Page MenuHomePhabricator
Create Task
Maniphest T350565

Switch conftool to use the version 3 etcd datastore
Open, Needs TriagePublic
Actions

Description

Etcd is pushing progressively to remove the version 2 datastore. We will eventually need to switch conftool to etcd v3, which should allow us to use the native replication as well.

Sadly the transition would require a lot of work, that I will try to summarize here. There's also two main ways to go with the integration: native grpc or via the grpc/json gateway.

Native grpc interface

  • Allow access to the etcdv3 grpc interface via nginx.
  • Fork/take over maintenance of the grpc python3 client currently at https://github.com/kragniz/python-etcd3 which looks notably unmaintained at the moment
  • Verify auth works

GRPC gateway

  • Check that access via nginx works as intended
  • Create a python client for the v3 http api. It doesn't need to be complete, we just need the CRUD parts
  • verify auth works

We then need to integrate etcd 3 into conftool, allowing to write to both datastores:

  • Add an etcd3 backend to conftool
  • Add a "proxy" backend to conftool that can write to multiple backends
  • Start writing to both backends

And finally, we'll need to convert clients:

  • Confd supports etcdv3 natively; we'll still have to find out if it's 100% compatible
  • MediaWiki will probably need to be enabled to call the v3 grpc gateway
  • We might want to migrate pybal, and in that case I'd still use the v3 grpc gateway

Status update (June 2025)

Preparatory work has started in advance of introducing an etcd v3 backend driver to conftool. Specifically, this involves:

  • Document API semantics of the existing v2 driver
  • Implement conformance tests to assert those semantics are honored (to which the v3 driver will also be subject)
  • Resolve under-specified or inconsistent behaviors in the v2 driver (in progress)

With that complete, we'll be ready to introduce a v3 driver implementing the same API, and later a (temporary) dual-write driver to support the migration (i.e., sequencing writes across v2 and v3 dependent on migration phase). We have not yet made a final decision on the specific v3 python client to use. One option under consideration is something like etcd3-client-lite, which targets the HTTP gRPC gateway.

I'll soon open a separate subtask to specifically capture discussion on tradeoffs between various client options.

More generally, there already exists a detailed migration design drafted in mid-2024. I'll aim to start incrementally refreshing that and breaking out other key decisions to subtasks (covering, e.g., auth model, MediaWiki support, migration phases, etc.).

Related Objects
Search...

Event Timeline

Joe created this task.Nov 6 2023, 8:28 AM
Restricted Application added a project: SRE-tools. · View Herald TranscriptNov 6 2023, 8:28 AM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
KOfori moved this task from Backlog to Radar/Not for Service on the Traffic board.Nov 7 2023, 8:37 PM
Restricted Application added a project: Infrastructure-Foundations. · View Herald TranscriptNov 7 2023, 8:37 PM
jbond added a project: conftool.Nov 27 2023, 4:15 PM
Volans removed projects: Spicerack, SRE-tools.Nov 28 2023, 9:32 AM

Untagged sre-tools and spicerack as I've created the dedicated sub-tasks for them.

Volans removed a project: Infrastructure-Foundations.Jan 29 2024, 3:59 PM
Scott_French claimed this task.Feb 26 2024, 11:40 PM
Scott_French mentioned this in T360636: Phase out cergen for ServiceOps services.Apr 8 2024, 7:56 PM
Scott_French mentioned this in T352245: Migrate the etcd main cluster to cfssl-based PKI.Apr 8 2024, 7:59 PM
CDanis subscribed.Apr 8 2024, 8:16 PM
Scott_French mentioned this in T358636: etcdmirror does not recover from a cleared waitIndex.Apr 30 2024, 11:21 PM
Scott_French mentioned this in T233681: compare-and-swap writes for confctl edit and for dbctl commit.May 3 2024, 3:45 PM
CodeReviewBot added a comment.May 28 2025, 12:27 AM

swfrench updated https://gitlab.wikimedia.org/repos/sre/conftool/-/merge_requests/78

driver: Document API and add conformance tests

CodeReviewBot added a comment.May 29 2025, 11:56 PM

swfrench merged https://gitlab.wikimedia.org/repos/sre/conftool/-/merge_requests/78

