Etcdctl v2 and v3 Aliases for Peer Authenticated Commands

February 8, 2019

Getting all the arguments to etcdctl right can be a bit of a pain. Here are a couple of aliases which take advantage of the values in the etcd.conf file.

alias etcd2='. /etc/etcd/etcd.conf && \
    ETCDCTL_API=2 etcdctl \
    --cert-file ${ETCD_PEER_CERT_FILE} \
    --key-file ${ETCD_PEER_KEY_FILE} \
    --endpoints "${ETCD_ADVERTISE_CLIENT_URLS}"'

alias etcd3='. /etc/etcd/etcd.conf && \
    ETCDCTL_API=3 etcdctl \
    --cert ${ETCD_PEER_CERT_FILE} \
    --key ${ETCD_PEER_KEY_FILE} \
    --endpoints "${ETCD_ADVERTISE_CLIENT_URLS}"'

If you are using OpenShift, you may also find that you already have some bash functions enabled by the etcd role in /etc/profile.d/ They will look different depending on your version. Below is from 3.9.

# Sets up handy aliases for etcd, need etcdctl2 and etcdctl3 because
# command flags are different between the two. Should work on stand
# alone etcd hosts and master + etcd hosts too because we use the peer keys.
etcdctl2() {
 /usr/bin/etcdctl --cert-file /etc/etcd/peer.crt --key-file /etc/etcd/peer.key --ca-file /etc/etcd/ca.crt -C https://`hostname`:2379 ${@}


etcdctl3() {
 ETCDCTL_API=3 /usr/bin/etcdctl --cert /etc/etcd/peer.crt --key /etc/etcd/peer.key --cacert /etc/etcd/ca.crt --endpoints https://`hostname`:2379 ${@}


[root@ose-test-etcd-01 bin]# etcd3 member list -w table
|        ID        | STATUS  |             NAME               |         PEER ADDRS       |        CLIENT ADDRS      |
| 3cc657644e2e1080 | started | | | |
| 669fc09764815697 | started | | | |
| dd1f136e71579ace | started | | | |
[root@ose-test-etcd-01 bin]# etcd2 cluster-health
member 3cc657644e2e1080 is healthy: got healthy result from
member 669fc09764815697 is healthy: got healthy result from
member dd1f136e71579ace is healthy: got healthy result from
cluster is healthy
comments powered by Disqus