.0.0.1:2379 endpoint health

Output:

https://127.0.0.1:2379 is healthy

2. Viewing Data Stored in etcd

ETCDCTL_API=3 etcdctl get /registry/pods --prefix --keys-only

Output:

/registry/pods/default/my-pod
/registry/pods/kube-system/coredns-12345

3. Writing a Key-Value Pair to etcd

ETCDCTL_API=3 etcdctl put "/config/app-name" "MyK8sApp"

To retrieve it:

ETCDCTL_API=3 etcdctl get "/config/app-name"

Output:

MyK8sApp

---

Best Practices for Managing etcd in Kubernetes

✔ Backup Regularly: etcd holds critical data; always take regular snapshots.
✔ Use High Availability (HA): Deploy etcd in a cluster with at least 3 nodes.
✔ Encrypt Data: Use TLS encryption to secure data in transit.
✔ Monitor etcd Performance: Use Prometheus to monitor latency and failures.

---

Conclusion

• etcd is the heart of Kubernetes, ensuring cluster state consistency.

• It acts as a highly available and consistent key-value store for all Kubernetes objects.

• Kubernetes API Server is the only component that directly interacts with etcd.

• Regular backups, encryption, and monitoring are essential for managing etcd.

Source: KodeCloud and ChatGPT