Usually you need to get etcdctl by yourself. Just download the latest etcdctl archive from etcd releases page.

Also, starting from Kubernetes version 1.6 it uses etcd version 3, so to get a list of all keys is:

ETCDCTL_API=3 etcdctl --endpoints=<etcd_ip>:2379 get / --prefix --keys-only

You can find all etcdctl v3 actions using:

ETCDCTL_API=3 etcdctl --endpoints=<etcd_ip>:2379 --help

EDIT (thanks to @leodotcloud):

In case ETCD is configured with TLS certificates support:

ETCDCTL_API=3 etcdctl --endpoints <etcd_ip>:2379 --cacert <ca_cert_path> --cert <cert_path> --key <cert_key_path> get / --prefix --keys-only

Access the docker container, and run the following commmand:

ETCDCTL_API=3 etcdctl --endpoints 127.0.0.1:2379 --cacert /etc/kubernetes/pki/etcd/ca.crt --cert /etc/kubernetes/pki/etcd/server.crt --key /etc/kubernetes/pki/etcd/server.key get / --prefix --keys-only

For Minikube

(v1.17.0)
You can see the arguments exploring the pod: kubectl describe pod -n kube-system etcd-PODNAME |lessHere you can see the certificates path and much more.

To fastly query your etcd dictionary you can use this alias:

alias etcdctl_mini="MY_IP=$(hostname -I |awk '{print $1}'|tr -d ' '); \    ETCDCTL_API=3; \    sudo -E etcdctl --endpoints ${MY_IP}:2379 \    --cacert='/var/lib/minikube/certs/etcd/ca.crt' \    --cert='/var/lib/minikube/certs/etcd/peer.crt' \    --key='/var/lib/minikube/certs/etcd/peer.key'"

$ etcdctl_mini put foo bar