Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
15,562 Commits 15 Branches 491 Tags 148 MiB
Commit Graph

135 Commits

Author SHA1 Message Date
Joe Betz
1e213b7ab6 *: Add experimental-compaction-batch-limit flag 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-08-15 13:31:39 -07:00
Martin Weindel
149e5dc291 etcdserver: mark flag as experimental, add to changelog and configuration 2019-07-30 16:57:57 -04:00
Martin Weindel
03fd396610 pkg/transport: Improved description of flag peer-skip-client-san-verification 2019-07-30 16:57:57 -04:00
Martin Weindel
1b048c91ec etcdserver: Added configuration flag --peer-skip-client-verify=true 2019-07-30 16:57:57 -04:00
Gyuho Lee
a37f3441f5 etcdmain: add "--log-level" flag 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-07-29 15:43:19 -07:00
John Millikin
5824421f8b
etcdman, pkg: Rename new flags to 'hostname' 2019-07-10 09:30:02 +09:00
John Millikin
9a53601a18
etcdmain, pkg: Support peer and client TLS auth based on SAN fields. 
Etcd currently supports validating peers based on their TLS certificate's
CN field. The current best practice for creation and validation of TLS
certs is to use the Subject Alternative Name (SAN) fields instead, so that
a certificate might be issued with a unique CN and its logical
identities in the SANs.

This commit extends the peer validation logic to use Go's
`(*"crypto/x509".Certificate).ValidateHostname` function for name
validation, which allows SANs to be used for peer access control.

In addition, it allows name validation to be enabled on clients as well.
This is used when running Etcd behind an authenticating proxy, or as
an internal component in a larger system (like a Kubernetes master).
 2019-07-10 09:30:02 +09:00
Xiang Li
ea70731f53
Merge pull request #10762 from FrozenAndrey/fix#10747 
etcdmain: fix ignoring of ETCD_CONFIG_FILE env variable
 2019-06-07 21:32:35 -07:00
Jingyi Hu
e67b9829b6 *: enable lease checkpoint via experimental flag 
Primary lessor persist lease remainingTTL only if experimental flag
"--experimental-enable-lease-checkpoint" is set.
 2019-06-05 15:30:03 -07:00
Gyuho Lee
bdcecd1fc4
Merge pull request #10764 from jingyih/clarify_config_file_setting 
*: more clarification on when server config file is provided
 2019-05-28 16:23:19 -07:00
Gyuho Lee
34bd797e67 *: revert module import paths 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-05-28 15:39:35 -07:00
Jingyi Hu
5e9c424f1f *: more clarification on server config file 
Be more explicit in document and command line usage message that if a
config file is provided, other command line flags and environment
variables will be ignored.
 2019-05-27 22:54:14 -07:00
Andrey Abramov
14c5eaa7e1 etcdmain: improve readability 
Improve readability of ETCD_CONFIG_FILE env variable parsing part
by adding comments and using flags.FlagToEnv function.

Signed-off-by: Andrey Abramov <st5pub@yandex.ru>
 2019-05-26 09:54:26 +03:00
Andrey Abramov
6955331901 etcdmain: fix ignoring of ETCD_CONFIG_FILE env variable 
Fixes #10747

Signed-off-by: Andrey Abramov <st5pub@yandex.ru>
 2019-05-25 23:54:19 +03:00
rohitsardesai83
42a7ea6d33 etcd: Replace ghodss/yaml with sigs.k8s.io/yaml 
To remove the dependency on ghodss/yaml. Replaced this dependency with sigs.k8s.io/yaml.
This wil help to remove the ghodss/yaml dependency from main kubernetes repository.

xref: https://github.com/kubernetes/kubernetes/issues/77024
 2019-05-02 12:34:36 +05:30
shivaramr
9150bf52d6 go modules: Fix module path version to include version number 2019-04-26 15:29:50 -07:00
WizardCXY
e6c6d8492e *: add flag to let etcd use the new boltdb freelistType feature 2019-02-14 11:07:08 +08:00
Hitoshi Mitake
72dd4a18c5 *: add a new option --enable-grpc-gateway for enabling/disabling grpc gateway 2019-01-23 03:26:34 +09:00
Mark McLoughlin
fcc29894c2 config: multiple logging fixes 
First, don't panic with invalid --log-outputs. For example:

  $> ./bin/etcd --log-outputs foo
  2018-12-20 15:05:47.988652 C | embed: unknown log-output "foo" (only supports "default", "stderr", "stdout")
  panic: unknown log-output "foo" (only supports "default", "stderr", "stdout")

  goroutine 1 [running]:
  go.etcd.io/etcd/vendor/github.com/coreos/pkg/capnslog.(*PackageLogger).Panicf(0xc000294b00, 0x10fe067, 0x30, 0xc0001fa398, 0x4, 0x4)
        go.etcd.io/etcd/vendor/github.com/coreos/pkg/capnslog/pkg_logger.go:75 +0x161
  go.etcd.io/etcd/embed.(*Config).setupLogging(0xc000291400, 0xc0002a85b0, 0x1)
        go.etcd.io/etcd/embed/config_logging.go:120 +0x1939
  ...

Or:

 $> ./bin/etcd --log-outputs foo,default --logger zap
 panic: multi logoutput for "default" is not supported yet

 goroutine 1 [running]:
 go.etcd.io/etcd/embed.(*Config).setupLogging(0xc000314500, 0xc0001b2f70, 0x1)
        go.etcd.io/etcd/embed/config_logging.go:129 +0x2437
 go.etcd.io/etcd/embed.(*Config).Validate(0xc000314500, 0xc000268a98, 0x127e440)
        go.etcd.io/etcd/embed/config.go:543 +0x43

Second, don't exit in embed.setupLogging(). Before:

  $> ./bin/etcd --log-outputs foo,bar
  --logger=capnslog supports only 1 value in '--log-outputs', got ["bar" "foo"]

and after:

  $> ./bin/etcd --log-outputs foo,bar
  2018-12-20 15:10:24.317982 E | etcdmain: error verifying flags, --logger=capnslog supports only 1 value in '--log-outputs', got ["bar" "foo"]. See 'etcd --help'.

