summarylogtreecommitdiffstats
path: root/etcd.env
blob: 7f711d7aff9a9b59ec2d2fb9f71bed23182ee204 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
# Human_readable name for this member.
#
# default: "default"
#
# ETCD_NAME="default"

# Path to the data directory.
#
# default: "${name}.etcd"
# distribution default: "/var/lib/etcd"
#
# ETCD_DATA_DIR="/var/lib/etcd"

# Path to the dedicated wal directory.
# If this flag is set, etcd will write the WAL files
# to the walDir rather than the dataDir.
#
# default: ""
#
# ETCD_WAL_DIR=""

# Number of committed transactions to trigger a snapshot to disk.
#
# default: 10000
#
# ETCD_SNAPSHOT_COUNT=10000

# Time (in milliseconds) of a heartbeat interval.
#
# default: 100
#
# ETCD_HEARTBEAT_INTERVAL=100

# Time (in milliseconds) for an election to timeout.
#
# default: 1000
#
# ETCD_ELECTION_TIMEOUT=1000

# List of URLs to listen on for peer traffic.
#
# default: "http://localhost:2380,http://localhost:7001"
#
# ETCD_LISTEN_PEER_URLS="http://localhost:2380,http://localhost:7001"

# List of URLs to listen on for client traffic.
#
# default: "http://localhost:2379,http://localhost:4001"
#
# ETCD_LISTEN_CLIENT_URLS="http://localhost:2379,http://localhost:4001"

# Maximum number of snapshot files to retain (0 is unlimited)
#
# default: 5
#
# ETCD_MAX_SNAPSHOTS=5

# Maximum number of wal files to retain (0 is unlimited)
#
# default: 5
#
# ETCD_MAX_WALS=5

# Comma_separated white list of origins for CORS (cross_origin resource sharing).
#
# default: none
#
# ETCD_CORS=

# Raise alarms when backend size exceeds the given quota. 0 means use the
# default quota.
#
# default: 0
#
# ETCD_QUOTA_BACKEND_BYTES=0

# BackendBatchLimit is the maximum operations before commit the backend
# transaction.
#
# default: 0
#
# ETCD_BACKEND_BATCH_LIMIT=0

# The freelist type that etcd backend(bboltdb) uses (array and map are
# supported types).
#
# default: ()
#
# ETCD_BACKEND_BBOLT_FREELIST_TYPE=()

# BackendBatchInterval is the maximum time before commit the backend
# transaction.
#
# default: 0
#
# ETCD_BACKEND_BATCH_INTERVAL=0

# Maximum number of operations permitted in a transaction.
#
# default: 128
#
# ETCD_MAX_TXN_OPS=128

# Maximum client request size in bytes the server will accept.
#
# default: 1572864
#
# ETCD_MAX_REQUEST_BYTES=1572864

# Minimum duration interval that a client should wait before pinging server.
#
# default: 5s
#
# ETCD_GRPC_KEEPALIVE_MIN_TIME=5s

# Frequency duration of server-to-client ping to check if a connection is
# alive (0 to disable).
#
# default: 2h
#
# ETCD_GRPC_KEEPALIVE_INTERVAL=2h

# Additional duration of wait before closing a non-responsive connection
# (0 to disable).
#
# default: 20s
#
# ETCD_GRPC_KEEPALIVE_TIMEOUT=20s

# List of this member's peer URLs to advertise to the rest of the cluster.
# These addresses are used for communicating etcd data around the cluster.
# At least one must be routable to all cluster members.
#
# default: "http://localhost:2380,http://localhost:7001"
#
# ETCD_INITIAL_ADVERTISE_PEER_URLS="http://localhost:2380,http://localhost:7001"

# Initial cluster configuration for bootstrapping.
#
# default: "default=http://localhost:2380,default=http://localhost:7001"
# distribution default: "default=http://localhost:2380,default=http://localhost:7001"
#
# ETCD_INITIAL_CLUSTER="default=http://localhost:2380,default=http://localhost:7001"

# Initial cluster state ("new" or "existing").
# Set to new for all members present during initial static or DNS bootstrapping.
# If this option is set to existing, etcd will attempt to join the existing cluster.
# If the wrong value is set, etcd will attempt to start but fail safely.
#
# default: "new"
#
# ETCD_INITIAL_CLUSTER_STATE="new"

