if auth is disabled the etcdctl doesn't work with --user option #7724
Assignees
Comments
raoofm
changed the title
|
/cc @mitake |
Thanks for your report and the above motivation seems to be reasonable. I'll solve this problem. |
mitake
added a commit
to mitake/etcd
that referenced
this issue
Apr 18, 2017
mitake
added a commit
to mitake/etcd
that referenced
this issue
Apr 18, 2017
mitake
added a commit
to mitake/etcd
that referenced
this issue
Apr 19, 2017
mitake
added a commit
to mitake/etcd
that referenced
this issue
Apr 19, 2017
mitake
added a commit
to mitake/etcd
that referenced
this issue
Apr 19, 2017
ptabor
added a commit
to ptabor/etcd
that referenced
this issue
Aug 4, 2020
The test was vary flaky on Travis. Seems that since (etcd-io#7724) the client is expected to simply ignore whether server is in AuthDisabled mode even if the user supplies credentials. The tests used to: * use very large cluster (10 nodes) * set very low timeout (1 sec) Such setup led to frequent deadlineExceed errors or following failures: === RUN TestGetTokenWithoutAuth {"level":"warn","ts":"2020-08-04T16:50:48.686+0200","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"endpoint://client-35573307-1ee5-441b-acc7-d073f0bd7de5/localhost:69820396562031027440","attempt":0,"error":"rpc error: code = Unavailable desc = etcdserver: leader changed"} user_test.go:151: other errors:etcdserver: leader changed --- FAIL: TestGetTokenWithoutAuth (10.91s)
ptabor
added a commit
to ptabor/etcd
that referenced
this issue
Aug 4, 2020
The test is vary flaky on Travis. Seems that since (etcd-io#7724) the client is expected to simply ignore whether server is in AuthDisabled mode even if the user supplies credentials. The tests used to: * use very large cluster (10 nodes) * set very low timeout (1 sec) Such setup led to frequent deadlineExceed errors or following failures: === RUN TestGetTokenWithoutAuth {"level":"warn","ts":"2020-08-04T16:50:48.686+0200","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"endpoint://client-35573307-1ee5-441b-acc7-d073f0bd7de5/localhost:69820396562031027440","attempt":0,"error":"rpc error: code = Unavailable desc = etcdserver: leader changed"} user_test.go:151: other errors:etcdserver: leader changed --- FAIL: TestGetTokenWithoutAuth (10.91s)
ptabor
added a commit
to ptabor/etcd
that referenced
this issue
Aug 4, 2020
The test is vary flaky on Travis. Seems that since (etcd-io#7724) the client is expected to simply ignore whether server is in AuthDisabled mode even if the user supplies credentials. The tests used to: * use very large cluster (10 nodes) * set very low timeout (1 sec) Such setup led to frequent deadlineExceed errors or following failures: === RUN TestGetTokenWithoutAuth {"level":"warn","ts":"2020-08-04T16:50:48.686+0200","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"endpoint://client-35573307-1ee5-441b-acc7-d073f0bd7de5/localhost:69820396562031027440","attempt":0,"error":"rpc error: code = Unavailable desc = etcdserver: leader changed"} user_test.go:151: other errors:etcdserver: leader changed --- FAIL: TestGetTokenWithoutAuth (10.91s)
ptabor
added a commit
to ptabor/etcd
that referenced
this issue
Aug 4, 2020
The test is vary flaky on Travis. Seems that since (etcd-io#7724) the client is expected to simply ignore whether server is in AuthDisabled mode even if the user supplies credentials. The tests used to: * use very large cluster (10 nodes) * set very low timeout (1 sec) Such setup led to frequent deadlineExceed errors or following failures: === RUN TestGetTokenWithoutAuth {"level":"warn","ts":"2020-08-04T16:50:48.686+0200","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"endpoint://client-35573307-1ee5-441b-acc7-d073f0bd7de5/localhost:69820396562031027440","attempt":0,"error":"rpc error: code = Unavailable desc = etcdserver: leader changed"} user_test.go:151: other errors:etcdserver: leader changed --- FAIL: TestGetTokenWithoutAuth (10.91s)
xiang90
pushed a commit
that referenced
this issue
Aug 7, 2020
The test is vary flaky on Travis. Seems that since (#7724) the client is expected to simply ignore whether server is in AuthDisabled mode even if the user supplies credentials. The tests used to: * use very large cluster (10 nodes) * set very low timeout (1 sec) Such setup led to frequent deadlineExceed errors or following failures: === RUN TestGetTokenWithoutAuth {"level":"warn","ts":"2020-08-04T16:50:48.686+0200","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"endpoint://client-35573307-1ee5-441b-acc7-d073f0bd7de5/localhost:69820396562031027440","attempt":0,"error":"rpc error: code = Unavailable desc = etcdserver: leader changed"} user_test.go:151: other errors:etcdserver: leader changed --- FAIL: TestGetTokenWithoutAuth (10.91s)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
etcdctl fails. It should still work. If this was done intentionally so that the user is aware that auth is disabled then a warning is sufficient. Else after disabling auth all the scripts needs a change too.
[rm@dev-vm-01 etcd]$ sudo ETCDCTL_API=3 ./etcdctl --endpoints=https://dev-vm-01.example.com:2379 version
etcdctl version: 3.1.5
API version: 3.1
[rm@dev-vm-01 etcd]$ sudo ETCDCTL_API=3 ./etcdctl --endpoints=https://dev-vm-01.example.com:2379,https://dev-vm-02.example.com:2379,https://dev-vm-03.example.com:2379 --cacert=/var/home/rm/cfssl/ca.pem --user=root:password endpoint status
2017-04-12 17:35:23.081712 I | warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated
Error: etcdserver: authentication is not enabled
The text was updated successfully, but these errors were encountered: