Backup and Restore ETCD Database

cloudwizard · September 20, 2020, 5:51pm

Are this the correct commands to backup the ETCD DB:

ETCDCTL_API=3 etcdctl help

ETCDCTL_API=3 etcdctl --endpoints https://127.0.0.1:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key snapshot save /tmp/snapshot-pre-boot.db

Are this the correct commands to Restore the ETCD DB:

ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt
–name=master
–cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key
–data-dir /var/lib/etcd-from-backup
–initial-cluster=master=https://127.0.0.1:2380
–initial-cluster-token=etcd-cluster-1
–initial-advertise-peer-urls=https://127.0.0.1:2380
snapshot restore /tmp/snapshot-pre-boot.db

Update ETCD manifest file with correct backup directory and token:
–data-dir=/var/lib/etcd-from-backup
–initial-cluster-token=etcd-cluster-1
Update ETCD manifest file with correct hostpath and volume:
volumeMounts:
- mountPath: /var/lib/etcd-from-backup
  name: etcd-data
- mountPath: /etc/kubernetes/pki/etcd
  name: etcd-certs
volumes:
- hostPath:
  path: /var/lib/etcd-from-backup
  type: DirectoryOrCreate
  name: etcd-data
- hostPath:
  path: /etc/kubernetes/pki/etcd
  type: DirectoryOrCreate

tej-singh-rana · September 24, 2020, 8:51am

You can visit this post. ETCD - backup and restore management

ksaravind · November 27, 2020, 2:59am

Above steps looks good, are you facing any issue?

haozhiyu · March 30, 2021, 12:32am

First, you need to install etcd-client: sudo apt install etcd-client

chandramohan · April 7, 2021, 1:51pm

can we restore etcd using pem format cert and keys? if so, is it possible only from master node?

ETCD backup is as below:
ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt
–name=master
–cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key snapshot save /var/etcd-backup.db

ETCD restore using below:

cert-/opt/etcd-client-ca.pem key=/opt/etcd-client-key.pem restore from /opt/previous_backup.db

vinodhvenugopal · August 25, 2021, 2:06pm

Can anyone post the commands to take backup and restore HA ETCD cluster. and also please let me knoe, after restore ,we need reboot any kubeadm tools ?

Ramesh_Godishela · June 30, 2022, 8:12am

#get certs
cat /etc/kubernetes/manifests/kube-apiserver.yaml | grep etcd

#take a snapshot
ETCDCTL_API=3 etcdctl snapshot save /tmp/etcd-backup.db
–cacert /etc/kubernetes/pki/etcd/ca.crt
–cert /etc/kubernetes/pki/etcd/server.crt
–key /etc/kubernetes/pki/etcd/server.key

#restore a snapshot
ETCDCTL_API=3 etcdctl snapshot restore /tmp/etcd-backup.db
–data-dir /var/lib/etcd-backup
–cacert /etc/kubernetes/pki/etcd/ca.crt
–cert /etc/kubernetes/pki/etcd/server.crt
–key /etc/kubernetes/pki/etcd/server.key

V1RAL_V1DZ · August 20, 2024, 3:55pm

Back Up the etcd Data

From the terminal, log in to the etcd server:
ssh etcd1
Back up the etcd data:
ETCDCTL_API=3 etcdctl snapshot save /home/cloud_user/etcd_backup.db
–endpoints=https://etcd1:2379
–cacert=/home/cloud_user/etcd-certs/etcd-ca.pem
–cert=/home/cloud_user/etcd-certs/etcd-server.crt
–key=/home/cloud_user/etcd-certs/etcd-server.key
Restore the etcd Data from the Backup
Stop etcd:
sudo systemctl stop etcd
Delete the existing etcd data:
sudo rm -rf /var/lib/etcd
Restore etcd data from a backup:
sudo ETCDCTL_API=3 etcdctl snapshot restore /home/cloud_user/etcd_backup.db
–initial-cluster etcd-restore=https://etcd1:2380
–initial-advertise-peer-urls https://etcd1:2380
–name etcd-restore
–data-dir /var/lib/etcd
Set database ownership:
sudo chown -R etcd:etcd /var/lib/etcd
Start etcd:
sudo systemctl start etcd
Verify the system is working:
ETCDCTL_API=3 etcdctl get cluster.name
–endpoints=https://etcd1:2379
–cacert=/home/cloud_user/etcd-certs/etcd-ca.pem
–cert=/home/cloud_user/etcd-certs/etcd-server.crt
–key=/home/cloud_user/etcd-certs/etcd-server.key

Arun_1998 · April 12, 2026, 5:45pm

Backup:

ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key snapshot save /opt/snapshot-pre-boot.db

To view status

ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key snapshot status /opt/snapshot-pre-boot.db –write-out=table

Before restore , kindly follow below steps

mv /etc/kubernetes/manifests/kube-apiserver.yaml /tmp/

ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt
–cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key
–data-dir /var/lib/etcd-from-backup
snapshot restore /opt/snapshot-pre-boot.db

And edit etcd.yaml file

–data-dir /var/lib/etcd-from-backup

volumeMounts:

mountPath: /var/lib/etcd-from-backup
name: etcd-data
mountPath: /etc/kubernetes/pki/etcd
name: etcd-certs

volumes:

-hostPath:
path: /etc/kubernetes/pki/etcd
type: DirectoryOrCreate
name: etcd-certs

-hostPath:
path: /var/lib/etcd-from-backup
type: DirectoryOrCreate
name: etcd-data

mv /tmp/kube-apiserver.yaml /etc/kubernetes/manifests

sudo systemctl restart kubelet

Topic		Replies	Views
ETCD backup !ssues General Discussions	22	51147	June 19, 2023
ETCD - backup and restore management General Discussions	20	193468	January 3, 2023
Etcd back up and restore v1.20.2 General Discussions	2	2475	October 6, 2025
Backup etcd using docker General Discussions	0	3455	December 26, 2019
Backup etcd database via /proc/PID/root General Discussions	8	1982	February 3, 2022

Backup and Restore ETCD Database

Related topics