sslobodr | d046be8 | 2019-01-16 10:02:22 -0500 | [diff] [blame] | 1 | // Copyright 2015 The etcd Authors |
| 2 | // |
| 3 | // Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 | // you may not use this file except in compliance with the License. |
| 5 | // You may obtain a copy of the License at |
| 6 | // |
| 7 | // http://www.apache.org/licenses/LICENSE-2.0 |
| 8 | // |
| 9 | // Unless required by applicable law or agreed to in writing, software |
| 10 | // distributed under the License is distributed on an "AS IS" BASIS, |
| 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 12 | // See the License for the specific language governing permissions and |
| 13 | // limitations under the License. |
| 14 | |
| 15 | package etcdmain |
| 16 | |
| 17 | import ( |
| 18 | "strconv" |
| 19 | |
| 20 | "github.com/coreos/etcd/embed" |
| 21 | ) |
| 22 | |
| 23 | var ( |
| 24 | usageline = `usage: etcd [flags] |
| 25 | start an etcd server |
| 26 | |
| 27 | etcd --version |
| 28 | show the version of etcd |
| 29 | |
| 30 | etcd -h | --help |
| 31 | show the help information about etcd |
| 32 | |
| 33 | etcd --config-file |
| 34 | path to the server configuration file |
| 35 | |
| 36 | etcd gateway |
| 37 | run the stateless pass-through etcd TCP connection forwarding proxy |
| 38 | |
| 39 | etcd grpc-proxy |
| 40 | run the stateless etcd v3 gRPC L7 reverse proxy |
| 41 | ` |
| 42 | flagsline = ` |
| 43 | member flags: |
| 44 | |
| 45 | --name 'default' |
| 46 | human-readable name for this member. |
| 47 | --data-dir '${name}.etcd' |
| 48 | path to the data directory. |
| 49 | --wal-dir '' |
| 50 | path to the dedicated wal directory. |
| 51 | --snapshot-count '100000' |
| 52 | number of committed transactions to trigger a snapshot to disk. |
| 53 | --heartbeat-interval '100' |
| 54 | time (in milliseconds) of a heartbeat interval. |
| 55 | --election-timeout '1000' |
| 56 | time (in milliseconds) for an election to timeout. See tuning documentation for details. |
| 57 | --initial-election-tick-advance 'true' |
| 58 | whether to fast-forward initial election ticks on boot for faster election. |
| 59 | --listen-peer-urls 'http://localhost:2380' |
| 60 | list of URLs to listen on for peer traffic. |
| 61 | --listen-client-urls 'http://localhost:2379' |
| 62 | list of URLs to listen on for client traffic. |
| 63 | --max-snapshots '` + strconv.Itoa(embed.DefaultMaxSnapshots) + `' |
| 64 | maximum number of snapshot files to retain (0 is unlimited). |
| 65 | --max-wals '` + strconv.Itoa(embed.DefaultMaxWALs) + `' |
| 66 | maximum number of wal files to retain (0 is unlimited). |
| 67 | --cors '' |
| 68 | comma-separated whitelist of origins for CORS (cross-origin resource sharing). |
| 69 | --quota-backend-bytes '0' |
| 70 | raise alarms when backend size exceeds the given quota (0 defaults to low space quota). |
| 71 | --max-txn-ops '128' |
| 72 | maximum number of operations permitted in a transaction. |
| 73 | --max-request-bytes '1572864' |
| 74 | maximum client request size in bytes the server will accept. |
| 75 | --grpc-keepalive-min-time '5s' |
| 76 | minimum duration interval that a client should wait before pinging server. |
| 77 | --grpc-keepalive-interval '2h' |
| 78 | frequency duration of server-to-client ping to check if a connection is alive (0 to disable). |
| 79 | --grpc-keepalive-timeout '20s' |
| 80 | additional duration of wait before closing a non-responsive connection (0 to disable). |
| 81 | |
| 82 | clustering flags: |
| 83 | |
| 84 | --initial-advertise-peer-urls 'http://localhost:2380' |
| 85 | list of this member's peer URLs to advertise to the rest of the cluster. |
| 86 | --initial-cluster 'default=http://localhost:2380' |
| 87 | initial cluster configuration for bootstrapping. |
| 88 | --initial-cluster-state 'new' |
| 89 | initial cluster state ('new' or 'existing'). |
| 90 | --initial-cluster-token 'etcd-cluster' |
| 91 | initial cluster token for the etcd cluster during bootstrap. |
| 92 | Specifying this can protect you from unintended cross-cluster interaction when running multiple clusters. |
| 93 | --advertise-client-urls 'http://localhost:2379' |
| 94 | list of this member's client URLs to advertise to the public. |
| 95 | The client URLs advertised should be accessible to machines that talk to etcd cluster. etcd client libraries parse these URLs to connect to the cluster. |
| 96 | --discovery '' |
| 97 | discovery URL used to bootstrap the cluster. |
| 98 | --discovery-fallback 'proxy' |
| 99 | expected behavior ('exit' or 'proxy') when discovery services fails. |
| 100 | "proxy" supports v2 API only. |
| 101 | --discovery-proxy '' |
| 102 | HTTP proxy to use for traffic to discovery service. |
| 103 | --discovery-srv '' |
| 104 | dns srv domain used to bootstrap the cluster. |
