[VOL-4291] Rw-core updates for gRPC migration
Change-Id: I8d5a554409115b29318089671ca4e1ab3fa98810
diff --git a/vendor/go.etcd.io/etcd/embed/config.go b/vendor/go.etcd.io/etcd/embed/config.go
index 2f64d92..473e757 100644
--- a/vendor/go.etcd.io/etcd/embed/config.go
+++ b/vendor/go.etcd.io/etcd/embed/config.go
@@ -24,24 +24,20 @@
"os"
"path/filepath"
"strings"
- "sync"
"time"
- "go.etcd.io/etcd/etcdserver"
- "go.etcd.io/etcd/etcdserver/api/v3compactor"
- "go.etcd.io/etcd/pkg/flags"
- "go.etcd.io/etcd/pkg/logutil"
- "go.etcd.io/etcd/pkg/netutil"
- "go.etcd.io/etcd/pkg/srv"
- "go.etcd.io/etcd/pkg/tlsutil"
- "go.etcd.io/etcd/pkg/transport"
- "go.etcd.io/etcd/pkg/types"
+ "github.com/coreos/etcd/compactor"
+ "github.com/coreos/etcd/etcdserver"
+ "github.com/coreos/etcd/pkg/cors"
+ "github.com/coreos/etcd/pkg/netutil"
+ "github.com/coreos/etcd/pkg/srv"
+ "github.com/coreos/etcd/pkg/tlsutil"
+ "github.com/coreos/etcd/pkg/transport"
+ "github.com/coreos/etcd/pkg/types"
- bolt "go.etcd.io/bbolt"
- "go.uber.org/zap"
- "go.uber.org/zap/zapcore"
- "golang.org/x/crypto/bcrypt"
+ "github.com/coreos/pkg/capnslog"
"google.golang.org/grpc"
+ "google.golang.org/grpc/grpclog"
"sigs.k8s.io/yaml"
)
@@ -62,22 +58,18 @@
DefaultListenClientURLs = "http://localhost:2379"
DefaultLogOutput = "default"
- JournalLogOutput = "systemd/journal"
- StdErrLogOutput = "stderr"
- StdOutLogOutput = "stdout"
// DefaultStrictReconfigCheck is the default value for "--strict-reconfig-check" flag.
// It's enabled by default.
DefaultStrictReconfigCheck = true
// DefaultEnableV2 is the default value for "--enable-v2" flag.
- // v2 API is disabled by default.
- DefaultEnableV2 = false
+ // v2 is enabled by default.
+ // TODO: disable v2 when deprecated.
+ DefaultEnableV2 = true
// maxElectionMs specifies the maximum value of election timeout.
// More details are listed in ../Documentation/tuning.md#time-parameters.
maxElectionMs = 50000
- // backend freelist map type
- freelistMapType = "map"
)
var (
@@ -92,46 +84,30 @@
defaultHostStatus error
)
-var (
- // CompactorModePeriodic is periodic compaction mode
- // for "Config.AutoCompactionMode" field.
- // If "AutoCompactionMode" is CompactorModePeriodic and
- // "AutoCompactionRetention" is "1h", it automatically compacts
- // compacts storage every hour.
- CompactorModePeriodic = v3compactor.ModePeriodic
-
- // CompactorModeRevision is revision-based compaction mode
- // for "Config.AutoCompactionMode" field.
- // If "AutoCompactionMode" is CompactorModeRevision and
- // "AutoCompactionRetention" is "1000", it compacts log on
- // revision 5000 when the current revision is 6000.
- // This runs every 5-minute if enough of logs have proceeded.
- CompactorModeRevision = v3compactor.ModeRevision
-)
-
func init() {
defaultHostname, defaultHostStatus = netutil.GetDefaultHost()
}
// Config holds the arguments for configuring an etcd server.
type Config struct {
- Name string `json:"name"`
- Dir string `json:"data-dir"`
- WalDir string `json:"wal-dir"`
+ // member
- SnapshotCount uint64 `json:"snapshot-count"`
+ CorsInfo *cors.CORSInfo
+ LPUrls, LCUrls []url.URL
+ Dir string `json:"data-dir"`
+ WalDir string `json:"wal-dir"`
+ MaxSnapFiles uint `json:"max-snapshots"`
+ MaxWalFiles uint `json:"max-wals"`
+ Name string `json:"name"`
+ SnapCount uint64 `json:"snapshot-count"`
- // SnapshotCatchUpEntries is the number of entries for a slow follower
- // to catch-up after compacting the raft storage entries.
- // We expect the follower has a millisecond level latency with the leader.
- // The max throughput is around 10K. Keep a 5K entries is enough for helping
- // follower to catch up.
- // WARNING: only change this for tests.
- // Always use "DefaultSnapshotCatchUpEntries"
- SnapshotCatchUpEntries uint64
-
- MaxSnapFiles uint `json:"max-snapshots"`
- MaxWalFiles uint `json:"max-wals"`
+ // AutoCompactionMode is either 'periodic' or 'revision'.
+ AutoCompactionMode string `json:"auto-compaction-mode"`
+ // AutoCompactionRetention is either duration string with time unit
+ // (e.g. '5m' for 5-minute), or revision unit (e.g. '5000').
+ // If no time unit is provided and compaction mode is 'periodic',
+ // the unit defaults to hour. For example, '5' translates into 5-hour.
+ AutoCompactionRetention string `json:"auto-compaction-retention"`
// TickMs is the number of milliseconds between heartbeat ticks.
// TODO: decouple tickMs and heartbeat tick (current heartbeat tick = 1).
@@ -165,46 +141,14 @@
//
// If single-node, it advances ticks regardless.
//
- // See https://github.com/etcd-io/etcd/issues/9333 for more detail.
+ // See https://github.com/coreos/etcd/issues/9333 for more detail.
InitialElectionTickAdvance bool `json:"initial-election-tick-advance"`
- // BackendBatchInterval is the maximum time before commit the backend transaction.
- BackendBatchInterval time.Duration `json:"backend-batch-interval"`
- // BackendBatchLimit is the maximum operations before commit the backend transaction.
- BackendBatchLimit int `json:"backend-batch-limit"`
QuotaBackendBytes int64 `json:"quota-backend-bytes"`
MaxTxnOps uint `json:"max-txn-ops"`
MaxRequestBytes uint `json:"max-request-bytes"`
- LPUrls, LCUrls []url.URL
- APUrls, ACUrls []url.URL
- ClientTLSInfo transport.TLSInfo
- ClientAutoTLS bool
- PeerTLSInfo transport.TLSInfo
- PeerAutoTLS bool
-
- // CipherSuites is a list of supported TLS cipher suites between
- // client/server and peers. If empty, Go auto-populates the list.
- // Note that cipher suites are prioritized in the given order.
- CipherSuites []string `json:"cipher-suites"`
-
- ClusterState string `json:"initial-cluster-state"`
- DNSCluster string `json:"discovery-srv"`
- DNSClusterServiceName string `json:"discovery-srv-name"`
- Dproxy string `json:"discovery-proxy"`
- Durl string `json:"discovery"`
- InitialCluster string `json:"initial-cluster"`
- InitialClusterToken string `json:"initial-cluster-token"`
- StrictReconfigCheck bool `json:"strict-reconfig-check"`
- EnableV2 bool `json:"enable-v2"`
-
- // AutoCompactionMode is either 'periodic' or 'revision'.
- AutoCompactionMode string `json:"auto-compaction-mode"`
- // AutoCompactionRetention is either duration string with time unit
- // (e.g. '5m' for 5-minute), or revision unit (e.g. '5000').
- // If no time unit is provided and compaction mode is 'periodic',
- // the unit defaults to hour. For example, '5' translates into 5-hour.
- AutoCompactionRetention string `json:"auto-compaction-retention"`
+ // gRPC server options
// GRPCKeepAliveMinTime is the minimum interval that a client should
// wait before pinging server. When client pings "too fast", server
@@ -221,40 +165,42 @@
// before closing a non-responsive connection. 0 to disable.
GRPCKeepAliveTimeout time.Duration `json:"grpc-keepalive-timeout"`
- // PreVote is true to enable Raft Pre-Vote.
- // If enabled, Raft runs an additional election phase
- // to check whether it would get enough votes to win
- // an election, thus minimizing disruptions.
- // TODO: enable by default in 3.5.
- PreVote bool `json:"pre-vote"`
+ // clustering
- CORS map[string]struct{}
+ APUrls, ACUrls []url.URL
+ ClusterState string `json:"initial-cluster-state"`
+ DNSCluster string `json:"discovery-srv"`
+ Dproxy string `json:"discovery-proxy"`
+ Durl string `json:"discovery"`
+ InitialCluster string `json:"initial-cluster"`
+ InitialClusterToken string `json:"initial-cluster-token"`
+ StrictReconfigCheck bool `json:"strict-reconfig-check"`
+ EnableV2 bool `json:"enable-v2"`
- // HostWhitelist lists acceptable hostnames from HTTP client requests.
- // Client origin policy protects against "DNS Rebinding" attacks
- // to insecure etcd servers. That is, any website can simply create
- // an authorized DNS name, and direct DNS to "localhost" (or any
- // other address). Then, all HTTP endpoints of etcd server listening
- // on "localhost" becomes accessible, thus vulnerable to DNS rebinding
- // attacks. See "CVE-2018-5702" for more detail.
- //
- // 1. If client connection is secure via HTTPS, allow any hostnames.
- // 2. If client connection is not secure and "HostWhitelist" is not empty,
- // only allow HTTP requests whose Host field is listed in whitelist.
- //
- // Note that the client origin policy is enforced whether authentication
- // is enabled or not, for tighter controls.
- //
- // By default, "HostWhitelist" is "*", which allows any hostnames.
- // Note that when specifying hostnames, loopback addresses are not added
- // automatically. To allow loopback interfaces, leave it empty or set it "*",
- // or add them to whitelist manually (e.g. "localhost", "127.0.0.1", etc.).
- //
- // CVE-2018-5702 reference:
- // - https://bugs.chromium.org/p/project-zero/issues/detail?id=1447#c2
- // - https://github.com/transmission/transmission/pull/468
- // - https://github.com/etcd-io/etcd/issues/9353
- HostWhitelist map[string]struct{}
+ // security
+
+ ClientTLSInfo transport.TLSInfo
+ ClientAutoTLS bool
+ PeerTLSInfo transport.TLSInfo
+ PeerAutoTLS bool
+
+ // CipherSuites is a list of supported TLS cipher suites between
+ // client/server and peers. If empty, Go auto-populates the list.
+ // Note that cipher suites are prioritized in the given order.
+ CipherSuites []string `json:"cipher-suites"`
+
+ // debug
+
+ Debug bool `json:"debug"`
+ LogPkgLevels string `json:"log-package-levels"`
+ LogOutput string `json:"log-output"`
+ EnablePprof bool `json:"enable-pprof"`
+ Metrics string `json:"metrics"`
+ ListenMetricsUrls []url.URL
+ ListenMetricsUrlsJSON string `json:"listen-metrics-urls"`
+
+ // ForceNewCluster starts a new cluster even if previously started; unsafe.
+ ForceNewCluster bool `json:"force-new-cluster"`
// UserHandlers is for registering users handlers and only used for
// embedding etcd into other applications.
@@ -270,71 +216,18 @@
// embed.StartEtcd(cfg)
ServiceRegister func(*grpc.Server) `json:"-"`
- AuthToken string `json:"auth-token"`
- BcryptCost uint `json:"bcrypt-cost"`
+ // auth
+
+ AuthToken string `json:"auth-token"`
+
+ // Experimental flags
+
+ //The AuthTokenTTL in seconds of the simple token
+ AuthTokenTTL uint `json:"auth-token-ttl"`
ExperimentalInitialCorruptCheck bool `json:"experimental-initial-corrupt-check"`
ExperimentalCorruptCheckTime time.Duration `json:"experimental-corrupt-check-time"`
ExperimentalEnableV2V3 string `json:"experimental-enable-v2v3"`
- // ExperimentalBackendFreelistType specifies the type of freelist that boltdb backend uses (array and map are supported types).
- ExperimentalBackendFreelistType string `json:"experimental-backend-bbolt-freelist-type"`
- // ExperimentalEnableLeaseCheckpoint enables primary lessor to persist lease remainingTTL to prevent indefinite auto-renewal of long lived leases.
- ExperimentalEnableLeaseCheckpoint bool `json:"experimental-enable-lease-checkpoint"`
- ExperimentalCompactionBatchLimit int `json:"experimental-compaction-batch-limit"`
-
- // ForceNewCluster starts a new cluster even if previously started; unsafe.
- ForceNewCluster bool `json:"force-new-cluster"`
-
- EnablePprof bool `json:"enable-pprof"`
- Metrics string `json:"metrics"`
- ListenMetricsUrls []url.URL
- ListenMetricsUrlsJSON string `json:"listen-metrics-urls"`
-
- // Logger is logger options: "zap", "capnslog".
- // WARN: "capnslog" is being deprecated in v3.5.
- Logger string `json:"logger"`
- // LogLevel configures log level. Only supports debug, info, warn, error, panic, or fatal. Default 'info'.
- LogLevel string `json:"log-level"`
- // LogOutputs is either:
- // - "default" as os.Stderr,
- // - "stderr" as os.Stderr,
- // - "stdout" as os.Stdout,
- // - file path to append server logs to.
- // It can be multiple when "Logger" is zap.
- LogOutputs []string `json:"log-outputs"`
-
- // ZapLoggerBuilder is used to build the zap logger.
- ZapLoggerBuilder func(*Config) error
-
- // logger logs server-side operations. The default is nil,
- // and "setupLogging" must be called before starting server.
- // Do not set logger directly.
- loggerMu *sync.RWMutex
- logger *zap.Logger
-
- // loggerConfig is server logger configuration for Raft logger.
- // Must be either: "loggerConfig != nil" or "loggerCore != nil && loggerWriteSyncer != nil".
- loggerConfig *zap.Config
- // loggerCore is "zapcore.Core" for raft logger.
- // Must be either: "loggerConfig != nil" or "loggerCore != nil && loggerWriteSyncer != nil".
- loggerCore zapcore.Core
- loggerWriteSyncer zapcore.WriteSyncer
-
- // EnableGRPCGateway is false to disable grpc gateway.
- EnableGRPCGateway bool `json:"enable-grpc-gateway"`
-
- // TO BE DEPRECATED
-
- // DeprecatedLogOutput is to be deprecated in v3.5.
- // Just here for safe migration in v3.4.
- DeprecatedLogOutput []string `json:"log-output"`
- // Debug is true, to enable debug level logging.
- // WARNING: to be deprecated in 3.5. Use "--log-level=debug" instead.
- Debug bool `json:"debug"`
- // LogPkgLevels is being deprecated in v3.5.
- // Only valid if "logger" option is "capnslog".
- // WARN: DO NOT USE THIS!
- LogPkgLevels string `json:"log-package-levels"`
}
// configYAML holds the config suitable for yaml parsing
@@ -345,19 +238,17 @@
// configJSON has file options that are translated into Config options
type configJSON struct {
- LPUrlsJSON string `json:"listen-peer-urls"`
- LCUrlsJSON string `json:"listen-client-urls"`
- APUrlsJSON string `json:"initial-advertise-peer-urls"`
- ACUrlsJSON string `json:"advertise-client-urls"`
-
- CORSJSON string `json:"cors"`
- HostWhitelistJSON string `json:"host-whitelist"`
-
+ LPUrlsJSON string `json:"listen-peer-urls"`
+ LCUrlsJSON string `json:"listen-client-urls"`
+ CorsJSON string `json:"cors"`
+ APUrlsJSON string `json:"initial-advertise-peer-urls"`
+ ACUrlsJSON string `json:"advertise-client-urls"`
ClientSecurityJSON securityConfig `json:"client-transport-security"`
PeerSecurityJSON securityConfig `json:"peer-transport-security"`
}
type securityConfig struct {
+ CAFile string `json:"ca-file"`
CertFile string `json:"cert-file"`
KeyFile string `json:"key-file"`
CertAuth bool `json:"client-cert-auth"`
@@ -372,53 +263,31 @@
lcurl, _ := url.Parse(DefaultListenClientURLs)
acurl, _ := url.Parse(DefaultAdvertiseClientURLs)
cfg := &Config{
- MaxSnapFiles: DefaultMaxSnapshots,
- MaxWalFiles: DefaultMaxWALs,
-
- Name: DefaultName,
-
- SnapshotCount: etcdserver.DefaultSnapshotCount,
- SnapshotCatchUpEntries: etcdserver.DefaultSnapshotCatchUpEntries,
-
- MaxTxnOps: DefaultMaxTxnOps,
- MaxRequestBytes: DefaultMaxRequestBytes,
-
- GRPCKeepAliveMinTime: DefaultGRPCKeepAliveMinTime,
- GRPCKeepAliveInterval: DefaultGRPCKeepAliveInterval,
- GRPCKeepAliveTimeout: DefaultGRPCKeepAliveTimeout,
-
+ CorsInfo: &cors.CORSInfo{},
+ MaxSnapFiles: DefaultMaxSnapshots,
+ MaxWalFiles: DefaultMaxWALs,
+ Name: DefaultName,
+ SnapCount: etcdserver.DefaultSnapCount,
+ MaxTxnOps: DefaultMaxTxnOps,
+ MaxRequestBytes: DefaultMaxRequestBytes,
+ GRPCKeepAliveMinTime: DefaultGRPCKeepAliveMinTime,
+ GRPCKeepAliveInterval: DefaultGRPCKeepAliveInterval,
+ GRPCKeepAliveTimeout: DefaultGRPCKeepAliveTimeout,
TickMs: 100,
ElectionMs: 1000,
InitialElectionTickAdvance: true,
-
- LPUrls: []url.URL{*lpurl},
- LCUrls: []url.URL{*lcurl},
- APUrls: []url.URL{*apurl},
- ACUrls: []url.URL{*acurl},
-
- ClusterState: ClusterStateFlagNew,
- InitialClusterToken: "etcd-cluster",
-
- StrictReconfigCheck: DefaultStrictReconfigCheck,
- Metrics: "basic",
- EnableV2: DefaultEnableV2,
-
- CORS: map[string]struct{}{"*": {}},
- HostWhitelist: map[string]struct{}{"*": {}},
-
- AuthToken: "simple",
- BcryptCost: uint(bcrypt.DefaultCost),
-
- PreVote: false, // TODO: enable by default in v3.5
-
- loggerMu: new(sync.RWMutex),
- logger: nil,
- Logger: "capnslog",
- DeprecatedLogOutput: []string{DefaultLogOutput},
- LogOutputs: []string{DefaultLogOutput},
- Debug: false,
- LogLevel: logutil.DefaultLogLevel,
- LogPkgLevels: "",
+ LPUrls: []url.URL{*lpurl},
+ LCUrls: []url.URL{*lcurl},
+ APUrls: []url.URL{*apurl},
+ ACUrls: []url.URL{*acurl},
+ ClusterState: ClusterStateFlagNew,
+ InitialClusterToken: "etcd-cluster",
+ StrictReconfigCheck: DefaultStrictReconfigCheck,
+ LogOutput: DefaultLogOutput,
+ Metrics: "basic",
+ EnableV2: DefaultEnableV2,
+ AuthToken: "simple",
+ AuthTokenTTL: 300,
}
cfg.InitialCluster = cfg.InitialClusterFromName(cfg.Name)
return cfg
@@ -437,6 +306,46 @@
}
}
+// SetupLogging initializes etcd logging.
+// Must be called after flag parsing.
+func (cfg *Config) SetupLogging() {
+ cfg.ClientTLSInfo.HandshakeFailure = logTLSHandshakeFailure
+ cfg.PeerTLSInfo.HandshakeFailure = logTLSHandshakeFailure
+
+ capnslog.SetGlobalLogLevel(capnslog.INFO)
+ if cfg.Debug {
+ capnslog.SetGlobalLogLevel(capnslog.DEBUG)
+ grpc.EnableTracing = true
+ // enable info, warning, error
+ grpclog.SetLoggerV2(grpclog.NewLoggerV2(os.Stderr, os.Stderr, os.Stderr))
+ } else {
+ // only discard info
+ grpclog.SetLoggerV2(grpclog.NewLoggerV2(ioutil.Discard, os.Stderr, os.Stderr))
+ }
+ if cfg.LogPkgLevels != "" {
+ repoLog := capnslog.MustRepoLogger("github.com/coreos/etcd")
+ settings, err := repoLog.ParseLogLevelConfig(cfg.LogPkgLevels)
+ if err != nil {
+ plog.Warningf("couldn't parse log level string: %s, continuing with default levels", err.Error())
+ return
+ }
+ repoLog.SetLogLevel(settings)
+ }
+
+ // capnslog initially SetFormatter(NewDefaultFormatter(os.Stderr))
+ // where NewDefaultFormatter returns NewJournaldFormatter when syscall.Getppid() == 1
+ // specify 'stdout' or 'stderr' to skip journald logging even when running under systemd
+ switch cfg.LogOutput {
+ case "stdout":
+ capnslog.SetFormatter(capnslog.NewPrettyFormatter(os.Stdout, cfg.Debug))
+ case "stderr":
+ capnslog.SetFormatter(capnslog.NewPrettyFormatter(os.Stderr, cfg.Debug))
+ case DefaultLogOutput:
+ default:
+ plog.Panicf(`unknown log-output %q (only supports %q, "stdout", "stderr")`, cfg.LogOutput, DefaultLogOutput)
+ }
+}
+
func ConfigFromFile(path string) (*Config, error) {
cfg := &configYAML{Config: *NewConfig()}
if err := cfg.configFromFile(path); err != nil {
@@ -461,8 +370,7 @@
if cfg.LPUrlsJSON != "" {
u, err := types.NewURLs(strings.Split(cfg.LPUrlsJSON, ","))
if err != nil {
- fmt.Fprintf(os.Stderr, "unexpected error setting up listen-peer-urls: %v\n", err)
- os.Exit(1)
+ plog.Fatalf("unexpected error setting up listen-peer-urls: %v", err)
}
cfg.LPUrls = []url.URL(u)
}
@@ -470,17 +378,21 @@
if cfg.LCUrlsJSON != "" {
u, err := types.NewURLs(strings.Split(cfg.LCUrlsJSON, ","))
if err != nil {
- fmt.Fprintf(os.Stderr, "unexpected error setting up listen-client-urls: %v\n", err)
- os.Exit(1)
+ plog.Fatalf("unexpected error setting up listen-client-urls: %v", err)
}
cfg.LCUrls = []url.URL(u)
}
+ if cfg.CorsJSON != "" {
+ if err := cfg.CorsInfo.Set(cfg.CorsJSON); err != nil {
+ plog.Panicf("unexpected error setting up cors: %v", err)
+ }
+ }
+
if cfg.APUrlsJSON != "" {
u, err := types.NewURLs(strings.Split(cfg.APUrlsJSON, ","))
if err != nil {
- fmt.Fprintf(os.Stderr, "unexpected error setting up initial-advertise-peer-urls: %v\n", err)
- os.Exit(1)
+ plog.Fatalf("unexpected error setting up initial-advertise-peer-urls: %v", err)
}
cfg.APUrls = []url.URL(u)
}
@@ -488,8 +400,7 @@
if cfg.ACUrlsJSON != "" {
u, err := types.NewURLs(strings.Split(cfg.ACUrlsJSON, ","))
if err != nil {
- fmt.Fprintf(os.Stderr, "unexpected error setting up advertise-peer-urls: %v\n", err)
- os.Exit(1)
+ plog.Fatalf("unexpected error setting up advertise-peer-urls: %v", err)
}
cfg.ACUrls = []url.URL(u)
}
@@ -497,22 +408,11 @@
if cfg.ListenMetricsUrlsJSON != "" {
u, err := types.NewURLs(strings.Split(cfg.ListenMetricsUrlsJSON, ","))
if err != nil {
- fmt.Fprintf(os.Stderr, "unexpected error setting up listen-metrics-urls: %v\n", err)
- os.Exit(1)
+ plog.Fatalf("unexpected error setting up listen-metrics-urls: %v", err)
}
cfg.ListenMetricsUrls = []url.URL(u)
}
- if cfg.CORSJSON != "" {
- uv := flags.NewUniqueURLsWithExceptions(cfg.CORSJSON, "*")
- cfg.CORS = uv.Values
- }
-
- if cfg.HostWhitelistJSON != "" {
- uv := flags.NewUniqueStringsValue(cfg.HostWhitelistJSON)
- cfg.HostWhitelist = uv.Values
- }
-
// If a discovery flag is set, clear default initial cluster set by InitialClusterFromName
if (cfg.Durl != "" || cfg.DNSCluster != "") && cfg.InitialCluster == defaultInitialCluster {
cfg.InitialCluster = ""
@@ -522,6 +422,7 @@
}
copySecurityDetails := func(tls *transport.TLSInfo, ysc *securityConfig) {
+ tls.CAFile = ysc.CAFile
tls.CertFile = ysc.CertFile
tls.KeyFile = ysc.KeyFile
tls.ClientCertAuth = ysc.CertAuth
@@ -555,9 +456,6 @@
// Validate ensures that '*embed.Config' fields are properly configured.
