A good practice is to dump all the service that run into some yaml
kubectl get all --namespaces -o yaml > all-deploy-services.yaml
this is only for a few ressrouce group they are many other ressources groups
a tools like VELERO can do it for you
inside de etcd.service file there si the data path where all data are save on each master node
you can do a snapchot
export ETCDCTL_API=3
etcdcl snapshot save snapshot.db
etcdcl snapshot status snapshot.db
# exemple
etcdctl snapshot save /opt/snapshot-pre-boot.db --endpoints=https://127.0.0.1:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key
service kube-apiserver stop
etcdcl snapshot restore snapshot.db --data-dir /var/lib/etcd-from-backup
# exemple
ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt \
--name=master \
--cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key \
--data-dir /var/lib/etcd-from-backup \
--initial-cluster=master=https://127.0.0.1:2380 \
--initial-cluster-token etcd-cluster-1 \
--initial-advertise-peer-urls=https://127.0.0.1:2380 \
snapshot restore /opt/snapshot-pre-boot.db
update the line --data-dir with the new path
dont forget to change
the all the line with the previous data path to the new data path
systemctl daemon-reload
service etcd restart
service kube-apiserver start
for all the etcd command don't forget to specify the endpoint the cert and the key
--endpoints=https://127.0.0.1:2379
--cacert=/etc/etcd/ca/crt
--cert=/etc/etcd/etcd-server.crt
--key=/etc/etcd/etcd-server.key
you can see the api version
etcdctl --version