e7a0c9128a
Documentation: add Prometheus alerting rules
2017-03-23 09:43:38 +01:00
85f989ab3d
Documentation, op-guide, clientv3: add documentation for namespacing
2017-03-22 16:45:38 -07:00
5cda22a17d
Documentation: add a doc of v3 auth
...
It is almost same to Documentation/v2/authentication.md because a
major part of its user interface is shared with the v2 auth. The newly
added doc includes some refinements for the v3 auth.
2017-03-22 11:26:54 +09:00
38f27599b9
op-guide: update gateway routing policy
...
Update from single available endpoint to round robin.
2017-03-10 17:43:10 -05:00
4d69d9663b
Documentation/op-guide: document grpcproxy sync
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-03-09 02:47:24 -08:00
f8a290e7ca
*: support jwt token in v3 auth API
...
This commit adds jwt token support in v3 auth API.
Remaining major ToDos:
- Currently token type isn't hidden from etcdserver. In the near
future the information should be completely invisible from
etcdserver package.
- Configurable expiration of token. Currently tokens can be valid
until keys are changed.
How to use:
1. generate keys for signing and verfying jwt tokens:
$ openssl genrsa -out app.rsa 1024
$ openssl rsa -in app.rsa -pubout > app.rsa.pub
2. add command line options to etcd like below:
--auth-token-type jwt \
--auth-jwt-pub-key app.rsa.pub --auth-jwt-priv-key app.rsa \
--auth-jwt-sign-method RS512
3. launch etcd cluster
Below is a performance comparison of serializable read w/ and w/o jwt
token. Every (3) etcd node is executed on a single machine. Signing
method is RS512 and key length is 1024 bit. As the results show, jwt
based token introduces a performance overhead but it would be
acceptable for a case that requires authentication.
w/o jwt token auth (no auth):
Summary:
Total: 1.6172 secs.
Slowest: 0.0125 secs.
Fastest: 0.0001 secs.
Average: 0.0002 secs.
Stddev: 0.0004 secs.
Requests/sec: 6183.5877
Response time histogram:
0.000 [1] |
0.001 [9982] |∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎
0.003 [1] |
0.004 [1] |
0.005 [0] |
0.006 [0] |
0.008 [6] |
0.009 [0] |
0.010 [1] |
0.011 [5] |
0.013 [3] |
Latency distribution:
10% in 0.0001 secs.
25% in 0.0001 secs.
50% in 0.0001 secs.
75% in 0.0001 secs.
90% in 0.0002 secs.
95% in 0.0002 secs.
99% in 0.0003 secs.
w/ jwt token auth:
Summary:
Total: 2.5364 secs.
Slowest: 0.0182 secs.
Fastest: 0.0002 secs.
Average: 0.0003 secs.
Stddev: 0.0005 secs.
Requests/sec: 3942.5185
Response time histogram:
0.000 [1] |
0.002 [9975] |∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎∎
0.004 [0] |
0.006 [1] |
0.007 [11] |
0.009 [2] |
0.011 [4] |
0.013 [5] |
0.015 [0] |
0.016 [0] |
0.018 [1] |
Latency distribution:
10% in 0.0002 secs.
25% in 0.0002 secs.
50% in 0.0002 secs.
75% in 0.0002 secs.
90% in 0.0003 secs.
95% in 0.0003 secs.
99% in 0.0004 secs.
2017-03-06 19:46:03 -08:00
c8a2c7f64f
*: eschew you from documentation
...
Removed line wrapping in affected files as well.
2017-03-06 11:40:46 -08:00
ae0c4b4c87
Documentation/op-guide: use exact certs dir for Container Linux
...
Use the one that works in Container Linux
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-03-02 10:20:59 -08:00
d111c8fe3b
op-guide: add notes on mounting certs directory
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-03-01 16:45:03 -08:00
22f0386683
Documentation: add documentation for grpc lease stream coalescing
2017-02-27 14:45:01 -08:00
6f193ea1df
op-guide: use host volume in Docker command
2017-02-21 10:28:29 -08:00
67e3fc55d7
op-guide: fix remove instructions in runtime-configuration and conform to style
...
Fixes #7326
2017-02-14 13:41:51 -08:00
9767098331
etcdmain: ppc64le platform support
2017-01-26 21:08:07 -08:00
b788790e56
op-guide: change grpc-proxy from 'pre' to alpha'
2017-01-20 13:20:32 -08:00
a630735c29
Merge pull request #7170 from vimalk78/make-v2-endpoint-optional-#7100
...
embed/etcd.go: make v2 endpoint optional. fixes #7100
2017-01-20 11:14:20 -08:00
f80914fba2
embed/etcd.go: make v2 endpoint optional. fixes #7100
2017-01-20 11:49:52 +05:30
be28981234
Documentation: fix typo s/endpoint-health/endpoint health/
2017-01-19 16:52:26 -08:00
c5a9d54835
etcdserver: increase snapshot to 100,000
...
Keep more wal entries in memory for fast follower recovery.
10,000 was a too small number that triggers quite a few snapshots.
ZK proves that 100,000 is a reasonable number for even old less prowerful
machines.
Eventually we should provide both count and max memory (for large entries).
2017-01-13 18:05:25 -08:00
7aeddf6cd7
docs: fix recovery example in recovery.md
2017-01-04 19:41:15 +08:00
36b2d3f5eb
etcdmain: add --metrics flag for exposing histogram metrics
...
this adds a new flag, --metrics, that can be used to enable extensive (histogram) metrics.
Fixes #7024
2016-12-28 13:04:52 -05:00
fa733e1e9c
docs: explicitly set ETCDCTL_API=3 in recovery.md
2016-12-15 20:10:30 -08:00
52e3dc5eb9
Documentation: minor fix nodes -> node
2016-12-15 21:27:52 -05:00
972ef3c92e
op-guide/clustering: fix typo
2016-12-14 18:51:30 +01:00
e3d8ef4cea
doc: add hardware section
2016-12-13 12:42:47 -08:00
ede51b10f8
op-guide: add notes about Prometheus data source in Grafana
2016-11-22 10:34:41 -08:00
7cac755df2
op-guide: update gRPC requests metrics
2016-11-14 15:20:16 -08:00
625366875d
op-guide: add screenshot to sample Grafana dashboard
2016-11-11 16:21:15 -08:00
6d83590434
Documentation/op-guide: add 'monitoring' guide
2016-11-11 15:22:07 -08:00
0b78ef8de1
Merge pull request #6831 from xiang90/grpc_proxy_doc
...
doc: add gRPC proxy start doc
2016-11-10 09:34:38 -08:00
b16c93a885
doc: add gRPC proxy start doc
2016-11-10 09:20:13 -08:00
754daf918b
clustering.md: update minor grammar
2016-11-08 12:34:43 -08:00
4a42c72b5e
op-guide: 'strict-reconfig-check' true by default
2016-10-31 07:59:33 -07:00
17a6025ac8
doc: add grpc proxy doc
2016-10-11 15:15:45 -07:00
f1437a8932
Documentation: Minor typo fix
...
Signed-off-by: Geoff Levand <geoff@infradead.org>
2016-10-07 10:17:43 -07:00
beb194967e
Documentation: Improve quota example
...
Signed-off-by: Geoff Levand <geoff@infradead.org>
2016-10-05 16:41:06 -07:00
bdbb32dfe8
Documentation: Set ETCDCTL_API for v3 features
...
Signed-off-by: Geoff Levand <geoff@infradead.org>
2016-10-05 16:41:06 -07:00
b65a2cec18
Documentation: Clearify Space quota section
...
Signed-off-by: Geoff Levand <geoff@infradead.org>
2016-10-05 16:41:06 -07:00
45079ec6c1
Merge pull request #6274 from dghubble/etcd3-rkt-docs
...
Documentation: Add initial etcd3 with rkt docs
2016-08-29 12:01:27 -07:00
fa79d42b98
Documentation: Add initial etcd3 with rkt docs
2016-08-29 11:59:46 -07:00
159c8ee6e0
Documentation: update links for unaligned 64-bit atomics issue
...
Fixes #6256
2016-08-24 09:13:53 -07:00
b499f69181
docs: add gateway
2016-08-16 14:02:45 -07:00
a752338d45
Documentation: update clustering guide about PKI SRV record forging
2016-08-03 22:28:03 -07:00
8f4a36fd32
doc: update platform.md
2016-07-22 11:24:19 -07:00
b9f6de9277
Merge pull request #5895 from smallfish/master
...
etcdserver/api/v2http, Documentation: fix debug pprof index miss / in end
2016-07-12 07:10:53 -07:00
5b0d52f8c3
Documentation: clarify support policy
2016-07-11 12:10:17 -07:00
e6d15b966c
etcdserver/api/v2http, Documentation: fix debug pprof index miss / in end
2016-07-08 10:21:05 +08:00
cb1a1426b1
*: remove beta from docs
2016-06-30 09:39:52 -07:00
11fdf2dd18
Documentation: clear out some TODOs
2016-06-27 15:00:18 -07:00
35229eb2d3
Documentation: conform to header style
2016-06-27 12:00:24 -07:00
3424f95b03
Merge pull request #5770 from gyuho/op_guide
...
