Exec into the etcd container export CRI_CONFIG_FILE=/var/lib/rancher/rke2/agent/etc/crictl.yaml
etcdcontainer=$( /var/lib/rancher/rke2/bin/crictl ps --label io.kubernetes.container.name=etcd --quiet) exec -it $etcdcontainer sh -c " ETCDCTL_ENDPOINTS='https://127.0.0.1:2379' ETCDCTL_CACERT='/var/lib/rancher/rke2/server/tls/etcd/server-ca.crt' ETCDCTL_CERT='/var/lib/rancher/rke2/server/tls/etcd/server-client.crt' ETCDCTL_KEY='/var/lib/rancher/rke2/server/tls/etcd/server-client.key' ETCDCTL_API=3 bash" for key in ` etcdctl get --prefix --keys-only /` do
size=` etcdctl get $key --print-value-only | wc -c` ` etcdctl get $key --write-out=fields | grep \" Count\" | cut -f2 -d' :' ` if [ $count -ne 0 ]; then
versions=` etcdctl get $key --write-out=fields | grep \" Version\" | cut -f2 -d' :' ` else
versions=0
fi
total=$(( $size * $versions )) echo $total $size $versions $count $key >> /tmp/etcdkeys.txt
done Optional: only specific object, eg: secrets for key in ` etcdctl get --prefix --keys-only /registry/secrets` do
size=` etcdctl get $key --print-value-only | wc -c` ` etcdctl get $key --write-out=fields | grep \" Count\" | cut -f2 -d' :' ` if [ $count -ne 0 ]; then
versions=` etcdctl get $key --write-out=fields | grep \" Version\" | cut -f2 -d' :' ` else
versions=0
fi
total=$(( $size * $versions )) echo $total $size $versions $count $key >> /tmp/etcdkeys-secrets.txt
done sort -n /tmp/etcdkeys.txt docker cp etcd:/tmp/etcdkeys.txt . kubectl cp -n kube-system < etcd pod name> :/tmp/etcdkeys.txt ./etcdkeys.txt 
Thanks, I'll take a look into this approach 👍
Correct, I mistakenly conflated this gist with another one-liner to gather the object counts:
Note the
cattle.ioportion is just to split out the different CRDs we work with.