diff --git a/internal/backend/remote-state/etcdv3/backend.go b/internal/backend/remote-state/etcdv3/backend.go index 598f31583e81..7285bda968f9 100644 --- a/internal/backend/remote-state/etcdv3/backend.go +++ b/internal/backend/remote-state/etcdv3/backend.go @@ -15,6 +15,7 @@ const ( usernameEnvVarName = "ETCDV3_USERNAME" passwordKey = "password" passwordEnvVarName = "ETCDV3_PASSWORD" + maxRequestBytesKey = "max_request_bytes" prefixKey = "prefix" lockKey = "lock" cacertPathKey = "cacert_path" @@ -49,6 +50,13 @@ func New() backend.Backend { DefaultFunc: schema.EnvDefaultFunc(passwordEnvVarName, ""), }, + maxRequestBytesKey: &schema.Schema{ + Type: schema.TypeInt, + Optional: true, + Description: "The max request size to send to etcd.", + Default: 0, + }, + prefixKey: &schema.Schema{ Type: schema.TypeString, Optional: true, @@ -128,6 +136,9 @@ func (b *Backend) rawClient() (*etcdv3.Client, error) { if v, ok := b.data.GetOk(passwordKey); ok && v.(string) != "" { config.Password = v.(string) } + if v, ok := b.data.GetOk(maxRequestBytesKey); ok && v.(int) != 0 { + config.MaxCallSendMsgSize = v.(int) + } if v, ok := b.data.GetOk(cacertPathKey); ok && v.(string) != "" { tlsInfo.TrustedCAFile = v.(string) } diff --git a/website/docs/language/settings/backends/etcdv3.html.md b/website/docs/language/settings/backends/etcdv3.html.md index 7c31d5125bed..318a7b405df3 100644 --- a/website/docs/language/settings/backends/etcdv3.html.md +++ b/website/docs/language/settings/backends/etcdv3.html.md @@ -10,7 +10,7 @@ description: |- **Kind: Standard (with locking)** -Stores the state in the [etcd](https://coreos.com/etcd/) KV store with a given prefix. +Stores the state in the [etcd](https://etcd.io/) KV store with a given prefix. This backend supports [state locking](/docs/language/state/locking.html). @@ -54,3 +54,4 @@ The following configuration options / environment variables are supported: * `cacert_path` - (Optional) The path to a PEM-encoded CA bundle with which to verify certificates of TLS-enabled etcd servers. * `cert_path` - (Optional) The path to a PEM-encoded certificate to provide to etcd for secure client identification. * `key_path` - (Optional) The path to a PEM-encoded key to provide to etcd for secure client identification. + * `max_request_bytes` - (Optional) The max request size to send to etcd. This can be increased to enable storage of larger state. You must set the corresponding server-side flag [--max-request-bytes](https://etcd.io/docs/current/dev-guide/limit/#request-size-limit) as well and the value should be less than the client setting. Defaults to `2097152` (2.0 MiB). **Please Note:** Increasing etcd's request size limit may negatively impact overall latency.