driver: Document API and add conformance tests

CodeReviewBot added a project: Patch-For-Review.Jun 3 2025, 11:45 PM

swfrench opened https://gitlab.wikimedia.org/repos/sre/conftool/-/merge_requests/79

drivers/etcd: Minor cleanups

Scott_French updated the task description. (Show Details)Jun 6 2025, 5:52 PM
Scott_French updated the task description. (Show Details)
CodeReviewBot added a comment.Jun 13 2025, 9:41 PM

swfrench merged https://gitlab.wikimedia.org/repos/sre/conftool/-/merge_requests/79

drivers/etcd: Minor cleanups

CodeReviewBot added a comment.Jun 18 2025, 12:43 AM

swfrench opened https://gitlab.wikimedia.org/repos/sre/conftool/-/merge_requests/85

drivers/etcd: Fix behavior of update-write on malformed data

CodeReviewBot added a comment.Jun 18 2025, 5:27 PM

cdanis merged https://gitlab.wikimedia.org/repos/sre/conftool/-/merge_requests/85

drivers/etcd: Fix behavior of update-write on malformed data

CodeReviewBot added a comment.Jun 18 2025, 11:04 PM

swfrench opened https://gitlab.wikimedia.org/repos/sre/conftool/-/merge_requests/86

drivers/etcd: Fix behavior of update-write on a directory

CodeReviewBot added a comment.Jun 20 2025, 2:22 PM

oblivian merged https://gitlab.wikimedia.org/repos/sre/conftool/-/merge_requests/86

drivers/etcd: Fix behavior of update-write on a directory

CodeReviewBot added a comment.Jun 23 2025, 2:48 PM

swfrench opened https://gitlab.wikimedia.org/repos/sre/conftool/-/merge_requests/88

drivers/etcd: Raise NotFoundError for delete on a non-existent key

CodeReviewBot added a comment.Jun 25 2025, 9:30 AM

oblivian merged https://gitlab.wikimedia.org/repos/sre/conftool/-/merge_requests/88

drivers/etcd: Raise NotFoundError for delete on a non-existent key

CodeReviewBot added a comment.Jun 26 2025, 11:26 PM

swfrench opened https://gitlab.wikimedia.org/repos/sre/conftool/-/merge_requests/89

drivers/etcd: Raise NotFoundError in "listing" methods

CodeReviewBot added a comment.Jun 26 2025, 11:28 PM

swfrench opened https://gitlab.wikimedia.org/repos/sre/hiddenparma/-/merge_requests/59

lib/reqconfig/api: Prepare for driver API changes

CodeReviewBot added a comment.Jun 27 2025, 4:41 AM

oblivian merged https://gitlab.wikimedia.org/repos/sre/hiddenparma/-/merge_requests/59

lib/reqconfig/api: Prepare for driver API changes

CodeReviewBot added a comment.Jul 14 2025, 7:50 AM

oblivian merged https://gitlab.wikimedia.org/repos/sre/conftool/-/merge_requests/89

drivers/etcd: Raise NotFoundError in "listing" methods

CodeReviewBot added a comment.Jul 17 2025, 7:55 PM

swfrench opened https://gitlab.wikimedia.org/repos/sre/conftool/-/merge_requests/91

drivers/etcd: Resolve remaining TODOs for read and listing methods

PEPE1234.13 closed this task as Invalid.Sep 6 2025, 1:25 PM
PEPE1234.13 removed Scott_French as the assignee of this task.
PEPE1234.13 triaged this task as Unbreak Now! priority.
PEPE1234.13 added a subscriber: Scott_French.
Aklapper reopened this task as Open.Sep 6 2025, 2:03 PM
Aklapper assigned this task to Scott_French.
Aklapper lowered the priority of this task from Unbreak Now! to Needs Triage.
CodeReviewBot added a comment.Oct 24 2025, 10:05 AM

oblivian merged https://gitlab.wikimedia.org/repos/sre/conftool/-/merge_requests/91

drivers/etcd: Resolve remaining TODOs for read and listing methods

Scott_French updated the task description. (Show Details)Oct 24 2025, 4:25 PM
elukey subscribed.Nov 12 2025, 4:41 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits