d5ebbbceb8
pkg: file stat warning
...
Provide warning and doc instead of enforcing file permission.
2020-08-24 11:21:29 -04:00
67bfc310f0
Documentation: note on data encryption
2020-07-13 09:50:30 -04:00
b86bb615ff
doc: add TLS related warnings
2020-06-24 16:39:35 -04:00
e151faf3cc
Merge pull request #12040 from spzala/automated-cherry-pick-of-#11796-upstream-release-3.4
...
Automated cherry pick of #11796
2020-06-21 19:19:31 -07:00
3d8e9a323d
Documentation: note on the policy of insecure by default
2020-06-21 19:21:05 -04:00
36f8dee003
Documentation: note on password strength
2020-06-21 19:08:39 -04:00
1e213b7ab6
*: Add experimental-compaction-batch-limit flag
...
Signed-off-by: Gyuho Lee <leegyuho@amazon.com >
2019-08-15 13:31:39 -07:00
89e102365d
Documentation/op-guide: update runtime configuration
...
Signed-off-by: Gyuho Lee <leegyuho@amazon.com >
2019-08-08 09:25:29 -07:00
149e5dc291
etcdserver: mark flag as experimental, add to changelog and configuration
2019-07-30 16:57:57 -04:00
abba5421f5
Documentation/op-guide: add "--log-level" flag
...
Signed-off-by: Gyuho Lee <leegyuho@amazon.com >
2019-07-29 15:43:19 -07:00
38128425b2
Documentation/op-guide: disable v2 by default
...
Signed-off-by: Gyuho Lee <leegyuho@amazon.com >
2019-07-28 19:36:51 -05:00
5824421f8b
etcdman, pkg: Rename new flags to 'hostname'
2019-07-10 09:30:02 +09:00
9a53601a18
etcdmain, pkg: Support peer and client TLS auth based on SAN fields.
...
Etcd currently supports validating peers based on their TLS certificate's
CN field. The current best practice for creation and validation of TLS
certs is to use the Subject Alternative Name (SAN) fields instead, so that
a certificate might be issued with a unique CN and its logical
identities in the SANs.
This commit extends the peer validation logic to use Go's
`(*"crypto/x509".Certificate).ValidateHostname` function for name
validation, which allows SANs to be used for peer access control.
In addition, it allows name validation to be enabled on clients as well.
This is used when running Etcd behind an authenticating proxy, or as
an internal component in a larger system (like a Kubernetes master).
2019-07-10 09:30:02 +09:00
c34de2aef4
Documentation: change etcdctl role remove to etcdctl role delete
...
This is a document error. With running `etcdctl role --help`, we can find that it should be delete, not remove.
Fixes #10849
2019-06-26 09:03:08 +08:00
23511d21ec
*: address comments
2019-05-28 18:50:13 -07:00
cca8b0d44f
Doc: add learner in runtime-configuration.md
2019-05-28 18:47:03 -07:00
5e9c424f1f
*: more clarification on server config file
...
Be more explicit in document and command line usage message that if a
config file is provided, other command line flags and environment
variables will be ignored.
2019-05-27 22:54:14 -07:00
886d30d223
Documentation: provide better user experience with autorefreshing grafana dashboard
2019-05-08 06:58:28 -04:00
41a0d67b30
Documentation: add links to blog post on benchmarking disks with fio
...
The documentation mentions fio as a tool to benchmark disks to assess
whether they are fast enough for etcd. But doing that is far from trivial,
because fio is very flexible and complex to use, and the user must make sure
that the workload fio generates mirrors the I/O workload of its etcd cluster
closely enough. This commit adds links to a blog post with an example of how
to do that.
2019-04-27 13:13:11 -04:00
9915d02022
*: Change gRPC proxy to expose etcd server endpoint /metrics
...
This PR resolves an issue where the `/metrics` endpoints exposed by the proxy were not returning metrics of the etcd members servers but of the proxy itself.
Signed-off-by: Sam Batschelet <sbatsche@redhat.com >
2019-04-10 16:09:32 -04:00
a621d807f0
documentation: initial metadata additions for website generation ( #10596 )
...
Signed-off-by: lucperkins <lucperkins@gmail.com >
2019-04-01 13:57:24 -07:00
122744c660
Documentation: update force-new-cluster flag usage for v3
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com >
2019-03-20 18:06:42 -04:00
1d764511f6
doc: fix member add usage
2019-03-18 14:47:41 +08:00
4cd0bf8ea8
Merge pull request #10444 from WIZARD-CXY/nnboltdb
...
