# Please also read README.security for this package. # Environment variables: every flag has a corresponding environment variable that has the # same name but is prefixed with ETCD_ and formatted in all caps and snake case. # For example, --some-flag would be ETCD_SOME_FLAG. # Caution: If you mix-and-match configuration options, then the following rules apply. # * Command-line flags take precedence over environment variables. # * If you provide a configuration file all command-line flags and environment variables are ignored. # Set commandline options example: ETCD_OPTIONS="--feature-gates=StopGRPCServiceOnDefrag=true" # ETCD_OPTIONS="" # Member: ETCD_NAME="default" # Human-readable name for this member. ETCD_DATA_DIR="/var/lib/etcd/default.etcd" # Path to the data directory. # ETCD_WAL_DIR="" # Path to the dedicated wal directory. # ETCD_SNAPSHOT_COUNT="10000" # Number of committed transactions to trigger a snapshot. # ETCD_HEARTBEAT_INTERVAL="100" # Time (in milliseconds) of a heartbeat interval. # ETCD_ELECTION_TIMEOUT="1000" # Time (in milliseconds) for an election to timeout. See tuning documentation for details. # ETCD_INITIAL_ELECTION_TICK_ADVANCE="true" # Whether to fast-forward initial election ticks on boot for faster election. # ETCD_LISTEN_PEER_URLS="http://localhost:2380" # List of URLs to listen on for peer traffic. ETCD_LISTEN_CLIENT_URLS="http://localhost:2379" # List of URLs to listen on for client grpc traffic and http as long as --listen-client-http-urls is not specified. # ETCD_LISTEN_CLIENT_HTTP_URLS="" # List of URLs to listen on for http only client traffic. Enabling this flag removes http services from --listen-client-urls. # ETCD_MAX_SNAPSHOTS="5" # Maximum number of snapshot files to retain (0 is unlimited). Deprecated in v3.6 and will be decommissioned in v3.8. # ETCD_MAX_WALS="5" # Maximum number of wal files to retain (0 is unlimited). # ETCD_MEMORY_MLOCK="" # Enable to enforce etcd pages (in particular bbolt) to stay in RAM. # ETCD_QUOTA_BACKEND_BYTES="0" # Sets the maximum size (in bytes) that the etcd backend database may consume. Exceeding this triggers an alarm and puts etcd in read-only mode. Set to 0 to use the default 2GiB limit. # ETCD_BACKEND_BBOLT_FREELIST_TYPE="map" # BackendFreelistType specifies the type of freelist that boltdb backend uses(array and map are supported types). # ETCD_BACKEND_BATCH_INTERVAL="" # BackendBatchInterval is the maximum time before commit the backend transaction. # ETCD_BACKEND_BATCH_LIMIT="0" # BackendBatchLimit is the maximum operations before commit the backend transaction. # ETCD_MAX_TXN_OPS="128" # Maximum number of operations permitted in a transaction. # ETCD_MAX_REQUEST_BYTES="1572864" # Maximum client request size in bytes the server will accept. # ETCD_MAX_CONCURRENT_STREAMS="math.MaxUint32" # Maximum concurrent streams that each client can open at a time. # ETCD_GRPC_KEEPALIVE_MIN_TIME="5s" # Minimum duration interval that a client should wait before pinging server. # ETCD_GRPC_KEEPALIVE_INTERVAL="2h" # Frequency duration of server-to-client ping to check if a connection is alive (0 to disable). # ETCD_GRPC_KEEPALIVE_TIMEOUT="20s" # Additional duration of wait before closing a non-responsive connection (0 to disable). # ETCD_SOCKET_REUSE_PORT="false" # Enable to set socket option SO_REUSEPORT on listeners allowing rebinding of a port already in use. # ETCD_SOCKET_REUSE_ADDRESS="false" # Enable to set socket option SO_REUSEADDR on listeners allowing binding to an address in TIME_WAIT state. # ETCD_ENABLE_GRPC_GATEWAY="" # Enable GRPC gateway. # ETCD_RAFT_READ_TIMEOUT="5s" # Read timeout set on each rafthttp connection # ETCD_RAFT_WRITE_TIMEOUT="5s" # Write timeout set on each rafthttp connection # ETCD_FEATURE_GATES="" # A set of key=value pairs that describe server level feature gates for alpha/experimental features. Options are: # AllAlpha=true|false (ALPHA - default=false) # AllBeta=true|false (BETA - default=false) # CompactHashCheck=true|false (ALPHA - default=false) # InitialCorruptCheck=true|false (ALPHA - default=false) # LeaseCheckpoint=true|false (ALPHA - default=false) # LeaseCheckpointPersist=true|false (ALPHA - default=false) # SetMemberLocalAddr=true|false (ALPHA - default=false) # StopGRPCServiceOnDefrag=true|false (ALPHA - default=false) # TxnModeWriteWithSharedBuffer=true|false (BETA - default=true) # Clustering: # ETCD_INITIAL_ADVERTISE_PEER_URLS="http://localhost:2380" # List of this member's peer URLs to advertise to the rest of the cluster. # ETCD_INITIAL_CLUSTER="default=http://localhost:2380" # Initial cluster configuration for bootstrapping. # ETCD_INITIAL_CLUSTER_STATE="new" # Initial cluster state ('new' when bootstrapping a new cluster or 'existing' when adding new members to an existing cluster). # After successful initialization (bootstrapping or adding), flag is ignored on restarts # ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster" # Initial cluster token for the etcd cluster during bootstrap. # Specifying this can protect you from unintended cross-cluster interaction when running multiple clusters. ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379" # List of this member's client URLs to advertise to the public. # The client URLs advertised should be accessible to machines that talk to etcd cluster. etcd client libraries parse these URLs to connect to the cluster. # ETCD_DISCOVERY="" # Discovery URL used to bootstrap the cluster for v2 discovery. Will be deprecated in v3.7, and be decommissioned in v3.8. # ETCD_DISCOVERY_TOKEN="" # V3 discovery: discovery token for the etcd cluster to be bootstrapped. # ETCD_DISCOVERY_ENDPOINTS="" # V3 discovery: List of gRPC endpoints of the discovery service. # ETCD_DISCOVERY_DIAL_TIMEOUT="2s" # V3 discovery: dial timeout for client connections. # ETCD_DISCOVERY_REQUEST_TIMEOUT="5s" # V3 discovery: timeout for discovery requests (excluding dial timeout). # ETCD_DISCOVERY_KEEPALIVE_TIME="2s" # V3 discovery: keepalive time for client connections. # ETCD_DISCOVERY_KEEPALIVE_TIMEOUT="6s" # V3 discovery: keepalive timeout for client connections. # ETCD_DISCOVERY_INSECURE_TRANSPORT="true" # V3 discovery: disable transport security for client connections. # ETCD_DISCOVERY_INSECURE_SKIP_TLS_VERIFY="false" # V3 discovery: skip server certificate verification (CAUTION: this option should be enabled only for testing purposes). # ETCD_DISCOVERY_CERT="" # V3 discovery: identify secure client using this TLS certificate file. # ETCD_DISCOVERY_KEY="" # V3 discovery: identify secure client using this TLS key file. # ETCD_DISCOVERY_CACERT="" # V3 discovery: verify certificates of TLS-enabled secure servers using this CA bundle. # ETCD_DISCOVERY_USER="" # V3 discovery: username[:password] for authentication (prompt if password is not supplied). # ETCD_DISCOVERY_PASSWORD="" # V3 discovery: password for authentication (if this option is used, --user option shouldn't include password). # ETCD_DISCOVERY_FALLBACK="exit" # Expected behavior ('exit') when discovery services fails. Note that v2 proxy is removed. # ETCD_DISCOVERY_PROXY="" # HTTP proxy to use for traffic to discovery service. Will be deprecated in v3.7, and be decommissioned in v3.8. # ETCD_DISCOVERY_SRV="" # DNS srv domain used to bootstrap the cluster. # ETCD_DISCOVERY_SRV_NAME="" # Suffix to the dns srv name queried when bootstrapping. # ETCD_STRICT_RECONFIG_CHECK="true" # Reject reconfiguration requests that would cause quorum loss. # ETCD_PRE_VOTE="true" # Enable the raft Pre-Vote algorithm to prevent disruption when a node that has been partitioned away rejoins the cluster. # ETCD_AUTO_COMPACTION_RETENTION="0" # Auto compaction retention length. 0 means disable auto compaction. # ETCD_AUTO_COMPACTION_MODE="periodic" # Interpret 'auto-compaction-retention' one of: periodic|revision. 'periodic' for duration based retention, defaulting to hours if no time unit is provided (e.g. '5m'). 'revision' for revision number based retention. # ETCD_V2_DEPRECATION="write-only" # Phase of v2store deprecation. Deprecated and scheduled for removal in v3.8. The default value is enforced, ignoring user input. # Supported values: # 'not-yet' // Issues a warning if v2store have meaningful content (default in v3.5) # 'write-only' // Custom v2 state is not allowed (default in v3.6) # 'write-only-drop-data' // Custom v2 state will get DELETED ! (planned default in v3.7) # 'gone' // v2store is not maintained any longer. (planned to cleanup anything related to v2store in v3.8) # Security: # ETCD_CERT_FILE="" # Path to the client server TLS cert file. # ETCD_KEY_FILE="" # Path to the client server TLS key file. # ETCD_CLIENT_CERT_AUTH="false" # Enable client cert authentication. # ETCD_CLIENT_CERT_FILE="" # Path to an explicit peer client TLS cert file otherwise cert file will be used when client auth is required. # ETCD_CLIENT_KEY_FILE="" # Path to an explicit peer client TLS key file otherwise key file will be used when client auth is required. # ETCD_CLIENT_CRL_FILE="" # Path to the client certificate revocation list file. # ETCD_CLIENT_CERT_ALLOWED_HOSTNAME="" # Comma-separated list of SAN hostnames for client cert authentication. # ETCD_TRUSTED_CA_FILE="" # Path to the client server TLS trusted CA cert file. # ETCD_AUTO_TLS="false" # Client TLS using generated certificates. # ETCD_PEER_CERT_FILE="" # Path to the peer server TLS cert file. # ETCD_PEER_KEY_FILE="" # Path to the peer server TLS key file. # ETCD_PEER_CLIENT_CERT_AUTH="false" # Enable peer client cert authentication. # ETCD_PEER_CLIENT_CERT_FILE="" # Path to an explicit peer client TLS cert file otherwise peer cert file will be used when client auth is required. # ETCD_PEER_CLIENT_KEY_FILE="" # Path to an explicit peer client TLS key file otherwise peer key file will be used when client auth is required. # ETCD_PEER_TRUSTED_CA_FILE="" # Path to the peer server TLS trusted CA file. # ETCD_PEER_CERT_ALLOWED_CN="" # Comma-separated list of allowed CNs for inter-peer TLS authentication. # ETCD_PEER_CERT_ALLOWED_HOSTNAME="" # Comma-separated list of allowed SAN hostnames for inter-peer TLS authentication. # ETCD_PEER_AUTO_TLS="false" # Peer TLS using self-generated certificates if --peer-key-file and --peer-cert-file are not provided. # ETCD_SELF_SIGNED_CERT_VALIDITY="1" # The validity period of the client and peer certificates that are automatically generated by etcd when you specify ClientAutoTLS and PeerAutoTLS, the unit is year, and the default is 1. # ETCD_PEER_CRL_FILE="" # Path to the peer certificate revocation list file. # ETCD_CIPHER_SUITES="" # Comma-separated list of supported TLS cipher suites between client/server and peers (empty will be auto-populated by Go). # ETCD_CORS="*" # Comma-separated whitelist of origins for CORS, or cross-origin resource sharing, (empty or * means allow all). # ETCD_HOST_WHITELIST="*" # Acceptable hostnames from HTTP client requests, if server is not secure (empty or * means allow all). # ETCD_TLS_MIN_VERSION="TLS1.2" # Minimum TLS version supported by etcd. Possible values: TLS1.2, TLS1.3. # ETCD_TLS_MAX_VERSION="" # Maximum TLS version supported by etcd. Possible values: TLS1.2, TLS1.3 (empty will be auto-populated by Go). # Auth: # ETCD_AUTH_TOKEN="simple" # Specify a v3 authentication token type and its options ('simple' or 'jwt'). # ETCD_BCRYPT_COST="10" # Specify the cost / strength of the bcrypt algorithm for hashing auth passwords. Valid values are between 4 and 31. # ETCD_AUTH_TOKEN_TTL="300" # Time (in seconds) of the auth-token-ttl. # Profiling and Monitoring: # ETCD_ENABLE_PPROF="false" # Enable runtime profiling data via HTTP server. Address is at client URL + "/debug/pprof/" # ETCD_METRICS="basic" # Set level of detail for exported metrics, specify 'extensive' to include server side grpc histogram metrics. # ETCD_LISTEN_METRICS_URLS="" # List of URLs to listen on for the /metrics and /health endpoints. For https, the client URL TLS info is used. # Logging: # ETCD_LOGGER="zap" # Currently only supports 'zap' for structured logging. # ETCD_LOG_OUTPUTS="default" # Specify 'stdout' or 'stderr' to skip journald logging even when running under systemd, or list of comma separated output targets. # ETCD_LOG_LEVEL="info" # Configures log level. Only supports debug, info, warn, error, panic, or