*: move 'Project detail' to op-guide
2016-06-24 10:50:03 -07:00
862b3fe2be
*: move 'Project detail' to op-guide
2016-06-24 10:47:12 -07:00
e1b9ccb1d7
doc: eschew "you" for current docs
2016-06-24 09:28:12 -07:00
d284a45a4b
Merge pull request #5765 from heyitsanthony/autotls-security
...
doc: auto-tls example in security guide
2016-06-24 09:17:38 -07:00
9bde740cf9
doc: auto-tls example in security guide
2016-06-24 09:15:46 -07:00
755d192ff7
*: make it clear that proxy only supports v2 api now
2016-06-23 12:06:42 -07:00
3ddfa16c46
Documentation: update container.md
2016-06-17 15:22:13 -07:00
d68664841c
*: make auto-compaction-retention non-experimental
2016-06-17 10:04:31 -07:00
2e29bea8fe
docs: Clustering.md: Switch command line and environment variables to reflect the order of examples right below
2016-06-13 10:23:21 +02:00
2f00b1e071
Documentation: add docker guide for v3
2016-06-04 16:43:44 -07:00
5bff4d85d6
Doc: fix links using url for internal doc
2016-06-03 22:26:01 +09:00
9585daf0a9
Doc: fix wrong links and remove unused or duplicate ones
2016-06-03 22:23:57 +09:00
6ac67ecd5c
Doc: fix link for migrate command in v2-migration
...
Doc: fix link for migrate command in v2-migration
2016-06-02 17:19:43 -04:00
9098f27745
doc: fix header formatting
2016-06-02 16:15:08 +03:00
fc33fd1aa6
doc: add failures guide
2016-06-01 11:06:44 -07:00
4aab13ac06
docs: fix ordering of sentence so it's logical and more clear
2016-05-30 22:07:31 -04:00
79fac9ee6f
Documentation: add average latency numbers
2016-05-27 15:46:35 -07:00
33daeb7464
Documentation: add benchmark to performance.md
...
Fix https://github.com/coreos/etcd/issues/5433 .
2016-05-27 15:05:54 -07:00
5002114127
Doc: fix typo in v2-migration.md
2016-05-24 11:44:40 -04:00
a62e4e1e3a
doc: add app migration doc
2016-05-23 11:53:44 -07:00
38ebb6b475
doc: fix https omission in documentation.
...
doc: added missing (http)s to tls setup guide
This fixes a minor documentation omission, where the 1st initial-advertise-peer-url for tls setup appears to be http.
fixes documentation
2016-05-19 18:04:52 +03:00
6a0148e214
Documentation: write-out=table for v3 commands
2016-05-17 10:45:18 -07:00
798718c49b
etcdctl: verify snapshot hash on restore
...
Fixes #4097
2016-05-16 12:08:08 -07:00
25850e0070
doc: add TLS examples to clustering guide
...
Fixes #3595
2016-05-13 17:10:41 -07:00
db8f5771f1
doc: scrub legacy ports and TLS information for v3
2016-05-11 13:46:29 -07:00
97a2ebe3a2
Doc: Add the new '--config-file' detail to configuration.md file
...
Add a description about the --config-file option into the
configuration.md file.
2016-05-10 07:50:37 -07:00
b033167094
doc: add performance.md
2016-05-05 14:58:34 -07:00
973ad5aa7c
*: support auto tls on client side
2016-05-02 16:17:49 -07:00
8b3d1562f9
Documentation: remove admin_guide out of v2
2016-04-27 13:48:07 -07:00
954535c2b4
Documentation: move members_api.md
2016-04-27 11:49:41 -07:00
04fda9d25f
Documentation: fix proxy link and delete from v3
2016-04-27 11:40:44 -07:00
d923b59190
Merge pull request #5189 from heyitsanthony/storage-to-mvcc
...
*: rename storage package to mvcc
2016-04-25 15:52:08 -07:00
b7ac758969
*: rename storage package to mvcc
2016-04-25 15:25:51 -07:00
4b296bf51c
doc: add link to security
2016-04-25 13:54:38 -07:00
1b98074897
docs: move clustering doc
2016-04-25 10:35:29 -07:00
Frederic Branczyk