| 105 | --strict-reconfig-check '` + strconv.FormatBool(embed.DefaultStrictReconfigCheck) + `' |
| 106 | reject reconfiguration requests that would cause quorum loss. |
| 107 | --auto-compaction-retention '0' |
| 108 | auto compaction retention length. 0 means disable auto compaction. |
| 109 | --auto-compaction-mode 'periodic' |
| 110 | interpret 'auto-compaction-retention' one of: periodic|revision. 'periodic' for duration based retention, defaulting to hours if no time unit is provided (e.g. '5m'). 'revision' for revision number based retention. |
| 111 | --enable-v2 '` + strconv.FormatBool(embed.DefaultEnableV2) + `' |
| 112 | Accept etcd V2 client requests. |
| 113 | |
| 114 | proxy flags: |
| 115 | "proxy" supports v2 API only. |
| 116 | |
| 117 | --proxy 'off' |
| 118 | proxy mode setting ('off', 'readonly' or 'on'). |
| 119 | --proxy-failure-wait 5000 |
| 120 | time (in milliseconds) an endpoint will be held in a failed state. |
| 121 | --proxy-refresh-interval 30000 |
| 122 | time (in milliseconds) of the endpoints refresh interval. |
| 123 | --proxy-dial-timeout 1000 |
| 124 | time (in milliseconds) for a dial to timeout. |
| 125 | --proxy-write-timeout 5000 |
| 126 | time (in milliseconds) for a write to timeout. |
| 127 | --proxy-read-timeout 0 |
| 128 | time (in milliseconds) for a read to timeout. |
| 129 | |
| 130 | |
| 131 | security flags: |
| 132 | |
| 133 | --ca-file '' [DEPRECATED] |
| 134 | path to the client server TLS CA file. '-ca-file ca.crt' could be replaced by '-trusted-ca-file ca.crt -client-cert-auth' and etcd will perform the same. |
| 135 | --cert-file '' |
| 136 | path to the client server TLS cert file. |
| 137 | --key-file '' |
| 138 | path to the client server TLS key file. |
| 139 | --client-cert-auth 'false' |
| 140 | enable client cert authentication. |
| 141 | --client-crl-file '' |
| 142 | path to the client certificate revocation list file. |
| 143 | --trusted-ca-file '' |
| 144 | path to the client server TLS trusted CA cert file. |
| 145 | --auto-tls 'false' |
| 146 | client TLS using generated certificates. |
| 147 | --peer-ca-file '' [DEPRECATED] |
| 148 | path to the peer server TLS CA file. '-peer-ca-file ca.crt' could be replaced by '-peer-trusted-ca-file ca.crt -peer-client-cert-auth' and etcd will perform the same. |
| 149 | --peer-cert-file '' |
| 150 | path to the peer server TLS cert file. |
| 151 | --peer-key-file '' |
| 152 | path to the peer server TLS key file. |
| 153 | --peer-client-cert-auth 'false' |
| 154 | enable peer client cert authentication. |
| 155 | --peer-trusted-ca-file '' |
| 156 | path to the peer server TLS trusted CA file. |
| 157 | --peer-cert-allowed-cn '' |
| 158 | Required CN for client certs connecting to the peer endpoint. |
| 159 | --peer-auto-tls 'false' |
| 160 | peer TLS using self-generated certificates if --peer-key-file and --peer-cert-file are not provided. |
| 161 | --peer-crl-file '' |
| 162 | path to the peer certificate revocation list file. |
| 163 | --cipher-suites '' |
| 164 | comma-separated list of supported TLS cipher suites between client/server and peers (empty will be auto-populated by Go). |
| 165 | |
| 166 | logging flags |
| 167 | |
| 168 | --debug 'false' |
| 169 | enable debug-level logging for etcd. |
| 170 | --log-package-levels '' |
| 171 | specify a particular log level for each etcd package (eg: 'etcdmain=CRITICAL,etcdserver=DEBUG'). |
| 172 | --log-output 'default' |
| 173 | specify 'stdout' or 'stderr' to skip journald logging even when running under systemd. |
| 174 | |
| 175 | unsafe flags: |
| 176 | |
| 177 | Please be CAUTIOUS when using unsafe flags because it will break the guarantees |
| 178 | given by the consensus protocol. |
| 179 | |
| 180 | --force-new-cluster 'false' |
| 181 | force to create a new one-member cluster. |
| 182 | |
| 183 | profiling flags: |
| 184 | --enable-pprof 'false' |
| 185 | Enable runtime profiling data via HTTP server. Address is at client URL + "/debug/pprof/" |
| 186 | --metrics 'basic' |
| 187 | Set level of detail for exported metrics, specify 'extensive' to include histogram metrics. |
| 188 | --listen-metrics-urls '' |
| 189 | List of URLs to listen on for metrics. |
| 190 | |
| 191 | auth flags: |
| 192 | --auth-token 'simple' |
| 193 | Specify a v3 authentication token type and its options ('simple' or 'jwt'). |
| 194 | |
| 195 | experimental flags: |
| 196 | --experimental-initial-corrupt-check 'false' |
| 197 | enable to check data corruption before serving any client/peer traffic. |
| 198 | --experimental-corrupt-check-time '0s' |
| 199 | duration of time between cluster corruption check passes. |
| 200 | --experimental-enable-v2v3 '' |
| 201 | serve v2 requests through the v3 backend under a given prefix. |
| 202 | ` |
| 203 | ) |