RKE/RKE2 配置使用 etcdctl

etcdctl 工具需要配置 Endpoint 和证书路径才能正常使用,在此提供 RKE/RKE2 快速配置方法。

RKE

RKE 可以直接在 etcd 容器里使用:

1
2
3
4
5
6
7
8
9
10
11
12
# etcd 容器内部默认会带 etcdctl 常用变量
# ETCDCTL_API=3
# ETCDCTL_ENDPOINTS="https://127.0.0.1:2379"
# ETCDCTL_CACERT="/etc/kubernetes/ssl/kube-ca.pem"
# ETCDCTL_CERT="/etc/kubernetes/ssl/kube-etcd-172-16-16-143.pem"
# ETCDCTL_KEY="/etc/kubernetes/ssl/kube-etcd-172-16-16-143-key.pem"
root@docker-test-1:~# docker exec -it etcd etcdctl member list -w table
+------------------+---------+--------------------+----------------------------+----------------------------+------------+
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS | IS LEARNER |
+------------------+---------+--------------------+----------------------------+----------------------------+------------+
| bad772e39a877329 | started | etcd-docker-test-1 | https://172.16.16.143:2380 | https://172.16.16.143:2379 | false |
+------------------+---------+--------------------+----------------------------+----------------------------+------------+

要查看 ETCT 集群状态,需要带上所有 Endpoints:

1
root@docker-test-1:~# docker exec -it -e ETCDCTL_ENDPOINTS="https://172.16.16.143:2379,xxx,yyy" etcd etcdctl member list -w table

RKE2

获取 etcdctl 工具:

1
cp "$(find / -name etcdctl 2>/dev/null | grep -v snapshot | head -n1)" /usr/local/bin/

配置环境变量:

1
2
3
4
5
# export ETCDCTL_API=3
export ETCDCTL_ENDPOINTS=https://172.16.16.120:2379,https://172.16.16.121:2379,https://172.16.16.122:2379
export ETCDCTL_CACERT=/var/lib/rancher/rke2/server/tls/etcd/server-ca.crt
export ETCDCTL_CERT=/var/lib/rancher/rke2/server/tls/etcd/server-client.crt
export ETCDCTL_KEY=/var/lib/rancher/rke2/server/tls/etcd/server-client.key

测试是否可以使用:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
root@rke2-cilium-01:~# etcdctl member list -w table
+------------------+---------+-------------------------+----------------------------+----------------------------+------------+
| ID | STATUS | NAME | PEER ADDRS | CLIENT ADDRS | IS LEARNER |
+------------------+---------+-------------------------+----------------------------+----------------------------+------------+
| 5c60194b69e150d6 | started | rke2-cilium-02-63233fb4 | https://172.16.16.121:2380 | https://172.16.16.121:2379 | false |
| 8af47ddd59a4380d | started | rke2-cilium-01-e49ea9cb | https://172.16.16.120:2380 | https://172.16.16.120:2379 | false |
| c5794547c5d8917b | started | rke2-cilium-03-0769aade | https://172.16.16.122:2380 | https://172.16.16.122:2379 | false |
+------------------+---------+-------------------------+----------------------------+----------------------------+------------+

root@rke2-cilium-01:~# etcdctl endpoint status -w table
+----------------------------+------------------+---------+-----------------+---------+--------+-----------------------+--------+-----------+------------+-----------+------------+--------------------+--------+--------------------------+-------------------+
| ENDPOINT | ID | VERSION | STORAGE VERSION | DB SIZE | IN USE | PERCENTAGE NOT IN USE | QUOTA | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS | DOWNGRADE TARGET VERSION | DOWNGRADE ENABLED |
+----------------------------+------------------+---------+-----------------+---------+--------+-----------------------+--------+-----------+------------+-----------+------------+--------------------+--------+--------------------------+-------------------+
| https://172.16.16.120:2379 | 8af47ddd59a4380d | 3.6.7 | 3.6.0 | 38 MB | 35 MB | 8% | 2.1 GB | false | false | 41 | 223676864 | 223676864 | | | false |
| https://172.16.16.121:2379 | 5c60194b69e150d6 | 3.6.7 | 3.6.0 | 38 MB | 35 MB | 8% | 2.1 GB | true | false | 41 | 223676864 | 223676864 | | | false |
| https://172.16.16.122:2379 | c5794547c5d8917b | 3.6.7 | 3.6.0 | 38 MB | 35 MB | 8% | 2.1 GB | false | false | 41 | 223676864 | 223676864 | | | false |
+----------------------------+------------------+---------+-----------------+---------+--------+-----------------------+--------+-----------+------------+-----------+------------+--------------------+--------+--------------------------+-------------------+
Author

Warner Chen

Posted on

2025-07-29

Updated on

2026-06-24

Licensed under

You need to set install_url to use ShareThis. Please set it in _config.yml.
You forgot to set the business or currency_code for Paypal. Please set it in _config.yml.

Comments

You forgot to set the shortname for Disqus. Please set it in _config.yml.
You need to set client_id and slot_id to show this AD unit. Please set it in _config.yml.