fatal. # ETCD_LOG_FORMAT="json" # Configures log format. Only supports json, console. # ETCD_ENABLE_LOG_ROTATION="false" # Enable log rotation of a single log-outputs file target. # ETCD_LOG_ROTATION_CONFIG_JSON="{"maxsize": 100, "maxage": 0, "maxbackups": 0, "localtime": false, "compress": false}" # Configures log rotation if enabled with a JSON logger config. MaxSize(MB), MaxAge(days,0=no limit), MaxBackups(0=no limit), LocalTime(use computers local time), Compress(gzip)". # ETCD_WARNING_UNARY_REQUEST_DURATION="300ms" # Set time duration after which a warning is logged if a unary request takes more than this duration. # Experimental distributed tracing: # ETCD_EXPERIMENTAL_ENABLE_DISTRIBUTED_TRACING="false" # Enable experimental distributed tracing. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--enable-distributed-tracing' instead. # ETCD_ENABLE_DISTRIBUTED_TRACING="false" # Enable distributed tracing. # ETCD_EXPERIMENTAL_DISTRIBUTED_TRACING_ADDRESS="localhost:4317" # Distributed tracing collector address. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--distributed-tracing-address' instead. # ETCD_DISTRIBUTED_TRACING_ADDRESS="localhost:4317" # Distributed tracing collector address. # ETCD_EXPERIMENTAL_DISTRIBUTED_TRACING_SERVICE_NAME="etcd" # Distributed tracing service name, must be same across all etcd instances. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--distributed-tracing-service-name' instead. # ETCD_DISTRIBUTED_TRACING_SERVICE_NAME="etcd" # Distributed tracing service name, must be same across all etcd instances. # ETCD_EXPERIMENTAL_DISTRIBUTED_TRACING_INSTANCE_ID="" # Distributed tracing instance ID, must be unique per each etcd instance. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--distributed-tracing-instance-id' instead. # ETCD_DISTRIBUTED_TRACING_INSTANCE_ID="" # Distributed tracing instance ID, must be unique per each etcd instance. # ETCD_EXPERIMENTAL_DISTRIBUTED_TRACING_SAMPLING_RATE="0" # Number of samples to collect per million spans for distributed tracing. Disabled by default. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--distributed-tracing-sampling-rate' instead. # ETCD_DISTRIBUTED_TRACING_SAMPLING_RATE="0" # Number of samples to collect per million spans for distributed tracing. # Experimental feature: # ETCD_EXPERIMENTAL_INITIAL_CORRUPT_CHECK="false" # Enable to check data corruption before serving any client/peer traffic. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--feature-gates=InitialCorruptCheck=true' instead. # ETCD_EXPERIMENTAL_CORRUPT_CHECK_TIME="0s" # Duration of time between cluster corruption check passes. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--corrupt-check-time' instead. # ETCD_CORRUPT_CHECK_TIME="0s" # Duration of time between cluster corruption check passes. # ETCD_EXPERIMENTAL_COMPACT_HASH_CHECK_ENABLED="false" # Enable leader to periodically check followers compaction hashes. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--feature-gates=CompactHashCheck=true' instead. # ETCD_EXPERIMENTAL_COMPACT_HASH_CHECK_TIME="1m" # Duration of time between leader checks followers compaction hashes. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--compact-hash-check-time' instead. # ETCD_COMPACT_HASH_CHECK_TIME="1m" # Duration of time between leader checks followers compaction hashes. # ETCD_EXPERIMENTAL_ENABLE_LEASE_CHECKPOINT="false" # ExperimentalEnableLeaseCheckpoint enables primary lessor to persist lease remainingTTL to prevent indefinite auto-renewal of long lived leases. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--feature-gates=LeaseCheckpoint=true' instead. # ETCD_EXPERIMENTAL_COMPACTION_BATCH_LIMIT="1000" # ExperimentalCompactionBatchLimit sets the maximum revisions deleted in each compaction batch. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--compaction-batch-limit' instead. # ETCD_COMPACTION_BATCH_LIMIT="1000" # CompactionBatchLimit sets the maximum revisions deleted in each compaction batch. # ETCD_EXPERIMENTAL_PEER_SKIP_CLIENT_SAN_VERIFICATION="false" # Skip verification of SAN field in client certificate for peer connections. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--peer-skip-client-san-verification' instead. # ETCD_PEER_SKIP_CLIENT_SAN_VERIFICATION="false" # Skip verification of SAN field in client certificate for peer connections. # ETCD_EXPERIMENTAL_WATCH_PROGRESS_NOTIFY_INTERVAL="10m" # Duration of periodical watch progress notification. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--watch-progress-notify-interval' instead. # ETCD_WATCH_PROGRESS_NOTIFY_INTERVAL="10m" # Duration of periodical watch progress notification. # ETCD_EXPERIMENTAL_WARNING_APPLY_DURATION="100ms" # Warning is generated if requests take more than this duration. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--warning-apply-duration' instead. # ETCD_WARNING_APPLY_DURATION="100ms" # Warning is generated if requests take more than this duration. # ETCD_EXPERIMENTAL_TXN_MODE_WRITE_WITH_SHARED_BUFFER="true" # Enable the write transaction to use a shared buffer in its readonly check operations. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--feature-gates=TxnModeWriteWithSharedBuffer=true' instead. # ETCD_EXPERIMENTAL_BOOTSTRAP_DEFRAG_THRESHOLD_MEGABYTES="" # Enable the defrag during etcd server bootstrap on condition that it will free at least the provided threshold of disk space. Needs to be set to non-zero value to take effect. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--bootstrap-defrag-threshold-megabytes' instead. # ETCD_BOOTSTRAP_DEFRAG_THRESHOLD_MEGABYTES="" # Enable the defrag during etcd server bootstrap on condition that it will free at least the provided threshold of disk space. Needs to be set to non-zero value to take effect. # ETCD_EXPERIMENTAL_WARNING_UNARY_REQUEST_DURATION="300ms" # Set time duration after which a warning is generated if a unary request takes more than this duration. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--warning-unary-request-duration' instead. # ETCD_MAX_LEARNERS="1" # Set the max number of learner members allowed in the cluster membership. # ETCD_EXPERIMENTAL_COMPACTION_SLEEP_INTERVAL="" # Sets the sleep interval between each compaction batch. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--compaction-sleep-interval' instead. # ETCD_COMPACTION_SLEEP_INTERVAL="" # Sets the sleep interval between each compaction batch. # ETCD_EXPERIMENTAL_DOWNGRADE_CHECK_TIME="" # Duration of time between two downgrade status checks. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--downgrade-check-time' instead. # ETCD_DOWNGRADE_CHECK_TIME="" # Duration of time between two downgrade status checks. # ETCD_EXPERIMENTAL_ENABLE_LEASE_CHECKPOINT_PERSIST="false" # Enable persisting remainingTTL to prevent indefinite auto-renewal of long lived leases. Always enabled in v3.6. Should be used to ensure smooth upgrade from v3.5 clusters with this feature enabled. Requires experimental-enable-lease-checkpoint to be enabled. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--feature-gates=LeaseCheckpointPersist=true' instead. # ETCD_EXPERIMENTAL_MEMORY_MLOCK="" # Enable to enforce etcd pages (in particular bbolt) to stay in RAM. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--memory-mlock' instead. # ETCD_EXPERIMENTAL_SNAPSHOT_CATCHUP_ENTRIES="" # Number of entries for a slow follower to catch up after compacting the raft storage entries. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--snapshot-catchup-entries' instead. # ETCD_SNAPSHOT_CATCHUP_ENTRIES="" # Number of entries for a slow follower to catch up after compacting the raft storage entries. # ETCD_EXPERIMENTAL_STOP_GRPC_SERVICE_ON_DEFRAG="" # Enable etcd gRPC service to stop serving client requests on defragmentation. Deprecated in v3.6 and will be decommissioned in v3.7. Use '--feature-gates=StopGRPCServiceOnDefrag=true' instead. # Unsafe feature: # ETCD_FORCE_NEW_CLUSTER="false" # Force to create a new one-member cluster. # ETCD_UNSAFE_NO_FSYNC="false" # Disables fsync, unsafe, will cause data loss. # CAUTIOUS with unsafe flag! It may break the guarantees given by the consensus protocol!