From b6bb82b8bf7b5becff5b3b6095c3e5e73cad150f Mon Sep 17 00:00:00 2001 From: Kaustubh Dhokte Date: Thu, 19 Oct 2023 17:58:25 +0000 Subject: [PATCH] Use etcd v2 api prefix in etcd init.d script Starting 3.4, default API for etcdctl commands is v3. But v2 is still supported and extensively used in 3.4. (source: https://github.com/etcd-io/etcd/issues/12913) Although it is a better idea to use v3 at as much places in the code as possible, in case of cluster health API, v2 API gives more clearer error about bad certificate usage than v3. So it is better to stick to v2 than v3 at least in this case. An environment variable ETCDCTL_API is used to specify the usage of non-default version. A prefix for v2 API usage is added to the only occurence of 'etcdctl' in the /etc/init.d/etcd script. Test Plan: PASS: Run '/etc/init.d/etcd status' with correct pair of certs. Etcd status is 'Running'. PASS: Run '/etc/init.d/etcd status' with incorrect pair of certs. Etcd status is 'Running'. Story: 2010878 Task: 48960 Change-Id: Idaaecfeec2c4851b4e33c21839df12cea5a65c2e Signed-off-by: Kaustubh Dhokte --- puppet-manifests/src/modules/platform/files/etcd | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/puppet-manifests/src/modules/platform/files/etcd b/puppet-manifests/src/modules/platform/files/etcd index eb33ad0e..7023a2da 100644 --- a/puppet-manifests/src/modules/platform/files/etcd +++ b/puppet-manifests/src/modules/platform/files/etcd @@ -44,9 +44,9 @@ ETCD_LISTEN_CLIENT_URL="${URLS[-1]}" status() { if [[ $ETCD_LISTEN_CLIENT_URL =~ "https" ]]; then - etcd_health="$(etcdctl --timeout 5s --ca-file /etc/etcd/ca.crt -cert-file /etc/etcd/etcd-server.crt --key-file /etc/etcd/etcd-server.key --endpoints="$ETCD_LISTEN_CLIENT_URL" cluster-health 2>&1)" + etcd_health="$(ETCDCTL_API=2 etcdctl --timeout 5s --ca-file /etc/etcd/ca.crt -cert-file /etc/etcd/etcd-server.crt --key-file /etc/etcd/etcd-server.key --endpoints="$ETCD_LISTEN_CLIENT_URL" cluster-health 2>&1)" else - etcd_health="$(etcdctl --timeout 5s --endpoints="$ETCD_LISTEN_CLIENT_URL" cluster-health 2>&1 | head -n 1)" + etcd_health="$(ETCDCTL_API=2 etcdctl --timeout 5s --endpoints="$ETCD_LISTEN_CLIENT_URL" cluster-health 2>&1 | head -n 1)" fi # LP: 2033942. In case if the status method is called in between