Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,634 Commits 15 Branches 491 Tags 148 MiB
Commit Graph

499 Commits

Author SHA1 Message Date
Ivan Valdes
8578e07117
server: disable redirects in peer communication 
Disable following redirects from peer HTTP communication on the client's side.
Etcd server may run into SSRF (Server-side request forgery) when adding a new
member. If users provide a malicious peer URL, the existing etcd members may be
redirected to another unexpected internal URL when getting the new member's
version.

Signed-off-by: Ivan Valdes <ivan@vald.es>
 2023-12-04 13:53:28 -08:00
Marek Siarkowicz
bc697bc26e Revert "Switch to validating v3 when v2 and v3 are synchronized" 
This reverts commit 4fe46f92030e4381e6f9bf95adbb22a08282d297.

Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-12-03 18:12:09 +01:00
Marek Siarkowicz
03d551243b
Merge pull request #17015 from serathius/extract-membership-applier 
Extract membership applier
 2023-11-27 19:59:21 +01:00
Marek Siarkowicz
62b772c321
Merge pull request #17021 from serathius/test-applyconfstate 
Test ApplyConfState after restart
 2023-11-27 13:19:50 +01:00
Marek Siarkowicz
fbdf65f101 Test v3 storage configuration validation 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-11-27 12:00:47 +01:00
Benjamin Wang
e1d79097d5
Merge pull request #17017 from serathius/switch-validation-v3 
Switch to validating v3 when v2 and v3 are synchronized
 2023-11-27 10:50:14 +00:00
Marek Siarkowicz
e192a05193 Test ApplyConfState after restart 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-11-26 17:40:28 +01:00
Benjamin Wang
a97052acf4 remove unused method and functions 
Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
 2023-11-25 16:16:52 +00:00
Marek Siarkowicz
4fe46f9203 Switch to validating v3 when v2 and v3 are synchronized 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-11-24 17:46:33 +01:00
Marek Siarkowicz
2ad21558ac Remove shouldApplyV3 from the v3 applier 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-11-24 16:13:25 +01:00
Marek Siarkowicz
d22c00ccee Extract membership applier 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-11-24 15:57:15 +01:00
Marek Siarkowicz
7fdb33065d Move duplicated shouldApplyV3 logic up into apply method 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-11-24 10:21:14 +01:00
Marek Siarkowicz
093666f450 Cleanup v2 applier 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-11-23 15:41:13 +01:00
Marek Siarkowicz
c72ff1e69c Remove syncing the v2 store TTLs 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-11-23 14:55:01 +01:00
Marek Siarkowicz
ed3375e076 Remove v2 apply logic 
v2 store is no longer available in v3.6.
We can remove apply logic for it as they will never be used.

Only v2 PUT is neeeded as it applies to v3 storage and etcd v3.5 uses it for setting member
attributes and cluster version.

Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-11-23 14:13:07 +01:00
Marek Siarkowicz
28d9564962
Merge pull request #16994 from serathius/tests-v2-cluster-version 
Add tests for setting cluster version using v2 request
 2023-11-22 21:11:18 +01:00
Marek Siarkowicz
2f30760b37 Add tests for setting cluster version using v2 request 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-11-22 18:05:19 +01:00
Marek Siarkowicz
29dd025b84 Stop using v2 requests in server tests 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-11-22 14:41:53 +01:00
Benjamin Wang
fd0882b67e
Merge pull request #16984 from siyuanfoundation/lin-read 
etcdserver: add linearizable_read check to readyz.
 2023-11-21 19:51:12 +00:00
Siyuan Zhang
12b640523a etcdserver: add linearizable_read check to readyz. 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
 2023-11-21 11:13:20 -08:00
Benjamin Wang
ec6147cd04
Merge pull request #16967 from serathius/remove-v2-proposals 
Remove v2 proposals code
 2023-11-21 15:35:51 +00:00
James Blair
3b37afec7b
Don't follow redirects when checking peer urls. 
It's possible that etcd server may run into SSRF situation when adding a new member. If users provide a malicious peer URL, the existing etcd members may be redirected to other unexpected internal URL when getting the new member's version.