*: add flag to let etcd use the new boltdb freelistType feature
2019-02-14 13:16:56 +08:00
e6c6d8492e
*: add flag to let etcd use the new boltdb freelistType feature
2019-02-14 11:07:08 +08:00
6757a568e0
Documentation: Fixed --strict-reconfig-check#10462
2019-02-11 14:39:11 -08:00
b1afe210e4
Documentation: describe the problem of CN based auth + grpcproxy
2019-01-25 00:43:57 +09:00
25068dfc1e
Merge pull request #10244 from paskal/master
...
Sync prometheus alerting rules with prometheus-operator version
2019-01-20 21:07:32 -08:00
a9a9466fb8
Documentation: document gRPC-gateway CN authentication support
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com >
2019-01-08 12:31:20 -05:00
9c6b407e7d
Documentation: add missing ENV
2019-01-08 11:36:07 -05:00
0929080834
doc: exclude 404 error because kubelet generating false positive
2018-12-17 11:57:12 +03:00
830d064903
doc: convert etcd to lower-case everywhere
2018-12-17 11:57:12 +03:00
358cc1a8fa
doc: sync prometheus rules with prometheus-operator version
...
(and remove non-etcd specific FdExhaustionClose)
https://github.com/coreos/prometheus-operator/blob/master/helm/exporter-kube-etcd/templates/etcd3.rules.yaml
sync etcd alert rules with libsonnet
Signed-off-by: Dmitry Verkhoturov <paskal.07@gmail.com >
2018-12-17 11:57:12 +03:00
6744c57de3
embed: set log-outputs 'default' to 'stderr' config when zap mode
2018-12-06 09:33:51 +08:00
e4ac8db4ae
Documentation/op-guide: fix typo.
2018-12-06 08:48:30 +08:00
3faed211e5
*: add flags to setup backend related config
2018-11-26 15:50:26 -08:00
a8293e5815
Documentation: add ENV variable ETCD_CIPHER_SUITES description
...
Fixes #10277
2018-11-20 22:40:24 +08:00
9ee41f699c
doc: fix typo in documentation
2018-11-11 23:27:04 +09:00
bece069329
doc: Fix starting etcd gateway command using DNS.
2018-10-31 10:28:35 +08:00
1957d1cedf
Documentation: Document unix and unixs URL schemes
2018-10-09 14:42:56 -07:00
952a4365ce
Documentation: Annotate --logger flag
...
This commit annotates the `--logger` flag to let users know that it is
not available in versions 3.3.x or later.
2018-09-15 18:51:53 -05:00
2fc06c8ec9
Documentation/op-guide: remove "dash.etcd.io"
...
Signed-off-by: Gyuho Lee <leegyuho@amazon.com >
2018-09-06 17:58:54 -07:00
e235cd3302
Documentation: update github links
...
Signed-off-by: Gyuho Lee <leegyuho@amazon.com >
2018-08-29 14:28:00 -07:00
67ecea9709
Documentation/op-guide: Remove HTTP alerts
...
The HTTP metrics have been deprecated and removed. In other places all
the HTTP related alerts have already been removed, this is just a clean
up of the remaining places these were left.
2018-07-04 09:04:47 +02:00
54e2511b25
Merge pull request #9883 from joelegasse/jwt
...
auth: Support all JWT algorithms
2018-06-27 17:12:56 +09:00
a6ddb51c8a
auth: Support all JWT algorithms
...
This change adds support to etcd for all of the JWT algorithms included
in the underlying JWT library.
2018-06-26 16:31:01 -04:00
b51d4a3d06
clustering.md: SRV records in DNS SAN for TLS
...
Using SRV discovery with TLS, the SRV record must be in the DNS SAN or clustering will fail.
This is a new requirement and may cause mysterious failures when upgrading from 3.1 to 3.2. I was only able to fix this in our configuration after reading through #8445 ; and now I understand the problem it's clear the docs have a hole here.
2018-06-26 11:51:58 -05:00
009d05ae4f
Documentation/op-guide: highlight db size metrics change
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com >
2018-06-07 10:26:45 -07:00
cf196fc4d8
Documentation/op-guide: promote db size metric in grafana.json
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com >
2018-06-07 10:20:45 -07:00
1a47c28504
Documentation/op-guide: document "--cipher-suites"
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com >
2018-06-05 13:25:57 -07:00