# Initial cluster token for the etcd cluster during bootstrap.
#
# default: "etcd_cluster"
#
# ETCD_INITIAL_CLUSTER_TOKEN="etcd_cluster"

# List of this member's client URLs to advertise to the rest of the cluster.
#
# default: "http://localhost:2379,http://localhost:4001"
#
# ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379,http://localhost:4001"

# Discovery URL used to bootstrap the cluster.
#
# default: none
#
# ETCD_DISCOVERY=

# DNS srv domain used to bootstrap the cluster.
#
# default: none
#
# ETCD_DISCOVERY_SRV=

# Suffix to the DNS srv name queried when bootstrapping using DNS.
#
# default: none
#
# ETCD_DISCOVERY_SRV_NAME=

# Expected behavior ("exit" or "proxy") when discovery services fails.
# "proxy" supports v2 API only.
#
# default: "proxy"
#
# ETCD_DISCOVERY_FALLBACK="proxy"

# HTTP proxy to use for traffic to discovery service.
#
# default: none
#
# ETCD_DISCOVERY_PROXY=

# Reject reconfiguration requests that would cause quorum loss.
#
# default: true
#
# ETCD_STRICT_RECONFIG_CHECK=true

# Auto compaction retention for mvcc key value store in hour. 0 means disable
# auto compaction.
#
# default: 0
#
# ETCD_AUTO_COMPACTION_RETENTION=0

# Interpret 'auto-compaction-retention' one of: 'periodic', 'revision'.
# 'periodic' for duration based retention, defaulting to hours if no time
# unit is provided (e.g. '5m'). 'revision' for revision number based retention.
#
# default: periodic
#
# ETCD_AUTO_COMPACTION_MODE=periodic

# Accept etcd V2 client requests
#
# default: false
#
# ETCD_ENABLE_V2=false

# Proxy mode setting ("off", "readonly" or "on").
#
# default: "off"
#
# ETCD_PROXY="off"

# Time (in milliseconds) an endpoint will be held
# in a failed state before being reconsidered for proxied requests.
#
# default: 5000
#
# ETCD_PROXY_FAILURE_WAIT=5000

# Time (in milliseconds) of the endpoints refresh interval.
#
# default: 30000
#
# ETCD_PROXY_REFRESH_INTERVAL=30000

# Time (in milliseconds) for a dial to timeout or 0 to disable the timeout.
#
# default: 1000
#
# ETCD_PROXY_DIAL_TIMEOUT=1000

# Time (in milliseconds) for a write to timeout or 0 to disable the timeout.
#
# default: 5000
#
# ETCD_PROXY_WRITE_TIMEOUT=5000

# Time (in milliseconds) for a read to timeout or 0 to disable the timeout.
# Don't change this value if you use watches because they are using long polling requests.
#
# default: 0
#
# ETCD_PROXY_READ_TIMEOUT=0

