README
¶
etcd
Note: The main
branch may be in an unstable or even broken state during development. For stable versions, see releases.
etcd is a distributed reliable key-value store for the most critical data of a distributed system, with a focus on being:
- Simple: well-defined, user-facing API (gRPC)
- Secure: automatic TLS with optional client cert authentication
- Fast: benchmarked 10,000 writes/sec
- Reliable: properly distributed using Raft
etcd is written in Go and uses the Raft consensus algorithm to manage a highly-available replicated log.
etcd is used in production by many companies, and the development team stands behind it in critical deployment scenarios, where etcd is frequently teamed with applications such as Kubernetes, locksmith, vulcand, Doorman, and many others. Reliability is further ensured by rigorous robustness testing.
See etcdctl for a simple command line client.
Original image credited to xkcd.com/2347, alterations by Josh Berkus.
Maintainers
Maintainers strive to shape an inclusive open source project culture where users are heard and contributors feel respected and empowered. Maintainers aim to build productive relationships across different companies and disciplines. Read more about Maintainers role and responsibilities.
Getting started
Getting etcd
The easiest way to get etcd is to use one of the pre-built release binaries which are available for OSX, Linux, Windows, and Docker on the release page.
For more installation guides, please check out play.etcd.io and operating etcd.
Running etcd
First start a single-member cluster of etcd.
If etcd is installed using the pre-built release binaries, run it from the installation location as below:
/tmp/etcd-download-test/etcd
The etcd command can be simply run as such if it is moved to the system path as below:
mv /tmp/etcd-download-test/etcd /usr/local/bin/
etcd
This will bring up etcd listening on port 2379 for client communication and on port 2380 for server-to-server communication.
Next, let's set a single key, and then retrieve it:
etcdctl put mykey "this is awesome"
etcdctl get mykey
etcd is now running and serving client requests. For more, please check out:
etcd TCP ports
The official etcd ports are 2379 for client requests, and 2380 for peer communication.
Running a local etcd cluster
First install goreman, which manages Procfile-based applications.
Our Procfile script will set up a local example cluster. Start it with:
goreman start
This will bring up 3 etcd members infra1
, infra2
and infra3
and optionally etcd grpc-proxy
, which runs locally and composes a cluster.
Every cluster member and proxy accepts key value reads and key value writes.
Follow the comments in Procfile script to add a learner node to the cluster.
Install etcd client v3
go get go.etcd.io/etcd/client/v3
Next steps
Now it's time to dig into the full etcd API and other guides.
- Read the full documentation.
- Review etcd frequently asked questions.
- Explore the full gRPC API.
- Set up a multi-machine cluster.
- Learn the config format, env variables and flags.
- Find language bindings and tools.
- Use TLS to secure an etcd cluster.
- Tune etcd.
Contact
- Email: etcd-dev
- Slack: #sig-etcd channel on Kubernetes (get an invite)
- Community meetings
Community meetings
etcd contributors and maintainers meet every week at 11:00 AM (USA Pacific) on Thursday and meetings alternate between community meetings and issue triage meetings. An initial agenda will be posted to the shared Google docs a day before each meeting, and everyone is welcome to suggest additional topics or other agendas.
Issue triage meetings are aimed at getting through our backlog of PRs and Issues. Triage meetings are open to any contributor; you don't have to be a reviewer or approver to help out! They can also be a good way to get started contributing.
Meeting recordings are uploaded to official etcd YouTube channel.
Get calendar invitation by joining etcd-dev mailing group.
Join CNCF-funded Zoom channel: zoom.us/my/cncfetcdproject
Contributing
See CONTRIBUTING for details on setting up your development environment, submitting patches and the contribution workflow.
Please refer to community-membership.md for information on becoming an etcd project member. We welcome and look forward to your contributions to the project!
Please also refer to roadmap to get more details on the priorities for the next few major or minor releases.
Reporting bugs
See reporting bugs for details about reporting any issues. Before opening an issue please check it is not covered in our frequently asked questions.
Reporting a security vulnerability
See security disclosure and release process for details on how to report a security vulnerability and how the etcd team manages it.