func (cfg *Config) Validate() error {
- if err := cfg.setupLogging(); err != nil {
- return err
- }
if err := checkBindURLs(cfg.LPUrls); err != nil {
return err
}
@@ -568,13 +466,22 @@
return err
}
if err := checkHostURLs(cfg.APUrls); err != nil {
- addrs := cfg.getAPURLs()
- return fmt.Errorf(`--initial-advertise-peer-urls %q must be "host:port" (%v)`, strings.Join(addrs, ","), err)
+ // TODO: return err in v3.4
+ addrs := make([]string, len(cfg.APUrls))
+ for i := range cfg.APUrls {
+ addrs[i] = cfg.APUrls[i].String()
+ }
+ plog.Warningf("advertise-peer-urls %q is deprecated (%v)", strings.Join(addrs, ","), err)
}
if err := checkHostURLs(cfg.ACUrls); err != nil {
- addrs := cfg.getACURLs()
- return fmt.Errorf(`--advertise-client-urls %q must be "host:port" (%v)`, strings.Join(addrs, ","), err)
+ // TODO: return err in v3.4
+ addrs := make([]string, len(cfg.ACUrls))
+ for i := range cfg.ACUrls {
+ addrs[i] = cfg.ACUrls[i].String()
+ }
+ plog.Warningf("advertise-client-urls %q is deprecated (%v)", strings.Join(addrs, ","), err)
}
+
// Check if conflicting flags are passed.
nSet := 0
for _, v := range []bool{cfg.Durl != "", cfg.InitialCluster != "", cfg.DNSCluster != ""} {
@@ -611,7 +518,7 @@
switch cfg.AutoCompactionMode {
case "":
- case CompactorModeRevision, CompactorModePeriodic:
+ case compactor.ModeRevision, compactor.ModePeriodic:
default:
return fmt.Errorf("unknown auto-compaction-mode %q", cfg.AutoCompactionMode)
}
@@ -629,27 +536,17 @@
// self's advertised peer URLs
urlsmap[cfg.Name] = cfg.APUrls
token = cfg.Durl
-
case cfg.DNSCluster != "":
- clusterStrs, cerr := cfg.GetDNSClusterNames()
- lg := cfg.logger
+ clusterStrs, cerr := srv.GetCluster("etcd-server", cfg.Name, cfg.DNSCluster, cfg.APUrls)
if cerr != nil {
- if lg != nil {
- lg.Warn("failed to resolve during SRV discovery", zap.Error(cerr))
- } else {
- plog.Errorf("couldn't resolve during SRV discovery (%v)", cerr)
- }
+ plog.Errorf("couldn't resolve during SRV discovery (%v)", cerr)
return nil, "", cerr
}
for _, s := range clusterStrs {
- if lg != nil {
- lg.Info("got bootstrap from DNS for etcd-server", zap.String("node", s))
- } else {
- plog.Noticef("got bootstrap from DNS for etcd-server at %s", s)
- }
+ plog.Noticef("got bootstrap from DNS for etcd-server at %s", s)
}
clusterStr := strings.Join(clusterStrs, ",")
- if strings.Contains(clusterStr, "https://") && cfg.PeerTLSInfo.TrustedCAFile == "" {
+ if strings.Contains(clusterStr, "https://") && cfg.PeerTLSInfo.CAFile == "" {
cfg.PeerTLSInfo.ServerName = cfg.DNSCluster
}
urlsmap, err = types.NewURLsMap(clusterStr)
@@ -660,7 +557,6 @@
return nil, "", fmt.Errorf("cannot find local etcd member %q in SRV records", cfg.Name)
}
}
-
default:
// We're statically configured, and cluster has appropriately been set.
urlsmap, err = types.NewURLsMap(cfg.InitialCluster)
@@ -668,58 +564,6 @@
return urlsmap, token, err
}
-// GetDNSClusterNames uses DNS SRV records to get a list of initial nodes for cluster bootstrapping.
-func (cfg *Config) GetDNSClusterNames() ([]string, error) {
- var (
- clusterStrs []string
- cerr error
- serviceNameSuffix string
- )
- if cfg.DNSClusterServiceName != "" {
- serviceNameSuffix = "-" + cfg.DNSClusterServiceName
- }
-
- lg := cfg.GetLogger()
-
- // Use both etcd-server-ssl and etcd-server for discovery.
- // Combine the results if both are available.
- clusterStrs, cerr = srv.GetCluster("https", "etcd-server-ssl"+serviceNameSuffix, cfg.Name, cfg.DNSCluster, cfg.APUrls)
- if cerr != nil {
- clusterStrs = make([]string, 0)
- }
- if lg != nil {
- lg.Info(
- "get cluster for etcd-server-ssl SRV",
- zap.String("service-scheme", "https"),
- zap.String("service-name", "etcd-server-ssl"+serviceNameSuffix),
- zap.String("server-name", cfg.Name),
- zap.String("discovery-srv", cfg.DNSCluster),
- zap.Strings("advertise-peer-urls", cfg.getAPURLs()),
- zap.Strings("found-cluster", clusterStrs),
- zap.Error(cerr),
- )
- }
-
- defaultHTTPClusterStrs, httpCerr := srv.GetCluster("http", "etcd-server"+serviceNameSuffix, cfg.Name, cfg.DNSCluster, cfg.APUrls)
- if httpCerr != nil {
- clusterStrs = append(clusterStrs, defaultHTTPClusterStrs...)
- }
- if lg != nil {
- lg.Info(
- "get cluster for etcd-server SRV",
- zap.String("service-scheme", "http"),
- zap.String("service-name", "etcd-server"+serviceNameSuffix),
- zap.String("server-name", cfg.Name),
- zap.String("discovery-srv", cfg.DNSCluster),
- zap.Strings("advertise-peer-urls", cfg.getAPURLs()),
- zap.Strings("found-cluster", clusterStrs),
- zap.Error(httpCerr),
- )
- }
-
- return clusterStrs, cerr
-}
-
func (cfg Config) InitialClusterFromName(name string) (ret string) {
if len(cfg.APUrls) == 0 {
return ""
@@ -750,18 +594,14 @@
return nil
}
if !cfg.ClientTLSInfo.Empty() {
- if cfg.logger != nil {
- cfg.logger.Warn("ignoring client auto TLS since certs given")
- } else {
- plog.Warningf("ignoring client auto TLS since certs given")
- }
+ plog.Warningf("ignoring client auto TLS since certs given")
return nil
}
chosts := make([]string, len(cfg.LCUrls))
for i, u := range cfg.LCUrls {
chosts[i] = u.Host
}
- cfg.ClientTLSInfo, err = transport.SelfCert(cfg.logger, filepath.Join(cfg.Dir, "fixtures", "client"), chosts)
+ cfg.ClientTLSInfo, err = transport.SelfCert(filepath.Join(cfg.Dir, "fixtures", "client"), chosts)
if err != nil {
return err
}
@@ -773,18 +613,14 @@
return nil
}
if !cfg.PeerTLSInfo.Empty() {
- if cfg.logger != nil {
- cfg.logger.Warn("ignoring peer auto TLS since certs given")
- } else {
- plog.Warningf("ignoring peer auto TLS since certs given")
- }
+ plog.Warningf("ignoring peer auto TLS since certs given")
return nil
}
phosts := make([]string, len(cfg.LPUrls))
for i, u := range cfg.LPUrls {
phosts[i] = u.Host
}
- cfg.PeerTLSInfo, err = transport.SelfCert(cfg.logger, filepath.Join(cfg.Dir, "fixtures", "peer"), phosts)
+ cfg.PeerTLSInfo, err = transport.SelfCert(filepath.Join(cfg.Dir, "fixtures", "peer"), phosts)
if err != nil {
return err
}
@@ -865,51 +701,3 @@
}
return nil
}
-
-func (cfg *Config) getAPURLs() (ss []string) {
- ss = make([]string, len(cfg.APUrls))
- for i := range cfg.APUrls {
- ss[i] = cfg.APUrls[i].String()
- }
- return ss
-}
-
-func (cfg *Config) getLPURLs() (ss []string) {
- ss = make([]string, len(cfg.LPUrls))
- for i := range cfg.LPUrls {
- ss[i] = cfg.LPUrls[i].String()
- }
- return ss
-}
-
-func (cfg *Config) getACURLs() (ss []string) {
- ss = make([]string, len(cfg.ACUrls))
- for i := range cfg.ACUrls {
- ss[i] = cfg.ACUrls[i].String()
- }
- return ss
-}
-
-func (cfg *Config) getLCURLs() (ss []string) {
- ss = make([]string, len(cfg.LCUrls))
- for i := range cfg.LCUrls {
- ss[i] = cfg.LCUrls[i].String()
- }
- return ss
-}
-
-func (cfg *Config) getMetricsURLs() (ss []string) {
- ss = make([]string, len(cfg.ListenMetricsUrls))
- for i := range cfg.ListenMetricsUrls {
- ss[i] = cfg.ListenMetricsUrls[i].String()
- }
- return ss
-}
-
-func parseBackendFreelistType(freelistType string) bolt.FreelistType {
- if freelistType == freelistMapType {
- return bolt.FreelistMapType
- }
-
- return bolt.FreelistArrayType
-}
diff --git a/vendor/go.etcd.io/etcd/embed/config_logging.go b/vendor/go.etcd.io/etcd/embed/config_logging.go
deleted file mode 100644
index e42103c..0000000
--- a/vendor/go.etcd.io/etcd/embed/config_logging.go
+++ /dev/null
@@ -1,312 +0,0 @@
-// Copyright 2018 The etcd Authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package embed
-
-import (
- "crypto/tls"
- "errors"
- "fmt"
- "io/ioutil"
- "os"
- "reflect"
- "sync"
-
- "go.etcd.io/etcd/pkg/logutil"
-
- "github.com/coreos/pkg/capnslog"
- "go.uber.org/zap"
- "go.uber.org/zap/zapcore"
- "google.golang.org/grpc"
- "google.golang.org/grpc/grpclog"
-)
-
-// GetLogger returns the logger.
-func (cfg Config) GetLogger() *zap.Logger {
- cfg.loggerMu.RLock()
- l := cfg.logger
- cfg.loggerMu.RUnlock()
- return l
-}
-
-// for testing
-var grpcLogOnce = new(sync.Once)
-
-// setupLogging initializes etcd logging.
-// Must be called after flag parsing or finishing configuring embed.Config.
-func (cfg *Config) setupLogging() error {
- // handle "DeprecatedLogOutput" in v3.4
- // TODO: remove "DeprecatedLogOutput" in v3.5
- len1 := len(cfg.DeprecatedLogOutput)
- len2 := len(cfg.LogOutputs)
- if len1 != len2 {
- switch {
- case len1 > len2: // deprecate "log-output" flag is used
- fmt.Fprintln(os.Stderr, "'--log-output' flag has been deprecated! Please use '--log-outputs'!")
- cfg.LogOutputs = cfg.DeprecatedLogOutput
- case len1 < len2: // "--log-outputs" flag has been set with multiple writers
- cfg.DeprecatedLogOutput = []string{}
- }
- } else {
- if len1 > 1 {
- return errors.New("both '--log-output' and '--log-outputs' are set; only set '--log-outputs'")
- }
- if len1 < 1 {
- return errors.New("either '--log-output' or '--log-outputs' flag must be set")
- }
- if reflect.DeepEqual(cfg.DeprecatedLogOutput, cfg.LogOutputs) && cfg.DeprecatedLogOutput[0] != DefaultLogOutput {
- return fmt.Errorf("'--log-output=%q' and '--log-outputs=%q' are incompatible; only set --log-outputs", cfg.DeprecatedLogOutput, cfg.LogOutputs)
- }
- if !reflect.DeepEqual(cfg.DeprecatedLogOutput, []string{DefaultLogOutput}) {
- fmt.Fprintf(os.Stderr, "[WARNING] Deprecated '--log-output' flag is set to %q\n", cfg.DeprecatedLogOutput)
- fmt.Fprintln(os.Stderr, "Please use '--log-outputs' flag")
- }
- }
-
- // TODO: remove after deprecating log related flags in v3.5
- if cfg.Debug {
- fmt.Fprintf(os.Stderr, "[WARNING] Deprecated '--debug' flag is set to %v (use '--log-level=debug' instead\n", cfg.Debug)
- }
- if cfg.Debug && cfg.LogLevel != "debug" {
- fmt.Fprintf(os.Stderr, "[WARNING] Deprecated '--debug' flag is set to %v with inconsistent '--log-level=%s' flag\n", cfg.Debug, cfg.LogLevel)
- }
- if cfg.Logger == "capnslog" {
- fmt.Fprintf(os.Stderr, "[WARNING] Deprecated '--logger=%s' flag is set; use '--logger=zap' flag instead\n", cfg.Logger)
- }
- if cfg.LogPkgLevels != "" {
- fmt.Fprintf(os.Stderr, "[WARNING] Deprecated '--log-package-levels=%s' flag is set; use '--logger=zap' flag instead\n", cfg.LogPkgLevels)
- }
-
- switch cfg.Logger {
- case "capnslog": // TODO: deprecate this in v3.5
- cfg.ClientTLSInfo.HandshakeFailure = logTLSHandshakeFailure
- cfg.PeerTLSInfo.HandshakeFailure = logTLSHandshakeFailure
-
- if cfg.Debug {
- capnslog.SetGlobalLogLevel(capnslog.DEBUG)
- grpc.EnableTracing = true
- // enable info, warning, error
- grpclog.SetLoggerV2(grpclog.NewLoggerV2(os.Stderr, os.Stderr, os.Stderr))
- } else {
- capnslog.SetGlobalLogLevel(logutil.ConvertToCapnslogLogLevel(cfg.LogLevel))
- // only discard info
- grpclog.SetLoggerV2(grpclog.NewLoggerV2(ioutil.Discard, os.Stderr, os.Stderr))
- }
-
- // TODO: deprecate with "capnslog"
- if cfg.LogPkgLevels != "" {
- repoLog := capnslog.MustRepoLogger("go.etcd.io/etcd")
- settings, err := repoLog.ParseLogLevelConfig(cfg.LogPkgLevels)
- if err != nil {
- plog.Warningf("couldn't parse log level string: %s, continuing with default levels", err.Error())
- return nil
- }
- repoLog.SetLogLevel(settings)
- }
-
- if len(cfg.LogOutputs) != 1 {
- return fmt.Errorf("--logger=capnslog supports only 1 value in '--log-outputs', got %q", cfg.LogOutputs)
- }
- // capnslog initially SetFormatter(NewDefaultFormatter(os.Stderr))
- // where NewDefaultFormatter returns NewJournaldFormatter when syscall.Getppid() == 1
- // specify 'stdout' or 'stderr' to skip journald logging even when running under systemd
- output := cfg.LogOutputs[0]
- switch output {
- case StdErrLogOutput:
- capnslog.SetFormatter(capnslog.NewPrettyFormatter(os.Stderr, cfg.Debug))
- case StdOutLogOutput:
- capnslog.SetFormatter(capnslog.NewPrettyFormatter(os.Stdout, cfg.Debug))
- case DefaultLogOutput:
- default:
- return fmt.Errorf("unknown log-output %q (only supports %q, %q, %q)", output, DefaultLogOutput, StdErrLogOutput, StdOutLogOutput)
- }
-
- case "zap":
- if len(cfg.LogOutputs) == 0 {
- cfg.LogOutputs = []string{DefaultLogOutput}
- }
- if len(cfg.LogOutputs) > 1 {
- for _, v := range cfg.LogOutputs {
- if v == DefaultLogOutput {
- return fmt.Errorf("multi logoutput for %q is not supported yet", DefaultLogOutput)
- }
- }
- }
-
- outputPaths, errOutputPaths := make([]string, 0), make([]string, 0)
- isJournal := false
- for _, v := range cfg.LogOutputs {
- switch v {
- case DefaultLogOutput:
- outputPaths = append(outputPaths, StdErrLogOutput)
- errOutputPaths = append(errOutputPaths, StdErrLogOutput)
-
- case JournalLogOutput:
- isJournal = true
-
- case StdErrLogOutput:
- outputPaths = append(outputPaths, StdErrLogOutput)
- errOutputPaths = append(errOutputPaths, StdErrLogOutput)
-
- case StdOutLogOutput:
- outputPaths = append(outputPaths, StdOutLogOutput)
- errOutputPaths = append(errOutputPaths, StdOutLogOutput)
-
- default:
- outputPaths = append(outputPaths, v)
- errOutputPaths = append(errOutputPaths, v)
- }
- }
-
- if !isJournal {
- copied := logutil.DefaultZapLoggerConfig
- copied.OutputPaths = outputPaths
- copied.ErrorOutputPaths = errOutputPaths
- copied = logutil.MergeOutputPaths(copied)
- copied.Level = zap.NewAtomicLevelAt(logutil.ConvertToZapLevel(cfg.LogLevel))
- if cfg.Debug || cfg.LogLevel == "debug" {
- // enable tracing even when "--debug --log-level info"
- // in order to keep backward compatibility with <= v3.3
- // TODO: remove "Debug" check in v3.5
- grpc.EnableTracing = true
- }
- if cfg.ZapLoggerBuilder == nil {
- cfg.ZapLoggerBuilder = func(c *Config) error {
- var err error
- c.logger, err = copied.Build()
- if err != nil {
- return err
- }
- c.loggerMu.Lock()
- defer c.loggerMu.Unlock()
- c.loggerConfig = &copied
- c.loggerCore = nil
- c.loggerWriteSyncer = nil
- grpcLogOnce.Do(func() {
- // debug true, enable info, warning, error
- // debug false, only discard info
- var gl grpclog.LoggerV2
- gl, err = logutil.NewGRPCLoggerV2(copied)
- if err == nil {
- grpclog.SetLoggerV2(gl)
- }
- })
- return nil
- }
- }
- } else {
- if len(cfg.LogOutputs) > 1 {
- for _, v := range cfg.LogOutputs {
- if v != DefaultLogOutput {
- return fmt.Errorf("running with systemd/journal but other '--log-outputs' values (%q) are configured with 'default'; override 'default' value with something else", cfg.LogOutputs)
- }
- }
- }
-
- // use stderr as fallback
- syncer, lerr := getJournalWriteSyncer()
- if lerr != nil {
- return lerr
- }
-
- lvl := zap.NewAtomicLevelAt(logutil.ConvertToZapLevel(cfg.LogLevel))
- if cfg.Debug || cfg.LogLevel == "debug" {
- // enable tracing even when "--debug --log-level info"
- // in order to keep backward compatibility with <= v3.3
- // TODO: remove "Debug" check in v3.5
- grpc.EnableTracing = true
- }
-
- // WARN: do not change field names in encoder config
- // journald logging writer assumes field names of "level" and "caller"
- cr := zapcore.NewCore(
- zapcore.NewJSONEncoder(logutil.DefaultZapLoggerConfig.EncoderConfig),
- syncer,
- lvl,
- )
- if cfg.ZapLoggerBuilder == nil {
- cfg.ZapLoggerBuilder = func(c *Config) error {
- c.logger = zap.New(cr, zap.AddCaller(), zap.ErrorOutput(syncer))
- c.loggerMu.Lock()
- defer c.loggerMu.Unlock()
- c.loggerConfig = nil
- c.loggerCore = cr
- c.loggerWriteSyncer = syncer
-
- grpcLogOnce.Do(func() {
- grpclog.SetLoggerV2(logutil.NewGRPCLoggerV2FromZapCore(cr, syncer))
- })
- return nil
- }
- }
- }
-
- err := cfg.ZapLoggerBuilder(cfg)
- if err != nil {
- return err
- }
-
- logTLSHandshakeFailure := func(conn *tls.Conn, err error) {
- state := conn.ConnectionState()
- remoteAddr := conn.RemoteAddr().String()
- serverName := state.ServerName
- if len(state.PeerCertificates) > 0 {
- cert := state.PeerCertificates[0]
- ips := make([]string, len(cert.IPAddresses))
- for i := range cert.IPAddresses {
- ips[i] = cert.IPAddresses[i].String()
- }
- cfg.logger.Warn(
- "rejected connection",
- zap.String("remote-addr", remoteAddr),
- zap.String("server-name", serverName),
- zap.Strings("ip-addresses", ips),
- zap.Strings("dns-names", cert.DNSNames),
- zap.Error(err),
- )
- } else {
- cfg.logger.Warn(
- "rejected connection",
- zap.String("remote-addr", remoteAddr),
- zap.String("server-name", serverName),
- zap.Error(err),
- )
- }
- }
- cfg.ClientTLSInfo.HandshakeFailure = logTLSHandshakeFailure
- cfg.PeerTLSInfo.HandshakeFailure = logTLSHandshakeFailure
-
- default:
- return fmt.Errorf("unknown logger option %q", cfg.Logger)
- }
-
- return nil
-}
-
-// NewZapCoreLoggerBuilder generates a zap core logger builder.
-func NewZapCoreLoggerBuilder(lg *zap.Logger, cr zapcore.Core, syncer zapcore.WriteSyncer) func(*Config) error {
- return func(cfg *Config) error {
- cfg.loggerMu.Lock()
- defer cfg.loggerMu.Unlock()
- cfg.logger = lg
- cfg.loggerConfig = nil
- cfg.loggerCore = cr
- cfg.loggerWriteSyncer = syncer
-
- grpcLogOnce.Do(func() {
- grpclog.SetLoggerV2(logutil.NewGRPCLoggerV2FromZapCore(cr, syncer))
- })
- return nil
- }
-}
diff --git a/vendor/go.etcd.io/etcd/embed/config_logging_journal_unix.go b/vendor/go.etcd.io/etcd/embed/config_logging_journal_unix.go
deleted file mode 100644
index 44a51d6..0000000
--- a/vendor/go.etcd.io/etcd/embed/config_logging_journal_unix.go
+++ /dev/null
@@ -1,35 +0,0 @@
-// Copyright 2018 The etcd Authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-// +build !windows
-
-package embed
-
-import (
- "fmt"
- "os"
-
- "go.etcd.io/etcd/pkg/logutil"
-
- "go.uber.org/zap/zapcore"
-)
-
-// use stderr as fallback
-func getJournalWriteSyncer() (zapcore.WriteSyncer, error) {
- jw, err := logutil.NewJournalWriter(os.Stderr)
- if err != nil {
- return nil, fmt.Errorf("can't find journal (%v)", err)
- }
- return zapcore.AddSync(jw), nil
-}
diff --git a/vendor/go.etcd.io/etcd/embed/config_logging_journal_windows.go b/vendor/go.etcd.io/etcd/embed/config_logging_journal_windows.go
deleted file mode 100644
index 5b76256..0000000
--- a/vendor/go.etcd.io/etcd/embed/config_logging_journal_windows.go
+++ /dev/null
@@ -1,27 +0,0 @@
-// Copyright 2018 The etcd Authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-// +build windows
-
-package embed
-
-import (
- "os"
-
- "go.uber.org/zap/zapcore"
-)
-
-func getJournalWriteSyncer() (zapcore.WriteSyncer, error) {
- return zapcore.AddSync(os.Stderr), nil
-}
diff --git a/vendor/go.etcd.io/etcd/embed/doc.go b/vendor/go.etcd.io/etcd/embed/doc.go
index 4811bb6..c555aa5 100644
--- a/vendor/go.etcd.io/etcd/embed/doc.go
+++ b/vendor/go.etcd.io/etcd/embed/doc.go
@@ -21,7 +21,7 @@
"log"
"time"
- "go.etcd.io/etcd/embed"
+ "github.com/coreos/etcd/embed"
)
func main() {
diff --git a/vendor/go.etcd.io/etcd/embed/etcd.go b/vendor/go.etcd.io/etcd/embed/etcd.go
index ac7dbc9..d656e17 100644
--- a/vendor/go.etcd.io/etcd/embed/etcd.go
+++ b/vendor/go.etcd.io/etcd/embed/etcd.go
@@ -23,34 +23,32 @@
"net"
"net/http"
"net/url"
- "runtime"
- "sort"
"strconv"
"sync"
"time"
- "go.etcd.io/etcd/etcdserver"
- "go.etcd.io/etcd/etcdserver/api/etcdhttp"
- "go.etcd.io/etcd/etcdserver/api/rafthttp"
- "go.etcd.io/etcd/etcdserver/api/v2http"
- "go.etcd.io/etcd/etcdserver/api/v2v3"
- "go.etcd.io/etcd/etcdserver/api/v3client"
- "go.etcd.io/etcd/etcdserver/api/v3rpc"
- "go.etcd.io/etcd/pkg/debugutil"
- runtimeutil "go.etcd.io/etcd/pkg/runtime"
- "go.etcd.io/etcd/pkg/transport"
- "go.etcd.io/etcd/pkg/types"
- "go.etcd.io/etcd/version"
+ "github.com/coreos/etcd/compactor"
+ "github.com/coreos/etcd/etcdserver"
+ "github.com/coreos/etcd/etcdserver/api/etcdhttp"
+ "github.com/coreos/etcd/etcdserver/api/v2http"
+ "github.com/coreos/etcd/etcdserver/api/v2v3"
+ "github.com/coreos/etcd/etcdserver/api/v3client"
+ "github.com/coreos/etcd/etcdserver/api/v3rpc"
+ "github.com/coreos/etcd/pkg/cors"
+ "github.com/coreos/etcd/pkg/debugutil"
+ runtimeutil "github.com/coreos/etcd/pkg/runtime"
+ "github.com/coreos/etcd/pkg/transport"
+ "github.com/coreos/etcd/pkg/types"
+ "github.com/coreos/etcd/rafthttp"
"github.com/coreos/pkg/capnslog"
grpc_prometheus "github.com/grpc-ecosystem/go-grpc-prometheus"
"github.com/soheilhy/cmux"
- "go.uber.org/zap"
"google.golang.org/grpc"
"google.golang.org/grpc/keepalive"
)
-var plog = capnslog.NewPackageLogger("go.etcd.io/etcd", "embed")
+var plog = capnslog.NewPackageLogger("github.com/coreos/etcd", "embed")
const (
// internal fd usage includes disk usage and transport usage.
@@ -113,26 +111,12 @@
e = nil
}()
- if e.cfg.logger != nil {
- e.cfg.logger.Info(
- "configuring peer listeners",
- zap.Strings("listen-peer-urls", e.cfg.getLPURLs()),
- )
- }
- if e.Peers, err = configurePeerListeners(cfg); err != nil {
+ if e.Peers, err = startPeerListeners(cfg); err != nil {
return e, err
}
-
- if e.cfg.logger != nil {
- e.cfg.logger.Info(
- "configuring client listeners",
- zap.Strings("listen-client-urls", e.cfg.getLCURLs()),
- )
- }
- if e.sctxs, err = configureClientListeners(cfg); err != nil {
+ if e.sctxs, err = startClientListeners(cfg); err != nil {
return e, err
}
-
for _, sctx := range e.sctxs {
e.Clients = append(e.Clients, sctx.l)
}
@@ -141,6 +125,7 @@
urlsmap types.URLsMap
token string
)
+
memberInitialized := true
if !isMemberInitialized(cfg) {
memberInitialized = false
@@ -159,16 +144,13 @@
return e, err
}
- backendFreelistType := parseBackendFreelistType(cfg.ExperimentalBackendFreelistType)
-
srvcfg := etcdserver.ServerConfig{
Name: cfg.Name,
ClientURLs: cfg.ACUrls,
PeerURLs: cfg.APUrls,
DataDir: cfg.Dir,
DedicatedWALDir: cfg.WalDir,
- SnapshotCount: cfg.SnapshotCount,
- SnapshotCatchUpEntries: cfg.SnapshotCatchUpEntries,
+ SnapCount: cfg.SnapCount,
MaxSnapFiles: cfg.MaxSnapFiles,
MaxWALFiles: cfg.MaxWalFiles,
InitialPeerURLsMap: urlsmap,
@@ -176,6 +158,7 @@
DiscoveryURL: cfg.Durl,
DiscoveryProxy: cfg.Dproxy,
NewCluster: cfg.IsNewCluster(),
+ ForceNewCluster: cfg.ForceNewCluster,
PeerTLSInfo: cfg.PeerTLSInfo,
TickMs: cfg.TickMs,
ElectionTicks: cfg.ElectionTicks(),
@@ -183,31 +166,17 @@
AutoCompactionRetention: autoCompactionRetention,
AutoCompactionMode: cfg.AutoCompactionMode,
QuotaBackendBytes: cfg.QuotaBackendBytes,
- BackendBatchLimit: cfg.BackendBatchLimit,
- BackendFreelistType: backendFreelistType,
- BackendBatchInterval: cfg.BackendBatchInterval,
MaxTxnOps: cfg.MaxTxnOps,
MaxRequestBytes: cfg.MaxRequestBytes,
StrictReconfigCheck: cfg.StrictReconfigCheck,
ClientCertAuthEnabled: cfg.ClientTLSInfo.ClientCertAuth,
AuthToken: cfg.AuthToken,
- BcryptCost: cfg.BcryptCost,
- CORS: cfg.CORS,
- HostWhitelist: cfg.HostWhitelist,
+ TokenTTL: cfg.AuthTokenTTL,
InitialCorruptCheck: cfg.ExperimentalInitialCorruptCheck,
CorruptCheckTime: cfg.ExperimentalCorruptCheckTime,
- PreVote: cfg.PreVote,
- Logger: cfg.logger,
- LoggerConfig: cfg.loggerConfig,
- LoggerCore: cfg.loggerCore,
- LoggerWriteSyncer: cfg.loggerWriteSyncer,
Debug: cfg.Debug,
- ForceNewCluster: cfg.ForceNewCluster,
- EnableGRPCGateway: cfg.EnableGRPCGateway,
- EnableLeaseCheckpoint: cfg.ExperimentalEnableLeaseCheckpoint,
- CompactionBatchLimit: cfg.ExperimentalCompactionBatchLimit,
}
- print(e.cfg.logger, *cfg, srvcfg, memberInitialized)
+
if e.Server, err = etcdserver.NewServer(srvcfg); err != nil {
return e, err
}
@@ -237,109 +206,10 @@
return e, err
}
- if e.cfg.logger != nil {
- e.cfg.logger.Info(
- "now serving peer/client/metrics",
- zap.String("local-member-id", e.Server.ID().String()),
- zap.Strings("initial-advertise-peer-urls", e.cfg.getAPURLs()),
- zap.Strings("listen-peer-urls", e.cfg.getLPURLs()),
- zap.Strings("advertise-client-urls", e.cfg.getACURLs()),
- zap.Strings("listen-client-urls", e.cfg.getLCURLs()),
- zap.Strings("listen-metrics-urls", e.cfg.getMetricsURLs()),
- )
- }
serving = true
return e, nil
}
-func print(lg *zap.Logger, ec Config, sc etcdserver.ServerConfig, memberInitialized bool) {
- // TODO: remove this after dropping "capnslog"
- if lg == nil {
- plog.Infof("name = %s", ec.Name)
- if sc.ForceNewCluster {
- plog.Infof("force new cluster")
- }
- plog.Infof("data dir = %s", sc.DataDir)
- plog.Infof("member dir = %s", sc.MemberDir())
- if sc.DedicatedWALDir != "" {
- plog.Infof("dedicated WAL dir = %s", sc.DedicatedWALDir)
- }
- plog.Infof("heartbeat = %dms", sc.TickMs)
- plog.Infof("election = %dms", sc.ElectionTicks*int(sc.TickMs))
- plog.Infof("snapshot count = %d", sc.SnapshotCount)
- if len(sc.DiscoveryURL) != 0 {
- plog.Infof("discovery URL= %s", sc.DiscoveryURL)
- if len(sc.DiscoveryProxy) != 0 {
- plog.Infof("discovery proxy = %s", sc.DiscoveryProxy)
- }
- }
- plog.Infof("advertise client URLs = %s", sc.ClientURLs)
- if memberInitialized {
- plog.Infof("initial advertise peer URLs = %s", sc.PeerURLs)
- plog.Infof("initial cluster = %s", sc.InitialPeerURLsMap)
- }
- } else {
- cors := make([]string, 0, len(ec.CORS))
- for v := range ec.CORS {
- cors = append(cors, v)
- }
- sort.Strings(cors)
-
- hss := make([]string, 0, len(ec.HostWhitelist))
- for v := range ec.HostWhitelist {
- hss = append(hss, v)
- }
- sort.Strings(hss)
-
- quota := ec.QuotaBackendBytes
- if quota == 0 {
- quota = etcdserver.DefaultQuotaBytes
- }
-
- lg.Info(
- "starting an etcd server",
- zap.String("etcd-version", version.Version),
- zap.String("git-sha", version.GitSHA),
- zap.String("go-version", runtime.Version()),
- zap.String("go-os", runtime.GOOS),
- zap.String("go-arch", runtime.GOARCH),
- zap.Int("max-cpu-set", runtime.GOMAXPROCS(0)),
- zap.Int("max-cpu-available", runtime.NumCPU()),
- zap.Bool("member-initialized", memberInitialized),
- zap.String("name", sc.Name),
- zap.String("data-dir", sc.DataDir),
- zap.String("wal-dir", ec.WalDir),
- zap.String("wal-dir-dedicated", sc.DedicatedWALDir),
- zap.String("member-dir", sc.MemberDir()),
- zap.Bool("force-new-cluster", sc.ForceNewCluster),
- zap.String("heartbeat-interval", fmt.Sprintf("%v", time.Duration(sc.TickMs)*time.Millisecond)),
- zap.String("election-timeout", fmt.Sprintf("%v", time.Duration(sc.ElectionTicks*int(sc.TickMs))*time.Millisecond)),
- zap.Bool("initial-election-tick-advance", sc.InitialElectionTickAdvance),
- zap.Uint64("snapshot-count", sc.SnapshotCount),
- zap.Uint64("snapshot-catchup-entries", sc.SnapshotCatchUpEntries),
- zap.Strings("initial-advertise-peer-urls", ec.getAPURLs()),
- zap.Strings("listen-peer-urls", ec.getLPURLs()),
- zap.Strings("advertise-client-urls", ec.getACURLs()),
- zap.Strings("listen-client-urls", ec.getLCURLs()),
- zap.Strings("listen-metrics-urls", ec.getMetricsURLs()),
- zap.Strings("cors", cors),
- zap.Strings("host-whitelist", hss),
- zap.String("initial-cluster", sc.InitialPeerURLsMap.String()),
- zap.String("initial-cluster-state", ec.ClusterState),
- zap.String("initial-cluster-token", sc.InitialClusterToken),
- zap.Int64("quota-size-bytes", quota),
- zap.Bool("pre-vote", sc.PreVote),
- zap.Bool("initial-corrupt-check", sc.InitialCorruptCheck),
- zap.String("corrupt-check-time-interval", sc.CorruptCheckTime.String()),
- zap.String("auto-compaction-mode", sc.AutoCompactionMode),
- zap.Duration("auto-compaction-retention", sc.AutoCompactionRetention),
- zap.String("auto-compaction-interval", sc.AutoCompactionRetention.String()),
- zap.String("discovery-url", sc.DiscoveryURL),
- zap.String("discovery-proxy", sc.DiscoveryProxy),
- )
- }
-}
-
// Config returns the current configuration.
func (e *Etcd) Config() Config {
return e.cfg
@@ -349,23 +219,6 @@
// Client requests will be terminated with request timeout.
// After timeout, enforce remaning requests be closed immediately.
func (e *Etcd) Close() {
- fields := []zap.Field{
- zap.String("name", e.cfg.Name),
- zap.String("data-dir", e.cfg.Dir),
- zap.Strings("advertise-peer-urls", e.cfg.getAPURLs()),
- zap.Strings("advertise-client-urls", e.cfg.getACURLs()),
- }
- lg := e.GetLogger()
- if lg != nil {
- lg.Info("closing etcd server", fields...)
- }
- defer func() {
- if lg != nil {
- lg.Info("closed etcd server", fields...)
- lg.Sync()
- }
- }()
-
e.closeOnce.Do(func() { close(e.stopc) })
// close client requests with request timeout
@@ -420,7 +273,7 @@
// do not grpc.Server.GracefulStop with TLS enabled etcd server
// See https://github.com/grpc/grpc-go/issues/1384#issuecomment-317124531
- // and https://github.com/etcd-io/etcd/issues/8916
+ // and https://github.com/coreos/etcd/issues/8916
if ss.secure {
shutdownNow()
return
@@ -449,27 +302,15 @@
func (e *Etcd) Err() <-chan error { return e.errc }
-func configurePeerListeners(cfg *Config) (peers []*peerListener, err error) {
+func startPeerListeners(cfg *Config) (peers []*peerListener, err error) {
if err = updateCipherSuites(&cfg.PeerTLSInfo, cfg.CipherSuites); err != nil {
return nil, err
}
if err = cfg.PeerSelfCert(); err != nil {
- if cfg.logger != nil {
- cfg.logger.Fatal("failed to get peer self-signed certs", zap.Error(err))
- } else {
- plog.Fatalf("could not get certs (%v)", err)
- }
+ plog.Fatalf("could not get certs (%v)", err)
}
if !cfg.PeerTLSInfo.Empty() {
- if cfg.logger != nil {
- cfg.logger.Info(
- "starting with peer TLS",
- zap.String("tls-info", fmt.Sprintf("%+v", cfg.PeerTLSInfo)),
- zap.Strings("cipher-suites", cfg.CipherSuites),
- )
- } else {
- plog.Infof("peerTLS: %s", cfg.PeerTLSInfo)
- }
+ plog.Infof("peerTLS: %s", cfg.PeerTLSInfo)
}
peers = make([]*peerListener, len(cfg.LPUrls))
@@ -479,15 +320,7 @@
}
for i := range peers {
if peers[i] != nil && peers[i].close != nil {
- if cfg.logger != nil {
- cfg.logger.Warn(
- "closing peer listener",
- zap.String("address", cfg.LPUrls[i].String()),
- zap.Error(err),
- )
- } else {
- plog.Info("stopping listening for peers on ", cfg.LPUrls[i].String())
- }
+ plog.Info("stopping listening for peers on ", cfg.LPUrls[i].String())
ctx, cancel := context.WithTimeout(context.Background(), time.Second)
peers[i].close(ctx)
cancel()
@@ -498,18 +331,10 @@
for i, u := range cfg.LPUrls {
if u.Scheme == "http" {
if !cfg.PeerTLSInfo.Empty() {
- if cfg.logger != nil {
- cfg.logger.Warn("scheme is HTTP while key and cert files are present; ignoring key and cert files", zap.String("peer-url", u.String()))
- } else {
- plog.Warningf("The scheme of peer url %s is HTTP while peer key/cert files are presented. Ignored peer key/cert files.", u.String())
- }
+ plog.Warningf("The scheme of peer url %s is HTTP while peer key/cert files are presented. Ignored peer key/cert files.", u.String())
}
if cfg.PeerTLSInfo.ClientCertAuth {
- if cfg.logger != nil {
- cfg.logger.Warn("scheme is HTTP while --peer-client-cert-auth is enabled; ignoring client cert auth for this URL", zap.String("peer-url", u.String()))
- } else {
- plog.Warningf("The scheme of peer url %s is HTTP while client cert auth (--peer-client-cert-auth) is enabled. Ignored client cert auth for this url.", u.String())
- }
+ plog.Warningf("The scheme of peer url %s is HTTP while client cert auth (--peer-client-cert-auth) is enabled. Ignored client cert auth for this url.", u.String())
}
}
peers[i] = &peerListener{close: func(context.Context) error { return nil }}
@@ -521,13 +346,14 @@
peers[i].close = func(context.Context) error {
return peers[i].Listener.Close()
}
+ plog.Info("listening for peers on ", u.String())
}
return peers, nil
}
// configure peer handlers after rafthttp.Transport started
func (e *Etcd) servePeers() (err error) {
- ph := etcdhttp.NewPeerHandler(e.GetLogger(), e.Server)
+ ph := etcdhttp.NewPeerHandler(e.Server)
var peerTLScfg *tls.Config
if !e.cfg.PeerTLSInfo.Empty() {
if peerTLScfg, err = e.cfg.PeerTLSInfo.ServerConfig(); err != nil {
@@ -536,7 +362,6 @@
}
for _, p := range e.Peers {
- u := p.Listener.Addr().String()
gs := v3rpc.Server(e.Server, peerTLScfg)
m := cmux.New(p.Listener)
go gs.Serve(m.Match(cmux.HTTP2()))
@@ -551,19 +376,7 @@
// gracefully shutdown http.Server
// close open listeners, idle connections
// until context cancel or time-out
- if e.cfg.logger != nil {
- e.cfg.logger.Info(
- "stopping serving peer traffic",
- zap.String("address", u),
- )
- }
stopServers(ctx, &servers{secure: peerTLScfg != nil, grpc: gs, http: srv})
- if e.cfg.logger != nil {
- e.cfg.logger.Info(
- "stopped serving peer traffic",
- zap.String("address", u),
- )
- }
return nil
}
}
@@ -571,70 +384,45 @@
// start peer servers in a goroutine
for _, pl := range e.Peers {
go func(l *peerListener) {
- u := l.Addr().String()
- if e.cfg.logger != nil {
- e.cfg.logger.Info(
- "serving peer traffic",
- zap.String("address", u),
- )
- } else {
- plog.Info("listening for peers on ", u)
- }
e.errHandler(l.serve())
}(pl)
}
return nil
}
-func configureClientListeners(cfg *Config) (sctxs map[string]*serveCtx, err error) {
+func startClientListeners(cfg *Config) (sctxs map[string]*serveCtx, err error) {
if err = updateCipherSuites(&cfg.ClientTLSInfo, cfg.CipherSuites); err != nil {
return nil, err
}
if err = cfg.ClientSelfCert(); err != nil {
- if cfg.logger != nil {
- cfg.logger.Fatal("failed to get client self-signed certs", zap.Error(err))
- } else {
- plog.Fatalf("could not get certs (%v)", err)
- }
+ plog.Fatalf("could not get certs (%v)", err)
}
if cfg.EnablePprof {
- if cfg.logger != nil {
- cfg.logger.Info("pprof is enabled", zap.String("path", debugutil.HTTPPrefixPProf))
- } else {
- plog.Infof("pprof is enabled under %s", debugutil.HTTPPrefixPProf)
- }
+ plog.Infof("pprof is enabled under %s", debugutil.HTTPPrefixPProf)
}
sctxs = make(map[string]*serveCtx)
for _, u := range cfg.LCUrls {
- sctx := newServeCtx(cfg.logger)
+ sctx := newServeCtx()
+
if u.Scheme == "http" || u.Scheme == "unix" {
if !cfg.ClientTLSInfo.Empty() {
- if cfg.logger != nil {
- cfg.logger.Warn("scheme is HTTP while key and cert files are present; ignoring key and cert files", zap.String("client-url", u.String()))
- } else {
- plog.Warningf("The scheme of client url %s is HTTP while peer key/cert files are presented. Ignored key/cert files.", u.String())
- }
