Page MenuHomePhabricator
Create Task
Maniphest T226095

etcd: listen-peer-urls only supports IP addresses and no FQDNs
Closed, InvalidPublic
Actions

Description

According to https://etcd.io/docs/v3.3.12/op-guide/configuration/#listen-peer-urls, we should use an IP address to specify where should etcd listen for peers.

However, in profile::etcd, the base class is called like:

class { '::etcd':
        host               => $::fqdn,
        [...]

Which in turn, ends up being:

$peer_url = "http://${host}:${peer_port}" # Peer TLS is currently broken? in modules/etcd/manifests/init.pp

In my testing setup for a new Toolforge k8s cluster, I saw this error message:

etcd[16341]: error verifying flags, expected IP in URL for binding (http://toolsbeta-arturo-k8s-etcd-1.toolsbeta.eqiad.wmflabs:2380). See 'etcd --help'.

The upstream documentation mentions that it defaults to http://localhost:2380.

Event Timeline

aborrero created this task.Jun 19 2019, 11:50 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 19 2019, 11:50 AM
Joe added a comment.EditedJun 20 2019, 5:45 AM

Hi @aborrero I think you were using profile::etcd instead than profile::etcd::v3 which is the profile you should use with etcd3.

In that case, $peer_listen_ip = $::facts['ipaddress'] defaults to the ipaddress fact and should DTRT.

Joe closed this task as Invalid.Jun 20 2019, 5:48 AM
Joe triaged this task as Medium priority.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL