# start a local etcd server /etcd/etcd/etcd # write,read to etcd /etcd/etcd/etcdctl --endpoints=localhost:2379 put foo bar /etcd/etcd/etcdctl --endpoints=localhost:2379 get foo
COMMANDS: alarm disarm Disarms all alarms alarm list Lists all alarms auth disable Disables authentication auth enable Enables authentication check datascale Check the memory usage of holding data for different workloads on a given server endpoint. check perf Check the performance of the etcd cluster compaction Compacts the event history in etcd defrag Defragments the storage of the etcd members with given endpoints del Removes the specified key or range of keys [key, range_end) elect Observes and participates in leader election endpoint hashkv Prints the KV history hash for each endpoint in --endpoints endpoint health Checks the healthiness of endpoints specified in `--endpoints` flag endpoint status Prints out the status of endpoints specified in `--endpoints` flag get Gets the key or a range of keys help Help about any command lease grant Creates leases lease keep-alive Keeps leases alive (renew) lease list List all active leases lease revoke Revokes leases lease timetolive Get lease information lock Acquires a named lock make-mirror Makes a mirror at the destination etcd cluster member add Adds a member into the cluster member list Lists all members in the cluster member promote Promotes a non-voting member in the cluster member remove Removes a member from the cluster member update Updates a member in the cluster migrate Migrates keys in a v2 store to a mvcc store move-leader Transfers leadership to another etcd cluster member. put Puts the given key into the store role add Adds a new role role delete Deletes a role role get Gets detailed information of a role role grant-permission Grants a key to a role role list Lists all roles role revoke-permission Revokes a key from a role snapshot restore Restores an etcd member snapshot to an etcd directory snapshot save Stores an etcd node backend snapshot to a given file snapshot status Gets backend snapshot status of a given file txn Txn processes all the requests in one transaction user add Adds a new user user delete Deletes a user user get Gets detailed information of a user user grant-role Grants a role to a user user list Lists all users user passwd Changes password of user user revoke-role Revokes a role from a user version Prints the version of etcdctl watch Watches events stream on keys or prefixes
OPTIONS: --cacert="" verify certificates of TLS-enabled secure servers using this CA bundle --cert="" identify secure client using this TLS certificate file --command-timeout=5s timeout for short running command (excluding dial timeout) --debug[=false] enable client-side debug logging --dial-timeout=2s dial timeout for client connections -d, --discovery-srv="" domain name to query for SRV records describing cluster endpoints --discovery-srv-name="" service name to query when using DNS discovery --endpoints=[127.0.0.1:2379] gRPC endpoints -h, --help[=false] help for etcdctl --hex[=false] print byte strings as hex encoded strings --insecure-discovery[=true] accept insecure SRV records describing cluster endpoints --insecure-skip-tls-verify[=false] skip server certificate verification --insecure-transport[=true] disable transport security for client connections --keepalive-time=2s keepalive time for client connections --keepalive-timeout=6s keepalive timeout for client connections --key="" identify secure client using this TLS key file --password="" password for authentication (if this option is used, --user option shouldn't include password) --user="" username[:password] for authentication (prompt if password is not supplied) -w, --write-out="simple" set the output format (fields, json, protobuf, simple, table)
设置、更新key
1 2 3 4 5
# 设置 $ /etcd/etcd/etcdctl --endpoints=localhost:2379 put /test/1 "Hello world1" # 更新 $ /etcd/etcd/etcdctl --endpoints=localhost:2379 put /test/1 "Hello world2"
获取key
1 2 3 4 5
$ /etcd/etcd/etcdctl --endpoints=localhost:2379 get /test/1 # 匹配前缀查询 $ /etcd/etcd/etcdctl --endpoints=localhost:2379 get /test --prefix $ /etcd/etcd/etcdctl --endpoints=localhost:2379 --write-out="json" get /test/1
删除key
1 2 3 4
$ /etcd/etcd/etcdctl --endpoints=localhost:2379 del /test/1 # 匹配前缀删除 $ /etcd/etcd/etcdctl --endpoints=localhost:2379 del /test --prefix
etcd -h | --help Show the help information about etcd.
etcd --config-file Path to the server configuration file. Note that if a configuration file is provided, other command line flags and environment variables will be ignored.
etcd gateway Run the stateless pass-through etcd TCP connection forwarding proxy.
etcd grpc-proxy Run the stateless etcd v3 gRPC L7 reverse proxy.
Member: --name 'default' Human-readable name for this member. --data-dir '${name}.etcd' Path to the data directory. --wal-dir '' Path to the dedicated wal directory. --snapshot-count '100000' Number of committed transactions to trigger a snapshot to disk. --heartbeat-interval '100' Time (in milliseconds) of a heartbeat interval. --election-timeout '1000' Time (in milliseconds) for an election to timeout. See tuning documentation for details. --initial-election-tick-advance 'true' Whether to fast-forward initial election ticks on boot for faster election. --listen-peer-urls 'http://localhost:2380' List of URLs to listen on for peer traffic. --listen-client-urls 'http://localhost:2379' List of URLs to listen on for client traffic. --max-snapshots '5' Maximum number of snapshot files to retain (0 is unlimited). --max-wals '5' Maximum number of wal files to retain (0 is unlimited). --quota-backend-bytes '0' Raise alarms when backend size exceeds the given quota (0 defaults to low space quota). --backend-batch-interval '' BackendBatchInterval is the maximum time before commit the backend transaction. --backend-batch-limit '0' BackendBatchLimit is the maximum operations before commit the backend transaction. --max-txn-ops '128' Maximum number of operations permitted in a transaction. --max-request-bytes '1572864' Maximum client request size in bytes the server will accept. --grpc-keepalive-min-time '5s' Minimum duration interval that a client should wait before pinging server. --grpc-keepalive-interval '2h' Frequency duration of server-to-client ping to check if a connection is alive (0 to disable). --grpc-keepalive-timeout '20s' Additional duration of wait before closing a non-responsive connection (0 to disable).
Clustering: --initial-advertise-peer-urls 'http://localhost:2380' List of this member's peer URLs to advertise to the rest of the cluster. --initial-cluster 'default=http://localhost:2380' Initial cluster configuration for bootstrapping. --initial-cluster-state 'new' Initial cluster state ('new' or 'existing'). --initial-cluster-token 'etcd-cluster' Initial cluster token for the etcd cluster during bootstrap. Specifying this can protect you from unintended cross-cluster interaction when running multiple clusters. --advertise-client-urls 'http://localhost:2379' List of this member's client URLs to advertise to the public. The client URLs advertised should be accessible to machines that talk to etcd cluster. etcd client libraries parse these URLs to connect to the cluster. --discovery '' Discovery URL used to bootstrap the cluster. --discovery-fallback 'proxy' Expected behavior ('exit' or 'proxy') when discovery services fails. "proxy" supports v2 API only. --discovery-proxy '' HTTP proxy to use for traffic to discovery service. --discovery-srv '' DNS srv domain used to bootstrap the cluster. --discovery-srv-name '' Suffix to the dns srv name queried when bootstrapping. --strict-reconfig-check 'true' Reject reconfiguration requests that would cause quorum loss. --pre-vote 'false' Enable to run an additional Raft election phase. --auto-compaction-retention '0' Auto compaction retention length. 0 means disable auto compaction. --auto-compaction-mode 'periodic' Interpret 'auto-compaction-retention' one of: periodic|revision. 'periodic' for duration based retention, defaulting to hours if no time unit is provided (e.g. '5m'). 'revision' for revision number based retention. --enable-v2 'false' Accept etcd V2 client requests.
Security: --cert-file '' Path to the client server TLS cert file. --key-file '' Path to the client server TLS key file. --client-cert-auth 'false' Enable client cert authentication. --client-crl-file '' Path to the client certificate revocation list file. --client-cert-allowed-hostname '' Allowed TLS hostname for client cert authentication. --trusted-ca-file '' Path to the client server TLS trusted CA cert file. --auto-tls 'false' Client TLS using generated certificates. --peer-cert-file '' Path to the peer server TLS cert file. --peer-key-file '' Path to the peer server TLS key file. --peer-client-cert-auth 'false' Enable peer client cert authentication. --peer-trusted-ca-file '' Path to the peer server TLS trusted CA file. --peer-cert-allowed-cn '' Required CN for client certs connecting to the peer endpoint. --peer-cert-allowed-hostname '' Allowed TLS hostname for inter peer authentication. --peer-auto-tls 'false' Peer TLS using self-generated certificates if --peer-key-file and --peer-cert-file are not provided. --peer-crl-file '' Path to the peer certificate revocation list file. --cipher-suites '' Comma-separated list of supported TLS cipher suites between client/server and peers (empty will be auto-populated by Go). --cors '*' Comma-separated whitelist of origins for CORS, or cross-origin resource sharing, (empty or * means allow all). --host-whitelist '*' Acceptable hostnames from HTTP client requests, if server is not secure (empty or * means allow all).
Auth: --auth-token 'simple' Specify a v3 authentication token type and its options ('simple' or 'jwt'). --bcrypt-cost 10 Specify the cost / strength of the bcrypt algorithm for hashing auth passwords. Valid values are between 4 and 31.
Profiling and Monitoring: --enable-pprof 'false' Enable runtime profiling data via HTTP server. Address is at client URL + "/debug/pprof/" --metrics 'basic' Set level of detail for exported metrics, specify 'extensive' to include histogram metrics. --listen-metrics-urls '' List of URLs to listen on for the metrics and health endpoints.
Logging: --logger 'capnslog' Specify 'zap' for structured logging or 'capnslog'. [WARN] 'capnslog' will be deprecated in v3.5. --log-outputs 'default' Specify 'stdout' or 'stderr' to skip journald logging even when running under systemd, or list of comma separated output targets. --log-level 'info' Configures log level. Only supports debug, info, warn, error, panic, or fatal.
v2 Proxy (to be deprecated in v4): --proxy 'off' Proxy mode setting ('off', 'readonly' or 'on'). --proxy-failure-wait 5000 Time (in milliseconds) an endpoint will be held in a failed state. --proxy-refresh-interval 30000 Time (in milliseconds) of the endpoints refresh interval. --proxy-dial-timeout 1000 Time (in milliseconds) for a dial to timeout. --proxy-write-timeout 5000 Time (in milliseconds) for a write to timeout. --proxy-read-timeout 0 Time (in milliseconds) for a read to timeout.
Experimental feature: --experimental-initial-corrupt-check 'false' Enable to check data corruption before serving any client/peer traffic. --experimental-corrupt-check-time '0s' Duration of time between cluster corruption check passes. --experimental-enable-v2v3 '' Serve v2 requests through the v3 backend under a given prefix. --experimental-backend-bbolt-freelist-type 'array' ExperimentalBackendFreelistType specifies the type of freelist that boltdb backend uses(array and map are supported types). --experimental-enable-lease-checkpoint 'false' ExperimentalEnableLeaseCheckpoint enables primary lessor to persist lease remainingTTL to prevent indefinite auto-renewal of long lived leases. --experimental-compaction-batch-limit 1000 ExperimentalCompactionBatchLimit sets the maximum revisions deleted in each compaction batch. --experimental-peer-skip-client-san-verification 'false' Skip verification of SAN field in client certificate for peer connections.
Unsafe feature: --force-new-cluster 'false' Force to create a new one-member cluster.
CAUTIOUS with unsafe flag! It may break the guarantees given by the consensus protocol!
TO BE DEPRECATED:
--debug 'false' Enable debug-level logging for etcd. [WARN] Will be deprecated in v3.5. Use '--log-level=debug' instead. --log-package-levels '' Specify a particular log level for each etcd package (eg: 'etcdmain=CRITICAL,etcdserver=DEBUG').
--initial-cluster-state new //用于指示本次是否为新建集群。有两个取值new和existing。如果填为existing,则该member启动时会尝试与其他member交互。集群初次建立时,要填为new,经尝试最后一个节点填existing也正常,其他节点不能填为existing。集群运行过程中,一个member故障后恢复时填为existing,经尝试填为new也正常。
[root@localhost ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 36b1c9db2321 willdockerhub/etcd:v3.3.12 "/usr/local/bin/et..." About a minute ago Up About a minute 0.0.0.0:2379-2380->2379-2380/tcp etcd
查看集群状态
1 2 3 4 5
[root@localhost ~]# docker exec -it etcd /usr/local/bin/etcdctl cluster-health member 1d5a95e7cc3da4a2 is healthy: got healthy result from http://192.168.92.11:2379 member 2324302b6450f04d is healthy: got healthy result from http://192.168.92.12:2379 member 7f413d967727fb2b is healthy: got healthy result from http://192.168.92.13:2379 cluster is healthy
