From 14ed8e97199ccbd3f68b642271f98154b9b8c78e Mon Sep 17 00:00:00 2001 From: Brandon Philips Date: Sun, 11 Aug 2013 10:49:26 -0700 Subject: [PATCH 1/3] fix(README): use fixture certs --- README.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 138a6e0f0..4a2399523 100644 --- a/README.md +++ b/README.md @@ -243,10 +243,12 @@ First, you need to have a CA cert `clientCA.crt` and signed key pair `client.crt http://www.g-loaded.eu/2005/11/10/be-your-own-ca/ ``` +For testing you can use the certificates in the `fixtures/ca` directory. + Next, lets configure etcd to use this keypair: ```sh -./etcd -clientCert client.crt -clientKey client.key -f +./etcd -n node0 -d node0 -clientCert=./fixtures/ca/server.crt -clientKey=./fixtures/ca/server.key.insecure -f ``` `-f` forces new node configuration if existing configuration is found (WARNING: data loss!) @@ -255,7 +257,7 @@ Next, lets configure etcd to use this keypair: You can now test the configuration using https: ```sh -curl -L https://127.0.0.1:4001/v1/keys/foo -d value=bar -v -cacert clientCA.crt +curl --cacert fixtures/ca/ca.crt https://127.0.0.1:4001/v1/keys/foo -F value=bar ``` You should be able to see the handshake succeed. @@ -277,7 +279,7 @@ And also the response from the etcd server. We can also do authentication using CA certs. The clients will provide their cert to the server and the server will check whether the cert is signed by the CA and decide whether to serve the request. ```sh -./etcd -clientCert client.crt -clientKey client.key -clientCAFile clientCA.crt -f +./etcd -n node0 -d node0 -clientCAFile=./fixtures/ca/ca.crt -clientCert=./fixtures/ca/server.crt -clientKey=./fixtures/ca/server.key.insecure -f ``` ```-clientCAFile``` is the path to the CA cert. @@ -285,7 +287,7 @@ We can also do authentication using CA certs. The clients will provide their cer Try the same request to this server: ```sh -curl -L https://127.0.0.1:4001/v1/keys/foo -d value=bar -v -cacert clientCA.crt +curl --cacert fixtures/ca/ca.crt https://127.0.0.1:4001/v1/keys/foo -F value=bar ``` The request should be rejected by the server. From f8e68ba272acb740405c2f6b66bf4ae73e1d1e56 Mon Sep 17 00:00:00 2001 From: Brandon Philips Date: Sun, 11 Aug 2013 11:08:09 -0700 Subject: [PATCH 2/3] feat(README): at a versioning section --- README.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/README.md b/README.md index 4a2399523..eedda8d37 100644 --- a/README.md +++ b/README.md @@ -449,3 +449,21 @@ If you are using SSL for server to server communication, you must use it on all **Chef Cookbook** - [spheromak/etcd-cookbook](https://github.com/spheromak/etcd-cookbook) + +## Project Details + +### Versioning + +etcd uses [semantic versioning][semver]. +When we release v1.0.0 of etcd we will promise not to break the "v1" REST API. +New minor versions may add additional features to the API however. + +You can get the version of etcd by requesting the root path of etcd: + +```sh +curl -L http://127.0.0.1:4001 +``` + +During the v0 series of releases we may break the API as we fix bugs and get feedback. + +[semver]: http://semver.org/ From d8a05f1766c4efb770afa101b0493533b18c4ef4 Mon Sep 17 00:00:00 2001 From: Brandon Philips Date: Sun, 11 Aug 2013 11:15:07 -0700 Subject: [PATCH 3/3] feat(README): add note about the license --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index eedda8d37..8cb9b4e88 100644 --- a/README.md +++ b/README.md @@ -467,3 +467,9 @@ curl -L http://127.0.0.1:4001 During the v0 series of releases we may break the API as we fix bugs and get feedback. [semver]: http://semver.org/ + +### License + +etcd is under the Apache 2.0 license. See the [LICENSE][license] file for details. + +[license]: https://github.com/coreos/etcd/blob/master/LICENSE