etcdctl and discovery-srv-name

Created on 6 Nov 2018  路  6Comments  路  Source: etcd-io/etcd

Please read https://github.com/etcd-io/etcd/blob/master/Documentation/reporting_bugs.md.

I'm trying to use etcdctl to connect to a ETCD cluster using the DNS SRV service discovery as described by this paragraph:

The -discovery-srv-name flag additionally configures a suffix to the SRV name that is queried during discovery. Use this flag to differentiate between multiple etcd clusters under the same domain. For example, if discovery-srv=example.com and -discovery-srv-name=foo are set, the following DNS SRV queries are made:

    _etcd-server-ssl-foo._tcp.example.com
    _etcd-server-foo._tcp.example.com

It seems this parameter does not exist for etcdctl?

etcdctl version:

/opt/etcd/etcdctl --version
etcdctl version: 3.3.10
API version: 2
areclientv3 arequestion
Source
picture mrrandrade

All 6 comments

I'm trying to use etcdctl to connect to a ETCD cluster using the DNS SRV service discovery as described by this paragraph:
[..]
It seems this parameter does not exist for etcdctl?

@mrrandrade correct the flag is etcd server Clustering flag, can you explain the problem you are trying to solve?

https://github.com/etcd-io/etcd/blob/master/Documentation/op-guide/configuration.md#--discovery-srv-name

hexfusion picture hexfusion on 6 Nov 2018

The problem with using SRV for the client is that after the cluster is bootstrapped the SRV records are not managed by etcd so members can be added or removed without interaction with DNS. Basically SRV cannot be trusted for member list.

hexfusion picture hexfusion on 6 Nov 2018

The problem with using SRV for the client is that after the cluster is bootstrapped the SRV records are not managed by etcd so members can be added or removed without interaction with DNS. Basically SRV cannot be trusted for member list.

I'm fine with this; I know there's a chance it's wrong, but I'm the guy ahead of both tasks, so the only person that can screw me over is myself :rofl:

@mrrandrade correct the flag is etcd server Clustering flag, can you explain the problem you are trying to solve?

Actually I was just writing a ETCD backup script using etcdctl command that used the least amount of parameters possible - I'm not really using it to boot the ETCD cluster.

I came here because I found it weird etcdctl has the --discovery-srv flag but not the the --discovery-srv-name.

Since I have two different clusters on the same domain name, none of them have the default _etcd-client_ or _etcd-server_ DNS entry; they're both personalized, as in _etcd-client-cluster1_._tcp and _etcd-client-cluster2_._tcp

etcdctl 
...
GLOBAL OPTIONS:
   --debug                          output cURL commands which can be used to reproduce the request
   --no-sync                        don't synchronize cluster information before sending request
   --output simple, -o simple       output response in the given format (simple, `extended` or `json`) (default: "simple")
   --discovery-srv value, -D value  domain name to query for SRV records describing cluster endpoints
   --insecure-discovery             accept insecure SRV records describing cluster endpoints
   --peers value, -C value          DEPRECATED - "--endpoints" should be used instead
   --endpoint value                 DEPRECATED - "--endpoints" should be used instead
   --endpoints value                a comma-delimited list of machine addresses in the cluster (default: "http://127.0.0.1:2379,http://127.0.0.1:4001")
   --cert-file value                identify HTTPS client using this SSL certificate file
   --key-file value                 identify HTTPS client using this SSL key file
   --ca-file value                  verify certificates of HTTPS-enabled servers using this CA bundle
   --username value, -u value       provide username[:password] and prompt if password is not supplied.
   --timeout value                  connection timeout per request (default: 2s)
   --total-timeout value            timeout for the command execution (except watch) (default: 5s)
   --help, -h                       show help
   --version, -v                    print the version

Tried the --discovery-srv-name just in case it's just misdocumented - it was a no go:

# ETCDCTL_API=3 /opt/etcd/etcdctl --debug --discovery-srv='mydomain' --discovery-srv-name=cluster1  member list

Error: unknown flag: --discovery-srv-name

Then I hoped maybe with the environmental variable but it got ignored (didn't show up on --debug):

# ETCDCTL_API=3 ETCDCTL_DISCOVERY_SRV=mydomain ETCD_DISCOVERY_SRV_NAME=cluster1 /opt/etcd/etcdctl endpoint status -w  table
ETCDCTL_CLUSTER=false
ETCDCTL_COMMAND_TIMEOUT=5s
ETCDCTL_DEBUG=true
ETCDCTL_DIAL_TIMEOUT=2s
ETCDCTL_DISCOVERY_SRV=mydomain
ETCDCTL_ENDPOINTS=[127.0.0.1:2379]
ETCDCTL_HEX=false
ETCDCTL_INSECURE_DISCOVERY=true
ETCDCTL_INSECURE_SKIP_TLS_VERIFY=false
ETCDCTL_INSECURE_TRANSPORT=true
ETCDCTL_KEEPALIVE_TIME=2s
ETCDCTL_KEEPALIVE_TIMEOUT=6s
ETCDCTL_USER=
ETCDCTL_WRITE_OUT=table

Error: dns lookup errors: lookup _etcd-client-ssl._tcp.mydomain on 10.79.32.15:53: no such host and lookup _etcd-client._tcp.mydomain on 10.79.32.15:53: no such host
mrrandrade picture mrrandrade on 6 Nov 2018
👍1

I came here because I found it weird etcdctl has the --discovery-srv flag but not the the --discovery-srv-name.

Yeah, your right I think this should be included, I will resolve this unless you would like to take a stab?

hexfusion picture hexfusion on 7 Nov 2018

/assign

hexfusion picture hexfusion on 7 Nov 2018

Yeah, your right I think this should be included, I will resolve this unless you would like to take a stab?

My coding skills are still between pathetic and nonexistent :(

But thanks for accepting the suggestion!

mrrandrade picture mrrandrade on 7 Nov 2018
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

cheyang picture cheyang  路  3Comments
yuchengwu picture yuchengwu  路  4Comments
r007m4n picture r007m4n  路  3Comments
zhousoft picture zhousoft  路  3Comments
hnlq715 picture hnlq715  路  3Comments