+ plog.Warningf("The scheme of client url %s is HTTP while peer key/cert files are presented. Ignored key/cert files.", u.String())
}
if cfg.ClientTLSInfo.ClientCertAuth {
- if cfg.logger != nil {
- cfg.logger.Warn("scheme is HTTP while --client-cert-auth is enabled; ignoring client cert auth for this URL", zap.String("client-url", u.String()))
- } else {
- plog.Warningf("The scheme of client url %s is HTTP while client cert auth (--client-cert-auth) is enabled. Ignored client cert auth for this url.", u.String())
- }
+ plog.Warningf("The scheme of client url %s is HTTP while client cert auth (--client-cert-auth) is enabled. Ignored client cert auth for this url.", u.String())
}
}
if (u.Scheme == "https" || u.Scheme == "unixs") && cfg.ClientTLSInfo.Empty() {
- return nil, fmt.Errorf("TLS key/cert (--cert-file, --key-file) must be provided for client url %s with HTTPS scheme", u.String())
+ return nil, fmt.Errorf("TLS key/cert (--cert-file, --key-file) must be provided for client url %s with HTTPs scheme", u.String())
}
- network := "tcp"
+ proto := "tcp"
addr := u.Host
if u.Scheme == "unix" || u.Scheme == "unixs" {
- network = "unix"
+ proto = "unix"
addr = u.Host + u.Path
}
- sctx.network = network
sctx.secure = u.Scheme == "https" || u.Scheme == "unixs"
sctx.insecure = !sctx.secure
@@ -644,7 +432,7 @@
continue
}
- if sctx.l, err = net.Listen(network, addr); err != nil {
+ if sctx.l, err = net.Listen(proto, addr); err != nil {
return nil, err
}
// net.Listener will rewrite ipv4 0.0.0.0 to ipv6 [::], breaking
@@ -653,37 +441,21 @@
if fdLimit, fderr := runtimeutil.FDLimit(); fderr == nil {
if fdLimit <= reservedInternalFDNum {
- if cfg.logger != nil {
- cfg.logger.Fatal(
- "file descriptor limit of etcd process is too low; please set higher",
- zap.Uint64("limit", fdLimit),
- zap.Int("recommended-limit", reservedInternalFDNum),
- )
- } else {
- plog.Fatalf("file descriptor limit[%d] of etcd process is too low, and should be set higher than %d to ensure internal usage", fdLimit, reservedInternalFDNum)
- }
+ plog.Fatalf("file descriptor limit[%d] of etcd process is too low, and should be set higher than %d to ensure internal usage", fdLimit, reservedInternalFDNum)
}
sctx.l = transport.LimitListener(sctx.l, int(fdLimit-reservedInternalFDNum))
}
- if network == "tcp" {
- if sctx.l, err = transport.NewKeepAliveListener(sctx.l, network, nil); err != nil {
+ if proto == "tcp" {
+ if sctx.l, err = transport.NewKeepAliveListener(sctx.l, "tcp", nil); err != nil {
return nil, err
}
}
+ plog.Info("listening for client requests on ", u.Host)
defer func() {
- if err == nil {
- return
- }
- sctx.l.Close()
- if cfg.logger != nil {
- cfg.logger.Warn(
- "closing peer listener",
- zap.String("address", u.Host),
- zap.Error(err),
- )
- } else {
+ if err != nil {
+ sctx.l.Close()
plog.Info("stopping listening for client requests on ", u.Host)
}
}()
@@ -704,31 +476,28 @@
func (e *Etcd) serveClients() (err error) {
if !e.cfg.ClientTLSInfo.Empty() {
- if e.cfg.logger != nil {
- e.cfg.logger.Info(
- "starting with client TLS",
- zap.String("tls-info", fmt.Sprintf("%+v", e.cfg.ClientTLSInfo)),
- zap.Strings("cipher-suites", e.cfg.CipherSuites),
- )
- } else {
- plog.Infof("ClientTLS: %s", e.cfg.ClientTLSInfo)
- }
+ plog.Infof("ClientTLS: %s", e.cfg.ClientTLSInfo)
+ }
+
+ if e.cfg.CorsInfo.String() != "" {
+ plog.Infof("cors = %s", e.cfg.CorsInfo)
}
// Start a client server goroutine for each listen address
var h http.Handler
if e.Config().EnableV2 {
if len(e.Config().ExperimentalEnableV2V3) > 0 {
- srv := v2v3.NewServer(e.cfg.logger, v3client.New(e.Server), e.cfg.ExperimentalEnableV2V3)
- h = v2http.NewClientHandler(e.GetLogger(), srv, e.Server.Cfg.ReqTimeout())
+ srv := v2v3.NewServer(v3client.New(e.Server), e.cfg.ExperimentalEnableV2V3)
+ h = v2http.NewClientHandler(srv, e.Server.Cfg.ReqTimeout())
} else {
- h = v2http.NewClientHandler(e.GetLogger(), e.Server, e.Server.Cfg.ReqTimeout())
+ h = v2http.NewClientHandler(e.Server, e.Server.Cfg.ReqTimeout())
}
} else {
mux := http.NewServeMux()
etcdhttp.HandleBasic(mux, e.Server)
h = mux
}
+ h = http.Handler(&cors.CORSHandler{Handler: h, Info: e.cfg.CorsInfo})
gopts := []grpc.ServerOption{}
if e.cfg.GRPCKeepAliveMinTime > time.Duration(0) {
@@ -745,7 +514,7 @@
}))
}
- // start client servers in each goroutine
+ // start client servers in a goroutine
for _, sctx := range e.sctxs {
go func(s *serveCtx) {
e.errHandler(s.serve(e.Server, &e.cfg.ClientTLSInfo, h, e.errHandler, gopts...))
@@ -774,14 +543,7 @@
}
e.metricsListeners = append(e.metricsListeners, ml)
go func(u url.URL, ln net.Listener) {
- if e.cfg.logger != nil {
- e.cfg.logger.Info(
- "serving metrics",
- zap.String("address", u.String()),
- )
- } else {
- plog.Info("listening for metrics on ", u.String())
- }
+ plog.Info("listening for metrics on ", u.String())
e.errHandler(http.Serve(ln, metricsMux))
}(murl, ml)
}
@@ -801,21 +563,13 @@
}
}
-// GetLogger returns the logger.
-func (e *Etcd) GetLogger() *zap.Logger {
- e.cfg.loggerMu.RLock()
- l := e.cfg.logger
- e.cfg.loggerMu.RUnlock()
- return l
-}
-
func parseCompactionRetention(mode, retention string) (ret time.Duration, err error) {
h, err := strconv.Atoi(retention)
- if err == nil {
+ if err == nil && h >= 0 {
switch mode {
- case CompactorModeRevision:
+ case compactor.ModeRevision:
ret = time.Duration(int64(h))
- case CompactorModePeriodic:
+ case compactor.ModePeriodic:
ret = time.Duration(int64(h)) * time.Hour
}
} else {
diff --git a/vendor/go.etcd.io/etcd/embed/serve.go b/vendor/go.etcd.io/etcd/embed/serve.go
index a3b20c4..62b8b57 100644
--- a/vendor/go.etcd.io/etcd/embed/serve.go
+++ b/vendor/go.etcd.io/etcd/embed/serve.go
@@ -16,41 +16,36 @@
import (
"context"
- "fmt"
"io/ioutil"
defaultLog "log"
"net"
"net/http"
"strings"
- "go.etcd.io/etcd/clientv3/credentials"
- "go.etcd.io/etcd/etcdserver"
- "go.etcd.io/etcd/etcdserver/api/v3client"
- "go.etcd.io/etcd/etcdserver/api/v3election"
- "go.etcd.io/etcd/etcdserver/api/v3election/v3electionpb"
- v3electiongw "go.etcd.io/etcd/etcdserver/api/v3election/v3electionpb/gw"
- "go.etcd.io/etcd/etcdserver/api/v3lock"
- "go.etcd.io/etcd/etcdserver/api/v3lock/v3lockpb"
- v3lockgw "go.etcd.io/etcd/etcdserver/api/v3lock/v3lockpb/gw"
- "go.etcd.io/etcd/etcdserver/api/v3rpc"
- etcdservergw "go.etcd.io/etcd/etcdserver/etcdserverpb/gw"
- "go.etcd.io/etcd/pkg/debugutil"
- "go.etcd.io/etcd/pkg/httputil"
- "go.etcd.io/etcd/pkg/transport"
+ "github.com/coreos/etcd/etcdserver"
+ "github.com/coreos/etcd/etcdserver/api/v3client"
+ "github.com/coreos/etcd/etcdserver/api/v3election"
+ "github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb"
+ v3electiongw "github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb/gw"
+ "github.com/coreos/etcd/etcdserver/api/v3lock"
+ "github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb"
+ v3lockgw "github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb/gw"
+ "github.com/coreos/etcd/etcdserver/api/v3rpc"
+ etcdservergw "github.com/coreos/etcd/etcdserver/etcdserverpb/gw"
+ "github.com/coreos/etcd/pkg/debugutil"
+ "github.com/coreos/etcd/pkg/transport"
gw "github.com/grpc-ecosystem/grpc-gateway/runtime"
"github.com/soheilhy/cmux"
"github.com/tmc/grpc-websocket-proxy/wsproxy"
- "go.uber.org/zap"
"golang.org/x/net/trace"
"google.golang.org/grpc"
+ "google.golang.org/grpc/credentials"
)
type serveCtx struct {
- lg *zap.Logger
l net.Listener
addr string
- network string
secure bool
insecure bool
@@ -68,14 +63,10 @@
http *http.Server
}
-func newServeCtx(lg *zap.Logger) *serveCtx {
+func newServeCtx() *serveCtx {
ctx, cancel := context.WithCancel(context.Background())
- return &serveCtx{
- lg: lg,
- ctx: ctx,
- cancel: cancel,
- userHandlers: make(map[string]http.Handler),
- serversC: make(chan *servers, 2), // in case sctx.insecure,sctx.secure true
+ return &serveCtx{ctx: ctx, cancel: cancel, userHandlers: make(map[string]http.Handler),
+ serversC: make(chan *servers, 2), // in case sctx.insecure,sctx.secure true
}
}
@@ -90,10 +81,7 @@
gopts ...grpc.ServerOption) (err error) {
logger := defaultLog.New(ioutil.Discard, "etcdhttp", 0)
<-s.ReadyNotify()
-
- if sctx.lg == nil {
- plog.Info("ready to serve client requests")
- }
+ plog.Info("ready to serve client requests")
m := cmux.New(sctx.l)
v3c := v3client.New(s)
@@ -118,31 +106,22 @@
go func() { errHandler(gs.Serve(grpcl)) }()
var gwmux *gw.ServeMux
- if s.Cfg.EnableGRPCGateway {
- gwmux, err = sctx.registerGateway([]grpc.DialOption{grpc.WithInsecure()})
- if err != nil {
- return err
- }
+ gwmux, err = sctx.registerGateway([]grpc.DialOption{grpc.WithInsecure()})
+ if err != nil {
+ return err
