Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,155 Commits 15 Branches 491 Tags 148 MiB
Commit Graph

231 Commits

Author SHA1 Message Date
Sahdev P. Zala
d5ebbbceb8 pkg: file stat warning 
Provide warning and doc instead of enforcing file permission.
 2020-08-24 11:21:29 -04:00
Hitoshi Mitake
67bfc310f0 Documentation: note on data encryption 2020-07-13 09:50:30 -04:00
Xiang Li
b86bb615ff doc: add TLS related warnings 2020-06-24 16:39:35 -04:00
Gyuho Lee
e151faf3cc
Merge pull request #12040 from spzala/automated-cherry-pick-of-#11796-upstream-release-3.4 
Automated cherry pick of #11796
 2020-06-21 19:19:31 -07:00
Hitoshi Mitake
3d8e9a323d Documentation: note on the policy of insecure by default 2020-06-21 19:21:05 -04:00
Hitoshi Mitake
36f8dee003 Documentation: note on password strength 2020-06-21 19:08:39 -04:00
Joe Betz
1e213b7ab6 *: Add experimental-compaction-batch-limit flag 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-08-15 13:31:39 -07:00
Gyuho Lee
89e102365d Documentation/op-guide: update runtime configuration 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-08-08 09:25:29 -07:00
Martin Weindel
149e5dc291 etcdserver: mark flag as experimental, add to changelog and configuration 2019-07-30 16:57:57 -04:00
Gyuho Lee
abba5421f5 Documentation/op-guide: add "--log-level" flag 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-07-29 15:43:19 -07:00
Gyuho Lee
38128425b2 Documentation/op-guide: disable v2 by default 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-07-28 19:36:51 -05:00
John Millikin
5824421f8b
etcdman, pkg: Rename new flags to 'hostname' 2019-07-10 09:30:02 +09:00
John Millikin
9a53601a18
etcdmain, pkg: Support peer and client TLS auth based on SAN fields. 
Etcd currently supports validating peers based on their TLS certificate's
CN field. The current best practice for creation and validation of TLS
certs is to use the Subject Alternative Name (SAN) fields instead, so that
a certificate might be issued with a unique CN and its logical
identities in the SANs.

This commit extends the peer validation logic to use Go's
`(*"crypto/x509".Certificate).ValidateHostname` function for name
validation, which allows SANs to be used for peer access control.

In addition, it allows name validation to be enabled on clients as well.
This is used when running Etcd behind an authenticating proxy, or as
an internal component in a larger system (like a Kubernetes master).
 2019-07-10 09:30:02 +09:00
Clockworkai
c34de2aef4 Documentation: change etcdctl role remove to etcdctl role delete 
This is a document error. With running `etcdctl role --help`, we can find that it should be delete, not remove.

Fixes #10849
 2019-06-26 09:03:08 +08:00
Jingyi Hu
23511d21ec *: address comments 2019-05-28 18:50:13 -07:00
Jingyi Hu
cca8b0d44f Doc: add learner in runtime-configuration.md 2019-05-28 18:47:03 -07:00
Jingyi Hu
5e9c424f1f *: more clarification on server config file 
Be more explicit in document and command line usage message that if a
config file is provided, other command line flags and environment
variables will be ignored.
 2019-05-27 22:54:14 -07:00
paulfantom
886d30d223 Documentation: provide better user experience with autorefreshing grafana dashboard 2019-05-08 06:58:28 -04:00
Matteo Olivi
41a0d67b30 Documentation: add links to blog post on benchmarking disks with fio 
The documentation mentions fio as a tool to benchmark disks to assess
whether they are fast enough for etcd. But doing that is far from trivial,
because fio is very flexible and complex to use, and the user must make sure
that the workload fio generates mirrors the I/O workload of its etcd cluster
closely enough. This commit adds links to a blog post with an example of how
to do that.
 2019-04-27 13:13:11 -04:00
Sam Batschelet
9915d02022 *: Change gRPC proxy to expose etcd server endpoint /metrics 
This PR resolves an issue where the `/metrics` endpoints exposed by the proxy were not returning metrics of the etcd members servers but of the proxy itself.

Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
 2019-04-10 16:09:32 -04:00
Luc Perkins
a621d807f0
documentation: initial metadata additions for website generation (#10596) 
Signed-off-by: lucperkins <lucperkins@gmail.com>
 2019-04-01 13:57:24 -07:00
Sam Batschelet
122744c660 Documentation: update force-new-cluster flag usage for v3 
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
 2019-03-20 18:06:42 -04:00
X.C.Dong
1d764511f6
doc: fix member add usage 2019-03-18 14:47:41 +08:00
Xiang Li
4cd0bf8ea8
Merge pull request #10444 from WIZARD-CXY/nnboltdb 
*: add flag to let etcd use the new boltdb freelistType feature
 2019-02-14 13:16:56 +08:00
WizardCXY
e6c6d8492e *: add flag to let etcd use the new boltdb freelistType feature 2019-02-14 11:07:08 +08:00
Himanshu Pandey
6757a568e0 Documentation: Fixed --strict-reconfig-check#10462 2019-02-11 14:39:11 -08:00
Hitoshi Mitake
b1afe210e4 Documentation: describe the problem of CN based auth + grpcproxy 2019-01-25 00:43:57 +09:00
Xiang Li
25068dfc1e
Merge pull request #10244 from paskal/master 
Sync prometheus alerting rules with prometheus-operator version
 2019-01-20 21:07:32 -08:00
Sam Batschelet
a9a9466fb8 Documentation: document gRPC-gateway CN authentication support 
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
 2019-01-08 12:31:20 -05:00
Till Adam
9c6b407e7d Documentation: add missing ENV 2019-01-08 11:36:07 -05:00
Dmitry Verkhoturov
0929080834 doc: exclude 404 error because kubelet generating false positive 2018-12-17 11:57:12 +03:00
Dmitry Verkhoturov
830d064903 doc: convert etcd to lower-case everywhere 2018-12-17 11:57:12 +03:00
Dmitry Verkhoturov
358cc1a8fa doc: sync prometheus rules with prometheus-operator version 
(and remove non-etcd specific FdExhaustionClose)
https://github.com/coreos/prometheus-operator/blob/master/helm/exporter-kube-etcd/templates/etcd3.rules.yaml
sync etcd alert rules with libsonnet

Signed-off-by: Dmitry Verkhoturov <paskal.07@gmail.com>
 2018-12-17 11:57:12 +03:00
caoming
6744c57de3 embed: set log-outputs 'default' to 'stderr' config when zap mode 2018-12-06 09:33:51 +08:00
caoming
e4ac8db4ae Documentation/op-guide: fix typo. 2018-12-06 08:48:30 +08:00
Xiang Li
3faed211e5 *: add flags to setup backend related config 2018-11-26 15:50:26 -08:00
caiweidong
a8293e5815 Documentation: add ENV variable ETCD_CIPHER_SUITES description 
Fixes #10277
 2018-11-20 22:40:24 +08:00
mas9612
9ee41f699c doc: fix typo in documentation 2018-11-11 23:27:04 +09:00
imjoey
bece069329 doc: Fix starting etcd gateway command using DNS. 2018-10-31 10:28:35 +08:00
Joe Betz
1957d1cedf
Documentation: Document unix and unixs URL schemes 2018-10-09 14:42:56 -07:00
Atlas Kerr
952a4365ce Documentation: Annotate --logger flag 
This commit annotates the `--logger` flag to let users know that it is
not available in versions 3.3.x or later.
 2018-09-15 18:51:53 -05:00
Gyuho Lee
2fc06c8ec9 Documentation/op-guide: remove "dash.etcd.io" 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2018-09-06 17:58:54 -07:00
Gyuho Lee
e235cd3302 Documentation: update github links 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2018-08-29 14:28:00 -07:00
Frederic Branczyk
67ecea9709
Documentation/op-guide: Remove HTTP alerts 
The HTTP metrics have been deprecated and removed. In other places all
the HTTP related alerts have already been removed, this is just a clean
up of the remaining places these were left.
 2018-07-04 09:04:47 +02:00
Hitoshi Mitake
54e2511b25
Merge pull request #9883 from joelegasse/jwt 
auth: Support all JWT algorithms
 2018-06-27 17:12:56 +09:00
Joe LeGasse
a6ddb51c8a auth: Support all JWT algorithms 
This change adds support to etcd for all of the JWT algorithms included
in the underlying JWT library.
 2018-06-26 16:31:01 -04:00
John Morris
b51d4a3d06
clustering.md: SRV records in DNS SAN for TLS 
Using SRV discovery with TLS, the SRV record must be in the DNS SAN or clustering will fail.

This is a new requirement and may cause mysterious failures when upgrading from 3.1 to 3.2.  I was only able to fix this in our configuration after reading through #8445; and now I understand the problem it's clear the docs have a hole here.
 2018-06-26 11:51:58 -05:00
Gyuho Lee
009d05ae4f Documentation/op-guide: highlight db size metrics change 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-06-07 10:26:45 -07:00
Gyuho Lee
cf196fc4d8 Documentation/op-guide: promote db size metric in grafana.json 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-06-07 10:20:45 -07:00
Gyuho Lee
1a47c28504 Documentation/op-guide: document "--cipher-suites" 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-06-05 13:25:57 -07:00