Signed-off-by: James Blair <mail@jamesblair.net>
 2023-11-21 10:25:20 +13:00
Marek Siarkowicz
dd7a4d28a8 Remove code used to make v2 proposals 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-11-19 22:39:33 +01:00
Marek Siarkowicz
b4fd31f254 Remove code for setting cluster version via V2 API 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-11-19 15:28:52 +01:00
Siyuan Zhang
3897103b77 etcdserver: add metric counters for livez/readyz health checks. 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
 2023-11-14 09:26:00 -08:00
Tessa Pham
2b7e1c6f82 fix scripts 
Signed-off-by: Tessa Pham <hpham111@bloomberg.net>
 2023-11-08 00:27:13 -06:00
Chao Chen
8a6c1335e2 v3rpc: run health notifier to listen on online defrag state change 
Signed-off-by: Chao Chen <chaochn@amazon.com>
 2023-10-28 17:49:24 -07:00
Chao Chen
ea035471ce online defrag notifies gRPC health server to expose NOT_SERVING status 
Signed-off-by: Chao Chen <chaochn@amazon.com>
 2023-10-25 08:58:33 -07:00
Benjamin Wang
34382006db test: implement method ForgetLeader for struct nodeRecorder 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-10-24 10:19:13 +01:00
Chao Chen
1324f03254 add existing http health check handler e2e test 
Signed-off-by: Chao Chen <chaochn@amazon.com>
 2023-10-18 12:42:23 -07:00
Wei Fu
aea1cd0077 feat: enable unparam lint 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-10-17 21:24:13 +08:00
Siyuan Zhang
7a57e06eca etcdserver: add livez and ready http endpoints for etcd. 
Add two separate probes, one for liveness and one for readiness. The liveness probe would check that the local individual node is up and running, or else restart the node, while the readiness probe would check that the cluster is ready to serve traffic. This would make etcd health-check fully Kubernetes API complient.

Signed-off-by: Siyuan Zhang <sizhang@google.com>
 2023-10-14 22:32:16 -07:00
Eng Zer Jun
867faa1924
etcdserver: remove redundant len check in health check 
From the Go specification [1]:

  "1. For a nil slice, the number of iterations is 0."

`len` returns 0 if the slice or map is nil [2]. Therefore, checking
`len(v) > 0` around a loop is unnecessary.

[1]: https://go.dev/ref/spec#For_range
[2]: https://pkg.go.dev/builtin#len

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2023-10-13 18:39:38 +08:00
Chao Chen
c25f1dff82 http health check bug fixes 
Signed-off-by: Chao Chen <chaochn@amazon.com>
 2023-10-12 16:59:34 -07:00
Geeta Gharpure
70a3205506 fix broken unit test in server_test.go 
Signed-off-by: Geeta Gharpure <geetagh@amazon.com>
 2023-09-28 20:07:06 +01:00
Benjamin Wang
9c9804399e do not update RaftCluster.members and RaftCluster.removed if the v3store is ahead of the current replayed WAL entry index 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-09-28 20:06:12 +01:00
Benjamin Wang
628b45c099 test: add a test case to verify consistent memberlist on bootstrap 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-09-28 20:04:47 +01:00
Wei Fu
4704a5af3a *: fix unused issue 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-09-25 19:37:18 +08:00
Wei Fu
896d161d16 *: fix stylecheck linter 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-09-25 19:14:01 +08:00
Wei Fu
07effc4d0a *: fix revive linter 
Remove old revive_pass in the bash scripts and migirate the revive.toml
into golangci linter_settings.

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-09-24 14:21:11 +08:00
Wei Fu
aa97484166 *: enable goimports in verify-lint 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-09-21 21:14:09 +08:00
Wei Fu
9c3edfa0af *: fix staticcheck lint 
Changed TraceKey/StartTimeKey/TokenFieldNameGRPCKey to struct{} to
follow the correct usage of context. Similar patch to #8901.

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-09-21 11:24:26 +08:00
Wei Fu
5e3910d96c *: fix govet-shadow lint 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-09-19 20:24:01 +08:00
Benjamin Wang
189f709a5d Apply patches on the generated *.pb.gw.go files to convert v1 messages to v2 messages 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-09-18 11:22:16 +01:00
Benjamin Wang
4ec581a6a3 re-generate all the *.pb.gw.go files 
Run ./scripts/genproto.sh

Signed-off-by: Benjamin Wang <wachao@vmware.com>
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-09-18 11:22:15 +01:00
Wei Fu
522b698928 upgrade grpc-gateway from v1 to v2 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-09-18 11:22:15 +01:00
Benjamin Wang
700411d838
Merge pull request #16601 from fuweid/fix-nakedret-lint 
*: fix nakedret lint
 2023-09-18 10:00:25 +01:00
Wei Fu
e72c2c40d4 *: fix nakedret lint 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-09-17 23:52:41 +08:00
chenyahui
c0aa3b613b Use any instead of interface{} 
Signed-off-by: chenyahui <cyhone@qq.com>
 2023-09-17 17:41:58 +08:00
Marek Siarkowicz
76cbfd3644 Use test cases from TestCheckTxn to test Put and Range 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-09-01 20:33:41 +02:00