Third, remove duplicated unique strings code. UniqueStringsFromFlag()
is already available to return a sorted slice of values, so just use
that.

Lastly, fix a tiny logging typo in config.
 2019-01-17 15:09:26 -05:00
Xiang Li
3faed211e5 *: add flags to setup backend related config 2018-11-26 15:50:26 -08:00
Gyuho Lee
d37f1521b7 *: update import paths to "go.etcd.io/etcd" 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2018-08-28 17:47:55 -07:00
Gyuho Lee
abffe0d29a etcdmain: add "--cipher-suites" flag 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-06-05 12:54:34 -07:00
Gyuho Lee
892f7e02e0 etcdmain: rename "SnapshotCount" 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-05-18 14:39:31 -07:00
Jiang Xuan
bf432648ae *: make bcrypt-cost configurable 2018-05-03 11:43:32 -07:00
Joe LeGasse
7ea9059453 docs: Update documentation around --listen-metrics-urls 
The `--listen-metrics-urls` also responds to the `/health` endpoint, but
that was not made clear in the documentation. These updates should help
explain how else that flag can be used.
 2018-05-01 11:02:22 -04:00
Gyuho Lee
af5bc439b3 embed,etcdmain: rename to "--log-outputs" flag 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-04-25 13:20:26 -07:00
Gyuho Lee
f99cb35d29 embed: rename "LogOutput" to "LogOutputs" 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-04-25 10:28:13 -07:00
Gyuho Lee
85b7a59c56 etcdmain: add "--initial-election-tick-advance" 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-04-19 17:45:23 -07:00
Gyuho Lee
1974785511 etcdmain: accept multiple values in "--log-output" 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-04-17 12:47:06 -07:00
Gyuho Lee
041b9069a2 *: configure server logger 
- Add/Document "logger" to support structured logging.
  - This makes functional tests run easier, since zap logger
    provides built-in log redirect to files.
  - "etcd --logger-option=zap" to enable structured logging.
- Current "capnslog" will still be used as "default".
  - We may switch the default or deprecate "capnslog" in v3.5.
  - Either way, will clearly be documented.

Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-04-16 17:36:00 -07:00
Gyuho Lee
27ed129f44 etcdmain: update "CORS", "HostWhitelist" flag parsing 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-03-27 06:25:44 -07:00
Gyuho Lee
35b01b982c etcdmain: use NewUniqueURLsWithExceptions 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-03-27 06:25:44 -07:00
Gyuho Lee
940200f1ae etcdmain: move "unsafe" flags to bottom 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-03-23 19:44:24 -07:00
Gyuho Lee
82ef3f83f6 etcdmain: deprecate 'ca-file' and 'peer-ca-file' flags 
Has been deprecated since 2.1...

Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-03-20 15:31:32 -07:00
Gyuho Lee
a66e657cac *: update "pre-vote" flag 
Disabled by default, anyway.

Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-03-19 07:18:57 -07:00
Gyuho Lee
1640cdb044 pkg/flags: clean up, add "SelectiveStringsValue" 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-03-19 02:23:06 -07:00
Gyuho Lee
bec3d975e0 etcdmain: handle JSON "listen-metrics-urls" 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-03-15 01:24:53 -04:00
Gyuho Lee
4419661fb1 etcdmain: remove "listen-metrics-urls" manual parsing 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-03-15 01:23:33 -04:00
Gyuho Lee
79d3c93568 etcdmain: replace "--host-whitelist" with "flags.StringSlice" 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-03-14 21:38:20 -04:00
Gyuho Lee
b48d3eb380 etcdmain: add "--experimental-pre-vote" flag 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-03-06 09:56:32 -08:00
Gyuho Lee
9f0027dfb2 *: do not whitelist empty hosts 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-02-28 19:20:10 -08:00
Gyuho Lee
0179d81f22 etcdmain: add "--host-whitelist" flag 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-02-28 18:23:16 -08:00
Gyuho Lee
0850ccbf45 *: revert "internal/version" change 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-02-26 17:11:40 -08:00
Gyuho Lee
37546f74ab *: move "version" to "internal/version" 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-01-29 10:00:20 -08:00
Tavish Armstrong
b664b9176c pkg/srv, embed, etcdmain: Support multiple clusters in the same DNS discovery region. 2018-01-24 20:15:48 +00:00
Sahdev P. Zala
8a8aff198f Log: add information statement 
Adding information that when config file is used other command line flags
and env variables will be ignored. This changes are a follow up of a
disucssion under PR,
https://github.com/coreos/etcd/pull/9066
 2017-12-27 17:12:28 -05:00
Gyuho Lee
0133d77f0a etcdmain: display default --enable-v2, --strict-reconfig-check value ("true") 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2017-12-14 11:25:20 -08:00
Gyu-Ho Lee
3db5ad8d57 embed,etcdmain: add "--experimental-initial-corrupt-check" 
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
 2017-11-22 15:27:14 -08:00
dahefanteng
a4c407ece4 Documentation: change "key file" to "cert file" 
when refered "--trusted-ca-file",what we need provide should be a CA cert file,not the CA private key file.
 2017-11-20 00:44:32 -05:00
Gyu-Ho Lee
370ff6b670 etcdmain: do not embed structs (fix go vet warnings) 
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
 2017-11-08 14:20:52 -08:00