# [DEPRECATED] Path to the client server TLS CA file.
#
# default: none
#
# ETCD_CA_FILE=

# Path to the client server TLS cert file.
#
# default: none
#
# ETCD_CERT_FILE=

# Path to the client server TLS key file.
#
# default: none
#
# ETCD_KEY_FILE=

# Enable client cert authentication.
#
# default: false
#
# ETCD_CLIENT_CERT_AUTH=false

# Path to the client certificate revocation list file.
#
# default: none
#
# ETCD_CLIENT_CRL_FILE=

# Allowed Allowed TLS name for client cert authentication.
#
# default: none
#
# ETCD_CLIENT_CERT_ALLOWED_HOSTNAME=

# Path to the client server TLS trusted CA key file.
#
# default: none
#
# ETCD_TRUSTED_CA_FILE=

# Client TLS using generated certificates
#
# default: false
#
# ETCD_AUTO_TLS=false

# [DEPRECATED] Path to the peer server TLS CA file.
#
# default: none
#
# ETCD_PEER_CA_FILE=

# Path to the peer server TLS cert file.
#
# default: none
#
# ETCD_PEER_CERT_FILE=

# Path to the peer server TLS key file.
#
# default: none
#
# ETCD_PEER_KEY_FILE=

# Enable peer client cert authentication.
#
# default: false
#
# ETCD_PEER_CLIENT_CERT_AUTH=false

# Path to the peer certificate revocation list file.
#
# default: none
#
# ETCD_PEER_CRL_FILE=

# Path to the peer server TLS trusted CA file.
#
# default: none
#
# ETCD_PEER_TRUSTED_CA_FILE=

# Peer TLS using generated certificates.
#
# default: false
#
# ETCD_PEER_AUTO_TLS=false

# Allowed CommonName for inter peer authentication.
#
# default: none
#
# ETCD_PEER_CERT_ALLOWED_CN=

# Allowed TLS certificate name for inter peer authentication.
#
# default: none
#
# ETCD_PEER_CERT_ALLOWED_HOSTNAME=

# Comma-separated list of supported TLS cipher suites between server/client
# and peers.
#
# default: none
#
# ETCD_CIPHER_SUITES=

# Specify 'zap' for structured logging or 'capnslog'.
# WARNING: --logger=capnslog to be deprecated in v3.5.
#
# default: capnslog
#
# ETCD_LOGGER=capnslog

# Specify 'stdout' or 'stderr' to skip journald logging even when running
# under systemd, or list of comma separated output targets.
#
# default: default
#
# ETCD_LOG_OUTPUTS=default

# Configures log level. Only supports debug, info, warn, error, panic,
# or fatal.
#
# default: info
#
# ETCD_LOG_LEVEL=info

# [DEPRECATED] Drop the default log level to DEBUG for all subpackages.
#
# default: false (INFO for all packages)
#
# ETCD_DEBUG=false

# [DEPRECATED] Set individual etcd subpackages to specific log levels.
# An example being etcdserver=WARNING,security=DEBUG
#
# default: none (INFO for all packages)
#
# ETCD_LOG_PACKAGE_LEVELS=

# Force to create a new one_member cluster.
# It commits configuration changes in force to remove all existing members in the cluster and add itself.
# It needs to be set to restore a backup.
#
# default: false
#
# ETCD_FORCE_NEW_CLUSTER=false

# Enable runtime profiling data via HTTP server. Address is at client URL +
# "/debug/pprof/"
#
# default: false
#
# ETCD_ENABLE_PPROF=false

# Set level of detail for exported metrics, specify 'extensive to include
# server side grpc histogram metrics.
#
# default: basic
#
# ETCD_METRICS=basic

# List of additional URLs to listen on that will respond to both
# the /metrics and /health endpoints.
#
# default: none
#
# ETCD_LISTEN_METRICS_URLS=

# Specify a token type and token specific options, especially for JWT.
# Its format is "type,var1=val1,var2=val2,...". Possible type is 'simple'
# or 'jwt'. Possible variables are 'sign-method' for specifying a sign
# method of jwt (its possible values are 'ES256', 'ES384', 'ES512',
# 'HS256', 'HS384', 'HS512', 'RS256', 'RS384', 'RS512', 'PS256',
# 'PS384', or 'PS512'), 'pub-key' for specifying a path to a public
# key for verifying jwt, 'priv-key' for specifying a path to a private key
# for signing jwt, and 'ttl' for specifying TTL of jwt tokens.
#
# For asymmetric algorithms ('RS', 'PS', 'ES'), the public key
# is optional, as the private key contains enough information to both sign
# and verify tokens.
#
# Example option of JWT: '–auth-token jwt,pub-key=app.rsa.pub,priv-
# key=app.rsa,sign-method=RS512,ttl=10m'
#
# default: "simple"
#
# ETCD_AUTH_TOKEN="simple"

# Duration of time between cluster corruption check passes.
#
# default: 0s
#
# ETCD_EXPERIMENTAL_CORRUPT_CHECK_TIME=0s

# Sets the maximum revisions deleted in each compaction batch.
#
# default: 1000
#
# ETCD_EXPERIMENTAL_COMPACTION_BATCH_LIMIT=1000

# Skip verification of SAN field in client certificate for peer connections.
# This can be helpful e.g. if cluster members run in different networks
# behind a NAT. In this case make sure to use peer certificates based on a
# private certificate authority using --peer-cert-file, --peer-key-file,
# --peer-trusted-ca-file.
#
# default: false
#
# ETCD_EXPERIMENTAL_PEER_SKIP_CLIENT_SAN_VERIFICATION=false