Issue and PR management
See issue triage guidelines for details on how issues are managed.
See PR management for guidelines on how pull requests are managed.
etcd Emeritus Maintainers
These emeritus maintainers dedicated a part of their career to etcd and reviewed code, triaged bugs and pushed the project forward over a substantial period of time. Their contribution is greatly appreciated.
- Fanmin Shi
- Anthony Romano
- Brandon Philips
- Joe Betz
- Gyuho Lee
- Jingyi Hu
- Xiang Li
- Ben Darnell
- Sam Batschelet
License
etcd is under the Apache 2.0 license. See the LICENSE file for details.
Documentation
¶
Overview ¶
Package grpcproxy is an OSI level 7 proxy for etcd v3 API requests.
Index ¶
- func AuthStreamClientInterceptor(ctx context.Context, desc *grpc.StreamDesc, cc *grpc.ClientConn, method string, ...) (grpc.ClientStream, error)
- func AuthUnaryClientInterceptor(ctx context.Context, method string, req, reply any, cc *grpc.ClientConn, ...) error
- func DelRequestToOp(r *pb.DeleteRangeRequest) clientv3.Op
- func HandleHealth(lg *zap.Logger, mux *http.ServeMux, c *clientv3.Client)
- func HandleMetrics(mux *http.ServeMux, c *http.Client, eps []string)
- func HandleProxyHealth(lg *zap.Logger, mux *http.ServeMux, c *clientv3.Client)
- func HandleProxyMetrics(mux *http.ServeMux)
- func NewAuthProxy(c *clientv3.Client) pb.AuthServer
- func NewClusterProxy(lg *zap.Logger, c *clientv3.Client, advaddr string, prefix string) (pb.ClusterServer, <-chan struct{})
- func NewElectionProxy(client *clientv3.Client) v3electionpb.ElectionServer
- func NewKvProxy(c *clientv3.Client) (pb.KVServer, <-chan struct{})
- func NewLeaseProxy(ctx context.Context, c *clientv3.Client) (pb.LeaseServer, <-chan struct{})
- func NewLockProxy(client *clientv3.Client) v3lockpb.LockServer
- func NewMaintenanceProxy(c *clientv3.Client) pb.MaintenanceServer
- func NewWatchProxy(ctx context.Context, lg *zap.Logger, c *clientv3.Client) (pb.WatchServer, <-chan struct{})
- func PutRequestToOp(r *pb.PutRequest) clientv3.Op
- func RangeRequestToOp(r *pb.RangeRequest) clientv3.Op
- func Register(lg *zap.Logger, c *clientv3.Client, prefix string, addr string, ttl int) <-chan struct{}
- func TxnRequestToOp(r *pb.TxnRequest) clientv3.Op
- type AuthProxy
- func (ap *AuthProxy) AuthDisable(ctx context.Context, r *pb.AuthDisableRequest) (*pb.AuthDisableResponse, error)
- func (ap *AuthProxy) AuthEnable(ctx context.Context, r *pb.AuthEnableRequest) (*pb.AuthEnableResponse, error)
- func (ap *AuthProxy) AuthStatus(ctx context.Context, r *pb.AuthStatusRequest) (*pb.AuthStatusResponse, error)
- func (ap *AuthProxy) Authenticate(ctx context.Context, r *pb.AuthenticateRequest) (*pb.AuthenticateResponse, error)
- func (ap *AuthProxy) RoleAdd(ctx context.Context, r *pb.AuthRoleAddRequest) (*pb.AuthRoleAddResponse, error)
- func (ap *AuthProxy) RoleDelete(ctx context.Context, r *pb.AuthRoleDeleteRequest) (*pb.AuthRoleDeleteResponse, error)
- func (ap *AuthProxy) RoleGet(ctx context.Context, r *pb.AuthRoleGetRequest) (*pb.AuthRoleGetResponse, error)
- func (ap *AuthProxy) RoleGrantPermission(ctx context.Context, r *pb.AuthRoleGrantPermissionRequest) (*pb.AuthRoleGrantPermissionResponse, error)
- func (ap *AuthProxy) RoleList(ctx context.Context, r *pb.AuthRoleListRequest) (*pb.AuthRoleListResponse, error)
- func (ap *AuthProxy) RoleRevokePermission(ctx context.Context, r *pb.AuthRoleRevokePermissionRequest) (*pb.AuthRoleRevokePermissionResponse, error)
- func (ap *AuthProxy) UserAdd(ctx context.Context, r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error)
- func (ap *AuthProxy) UserChangePassword(ctx context.Context, r *pb.AuthUserChangePasswordRequest) (*pb.AuthUserChangePasswordResponse, error)
- func (ap *AuthProxy) UserDelete(ctx context.Context, r *pb.AuthUserDeleteRequest) (*pb.AuthUserDeleteResponse, error)
- func (ap *AuthProxy) UserGet(ctx context.Context, r *pb.AuthUserGetRequest) (*pb.AuthUserGetResponse, error)
- func (ap *AuthProxy) UserGrantRole(ctx context.Context, r *pb.AuthUserGrantRoleRequest) (*pb.AuthUserGrantRoleResponse, error)
- func (ap *AuthProxy) UserList(ctx context.Context, r *pb.AuthUserListRequest) (*pb.AuthUserListResponse, error)
- func (ap *AuthProxy) UserRevokeRole(ctx context.Context, r *pb.AuthUserRevokeRoleRequest) (*pb.AuthUserRevokeRoleResponse, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AuthStreamClientInterceptor ¶
func AuthStreamClientInterceptor(ctx context.Context, desc *grpc.StreamDesc, cc *grpc.ClientConn, method string, streamer grpc.Streamer, opts ...grpc.CallOption) (grpc.ClientStream, error)
func AuthUnaryClientInterceptor ¶
func AuthUnaryClientInterceptor(ctx context.Context, method string, req, reply any, cc *grpc.ClientConn, invoker grpc.UnaryInvoker, opts ...grpc.CallOption) error
func DelRequestToOp ¶
func DelRequestToOp(r *pb.DeleteRangeRequest) clientv3.Op
func HandleHealth ¶
HandleHealth registers health handler on '/health'.
func HandleMetrics ¶
HandleMetrics performs a GET request against etcd endpoint and returns '/metrics'.
func HandleProxyHealth ¶
HandleProxyHealth registers health handler on '/proxy/health'.
func HandleProxyMetrics ¶
HandleProxyMetrics registers metrics handler on '/proxy/metrics'.
func NewAuthProxy ¶
func NewAuthProxy(c *clientv3.Client) pb.AuthServer
func NewClusterProxy ¶
func NewClusterProxy(lg *zap.Logger, c *clientv3.Client, advaddr string, prefix string) (pb.ClusterServer, <-chan struct{})
NewClusterProxy takes optional prefix to fetch grpc-proxy member endpoints. The returned channel is closed when there is grpc-proxy endpoint registered and the client's context is canceled so the 'register' loop returns. TODO: Expand the API to report creation errors
func NewElectionProxy ¶
func NewElectionProxy(client *clientv3.Client) v3electionpb.ElectionServer
func NewLeaseProxy ¶
func NewLockProxy ¶
func NewLockProxy(client *clientv3.Client) v3lockpb.LockServer
func NewMaintenanceProxy ¶
func NewMaintenanceProxy(c *clientv3.Client) pb.MaintenanceServer
func NewWatchProxy ¶
func PutRequestToOp ¶
func PutRequestToOp(r *pb.PutRequest) clientv3.Op
func RangeRequestToOp ¶
func RangeRequestToOp(r *pb.RangeRequest) clientv3.Op
func Register ¶
func Register(lg *zap.Logger, c *clientv3.Client, prefix string, addr string, ttl int) <-chan struct{}
Register registers itself as a grpc-proxy server by writing prefixed-key with session of specified TTL (in seconds). The returned channel is closed when the client's context is canceled.
func TxnRequestToOp ¶
func TxnRequestToOp(r *pb.TxnRequest) clientv3.Op
Types ¶
type AuthProxy ¶
type AuthProxy struct {
// contains filtered or unexported fields
}
func (*AuthProxy) AuthDisable ¶
func (ap *AuthProxy) AuthDisable(ctx context.Context, r *pb.AuthDisableRequest) (*pb.AuthDisableResponse, error)
func (*AuthProxy) AuthEnable ¶
func (ap *AuthProxy) AuthEnable(ctx context.Context, r *pb.AuthEnableRequest) (*pb.AuthEnableResponse, error)
func (*AuthProxy) AuthStatus ¶
func (ap *AuthProxy) AuthStatus(ctx context.Context, r *pb.AuthStatusRequest) (*pb.AuthStatusResponse, error)
func (*AuthProxy) Authenticate ¶
func (ap *AuthProxy) Authenticate(ctx context.Context, r *pb.AuthenticateRequest) (*pb.AuthenticateResponse, error)
func (*AuthProxy) RoleAdd ¶
func (ap *AuthProxy) RoleAdd(ctx context.Context, r *pb.AuthRoleAddRequest) (*pb.AuthRoleAddResponse, error)
func (*AuthProxy) RoleDelete ¶
func (ap *AuthProxy) RoleDelete(ctx context.Context, r *pb.AuthRoleDeleteRequest) (*pb.AuthRoleDeleteResponse, error)
func (*AuthProxy) RoleGet ¶
func (ap *AuthProxy) RoleGet(ctx context.Context, r *pb.AuthRoleGetRequest) (*pb.AuthRoleGetResponse, error)
func (*AuthProxy) RoleGrantPermission ¶
func (ap *AuthProxy) RoleGrantPermission(ctx context.Context, r *pb.AuthRoleGrantPermissionRequest) (*pb.AuthRoleGrantPermissionResponse, error)
func (*AuthProxy) RoleList ¶
func (ap *AuthProxy) RoleList(ctx context.Context, r *pb.AuthRoleListRequest) (*pb.AuthRoleListResponse, error)
func (*AuthProxy) RoleRevokePermission ¶
func (ap *AuthProxy) RoleRevokePermission(ctx context.Context, r *pb.AuthRoleRevokePermissionRequest) (*pb.AuthRoleRevokePermissionResponse, error)
func (*AuthProxy) UserAdd ¶
func (ap *AuthProxy) UserAdd(ctx context.Context, r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error)
func (*AuthProxy) UserChangePassword ¶
func (ap *AuthProxy) UserChangePassword(ctx context.Context, r *pb.AuthUserChangePasswordRequest) (*pb.AuthUserChangePasswordResponse, error)
func (*AuthProxy) UserDelete ¶
func (ap *AuthProxy) UserDelete(ctx context.Context, r *pb.AuthUserDeleteRequest) (*pb.AuthUserDeleteResponse, error)
func (*AuthProxy) UserGet ¶
func (ap *AuthProxy) UserGet(ctx context.Context, r *pb.AuthUserGetRequest) (*pb.AuthUserGetResponse, error)
func (*AuthProxy) UserGrantRole ¶
func (ap *AuthProxy) UserGrantRole(ctx context.Context, r *pb.AuthUserGrantRoleRequest) (*pb.AuthUserGrantRoleResponse, error)
func (*AuthProxy) UserList ¶
func (ap *AuthProxy) UserList(ctx context.Context, r *pb.AuthUserListRequest) (*pb.AuthUserListResponse, error)
func (*AuthProxy) UserRevokeRole ¶
func (ap *AuthProxy) UserRevokeRole(ctx context.Context, r *pb.AuthUserRevokeRoleRequest) (*pb.AuthUserRevokeRoleResponse, error)
Source Files
¶
Directories
¶
Path | Synopsis |
---|---|
Package adapter provides gRPC adapters between client and server gRPC interfaces without needing to go through a gRPC connection.
|
Package adapter provides gRPC adapters between client and server gRPC interfaces without needing to go through a gRPC connection. |
Package cache exports functionality for efficiently caching and mapping `RangeRequest`s to corresponding `RangeResponse`s.
|
Package cache exports functionality for efficiently caching and mapping `RangeRequest`s to corresponding `RangeResponse`s. |