}
httpmux := sctx.createMux(gwmux, handler)
srvhttp := &http.Server{
- Handler: createAccessController(sctx.lg, s, httpmux),
+ Handler: wrapMux(httpmux),
ErrorLog: logger, // do not log user error
}
httpl := m.Match(cmux.HTTP1())
go func() { errHandler(srvhttp.Serve(httpl)) }()
sctx.serversC <- &servers{grpc: gs, http: srvhttp}
- if sctx.lg != nil {
- sctx.lg.Info(
- "serving client traffic insecurely; this is strongly discouraged!",
- zap.String("address", sctx.l.Addr().String()),
- )
- } else {
- plog.Noticef("serving insecure client requests on %s, this is strongly discouraged!", sctx.l.Addr().String())
- }
+ plog.Noticef("serving insecure client requests on %s, this is strongly discouraged!", sctx.l.Addr().String())
}
if sctx.secure {
@@ -158,17 +137,15 @@
}
handler = grpcHandlerFunc(gs, handler)
+ dtls := tlscfg.Clone()
+ // trust local server
+ dtls.InsecureSkipVerify = true
+ creds := credentials.NewTLS(dtls)
+ opts := []grpc.DialOption{grpc.WithTransportCredentials(creds)}
var gwmux *gw.ServeMux
- if s.Cfg.EnableGRPCGateway {
- dtls := tlscfg.Clone()
- // trust local server
- dtls.InsecureSkipVerify = true
- bundle := credentials.NewBundle(credentials.Config{TLSConfig: dtls})
- opts := []grpc.DialOption{grpc.WithTransportCredentials(bundle.TransportCredentials())}
- gwmux, err = sctx.registerGateway(opts)
- if err != nil {
- return err
- }
+ gwmux, err = sctx.registerGateway(opts)
+ if err != nil {
+ return err
}
var tlsl net.Listener
@@ -180,21 +157,14 @@
httpmux := sctx.createMux(gwmux, handler)
srv := &http.Server{
- Handler: createAccessController(sctx.lg, s, httpmux),
+ Handler: wrapMux(httpmux),
TLSConfig: tlscfg,
ErrorLog: logger, // do not log user error
}
go func() { errHandler(srv.Serve(tlsl)) }()
sctx.serversC <- &servers{secure: true, grpc: gs, http: srv}
- if sctx.lg != nil {
- sctx.lg.Info(
- "serving client traffic securely",
- zap.String("address", sctx.l.Addr().String()),
- )
- } else {
- plog.Infof("serving client requests on %s", sctx.l.Addr().String())
- }
+ plog.Infof("serving client requests on %s", sctx.l.Addr().String())
}
close(sctx.serversC)
@@ -222,14 +192,7 @@
func (sctx *serveCtx) registerGateway(opts []grpc.DialOption) (*gw.ServeMux, error) {
ctx := sctx.ctx
-
- addr := sctx.addr
- if network := sctx.network; network == "unix" {
- // explicitly define unix network for gRPC socket support
- addr = fmt.Sprintf("%s://%s", network, addr)
- }
-
- conn, err := grpc.DialContext(ctx, addr, opts...)
+ conn, err := grpc.DialContext(ctx, sctx.addr, opts...)
if err != nil {
return nil, err
}
@@ -253,15 +216,7 @@
go func() {
<-ctx.Done()
if cerr := conn.Close(); cerr != nil {
- if sctx.lg != nil {
- sctx.lg.Warn(
- "failed to close connection",
- zap.String("address", sctx.l.Addr().String()),
- zap.Error(cerr),
- )
- } else {
- plog.Warningf("failed to close conn to %s: %v", sctx.l.Addr().String(), cerr)
- }
+ plog.Warningf("failed to close conn to %s: %v", sctx.l.Addr().String(), cerr)
}
}()
@@ -274,148 +229,43 @@
httpmux.Handle(path, h)
}
- if gwmux != nil {
- httpmux.Handle(
- "/v3/",
- wsproxy.WebsocketProxy(
- gwmux,
- wsproxy.WithRequestMutator(
- // Default to the POST method for streams
- func(_ *http.Request, outgoing *http.Request) *http.Request {
- outgoing.Method = "POST"
- return outgoing
- },
- ),
+ httpmux.Handle(
+ "/v3beta/",
+ wsproxy.WebsocketProxy(
+ gwmux,
+ wsproxy.WithRequestMutator(
+ // Default to the POST method for streams
+ func(incoming *http.Request, outgoing *http.Request) *http.Request {
+ outgoing.Method = "POST"
+ return outgoing
+ },
),
- )
- }
+ ),
+ )
if handler != nil {
httpmux.Handle("/", handler)
}
return httpmux
}
-// createAccessController wraps HTTP multiplexer:
-// - mutate gRPC gateway request paths
-// - check hostname whitelist
-// client HTTP requests goes here first
-func createAccessController(lg *zap.Logger, s *etcdserver.EtcdServer, mux *http.ServeMux) http.Handler {
- return &accessController{lg: lg, s: s, mux: mux}
-}
+// wraps HTTP multiplexer to mute requests to /v3alpha
+// TODO: deprecate this in 3.4 release
+func wrapMux(mux *http.ServeMux) http.Handler { return &v3alphaMutator{mux: mux} }
-type accessController struct {
- lg *zap.Logger
- s *etcdserver.EtcdServer
+type v3alphaMutator struct {
mux *http.ServeMux
}
-func (ac *accessController) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
- // redirect for backward compatibilities
- if req != nil && req.URL != nil && strings.HasPrefix(req.URL.Path, "/v3beta/") {
- req.URL.Path = strings.Replace(req.URL.Path, "/v3beta/", "/v3/", 1)
+func (m *v3alphaMutator) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
+ if req != nil && req.URL != nil && strings.HasPrefix(req.URL.Path, "/v3alpha/") {
+ req.URL.Path = strings.Replace(req.URL.Path, "/v3alpha/", "/v3beta/", 1)
}
-
- if req.TLS == nil { // check origin if client connection is not secure
- host := httputil.GetHostname(req)
- if !ac.s.AccessController.IsHostWhitelisted(host) {
- if ac.lg != nil {
- ac.lg.Warn(
- "rejecting HTTP request to prevent DNS rebinding attacks",
- zap.String("host", host),
- )
- } else {
- plog.Warningf("rejecting HTTP request from %q to prevent DNS rebinding attacks", host)
- }
- // TODO: use Go's "http.StatusMisdirectedRequest" (421)
- // https://github.com/golang/go/commit/4b8a7eafef039af1834ef9bfa879257c4a72b7b5
- http.Error(rw, errCVE20185702(host), 421)
- return
- }
- } else if ac.s.Cfg.ClientCertAuthEnabled && ac.s.Cfg.EnableGRPCGateway &&
- ac.s.AuthStore().IsAuthEnabled() && strings.HasPrefix(req.URL.Path, "/v3/") {
- for _, chains := range req.TLS.VerifiedChains {
- if len(chains) < 1 {
- continue
- }
- if len(chains[0].Subject.CommonName) != 0 {
- http.Error(rw, "CommonName of client sending a request against gateway will be ignored and not used as expected", 400)
- return
- }
- }
- }
-
- // Write CORS header.
- if ac.s.AccessController.OriginAllowed("*") {
- addCORSHeader(rw, "*")
- } else if origin := req.Header.Get("Origin"); ac.s.OriginAllowed(origin) {
- addCORSHeader(rw, origin)
- }
-
- if req.Method == "OPTIONS" {
- rw.WriteHeader(http.StatusOK)
- return
- }
-
- ac.mux.ServeHTTP(rw, req)
-}
-
-// addCORSHeader adds the correct cors headers given an origin
-func addCORSHeader(w http.ResponseWriter, origin string) {
- w.Header().Add("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
- w.Header().Add("Access-Control-Allow-Origin", origin)
- w.Header().Add("Access-Control-Allow-Headers", "accept, content-type, authorization")
-}
-
-// https://github.com/transmission/transmission/pull/468
-func errCVE20185702(host string) string {
- return fmt.Sprintf(`
-etcd received your request, but the Host header was unrecognized.
-
-To fix this, choose one of the following options:
-- Enable TLS, then any HTTPS request will be allowed.
-- Add the hostname you want to use to the whitelist in settings.
- - e.g. etcd --host-whitelist %q
-
-This requirement has been added to help prevent "DNS Rebinding" attacks (CVE-2018-5702).
-`, host)
-}
-
-// WrapCORS wraps existing handler with CORS.
-// TODO: deprecate this after v2 proxy deprecate
-func WrapCORS(cors map[string]struct{}, h http.Handler) http.Handler {
- return &corsHandler{
- ac: &etcdserver.AccessController{CORS: cors},
- h: h,
- }
-}
-
-type corsHandler struct {
- ac *etcdserver.AccessController
- h http.Handler
-}
-
-func (ch *corsHandler) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
- if ch.ac.OriginAllowed("*") {
- addCORSHeader(rw, "*")
- } else if origin := req.Header.Get("Origin"); ch.ac.OriginAllowed(origin) {
- addCORSHeader(rw, origin)
- }
-
- if req.Method == "OPTIONS" {
- rw.WriteHeader(http.StatusOK)
- return
- }
-
- ch.h.ServeHTTP(rw, req)
+ m.mux.ServeHTTP(rw, req)
}
func (sctx *serveCtx) registerUserHandler(s string, h http.Handler) {
if sctx.userHandlers[s] != nil {
- if sctx.lg != nil {
- sctx.lg.Warn("path is already registered by user handler", zap.String("path", s))
- } else {
- plog.Warningf("path %s already registered by user handler", s)
- }
+ plog.Warningf("path %s already registered by user handler", s)
return
}
sctx.userHandlers[s] = h
diff --git a/vendor/go.etcd.io/etcd/embed/util.go b/vendor/go.etcd.io/etcd/embed/util.go
index 40f3ce9..168e031 100644
--- a/vendor/go.etcd.io/etcd/embed/util.go
+++ b/vendor/go.etcd.io/etcd/embed/util.go
@@ -17,7 +17,7 @@
import (
"path/filepath"
- "go.etcd.io/etcd/wal"
+ "github.com/coreos/etcd/wal"
)
func isMemberInitialized(cfg *Config) bool {
@@ -25,5 +25,6 @@
if waldir == "" {
waldir = filepath.Join(cfg.Dir, "member", "wal")
}
+
return wal.Exist(waldir)
}