Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enabling authentication in cluster will not synchronize this change to other members #3601

Closed
densetsunozero opened this issue Sep 28, 2015 · 6 comments
Closed

Enabling authentication in cluster will not synchronize this change to other members #3601

densetsunozero opened this issue Sep 28, 2015 · 6 comments
Assignees
@xiang90
Labels
type/bug
Milestone
v2.3.0-alpha1

Comments

@densetsunozero
Copy link

Hi,
I built a 3-member cluster ( infra1, infra2, infra3 ) on three machines (dev01, dev02, dev03) with the latest stable version 2.2.0. Now I found that if I enable authentication on one member after creating root user, sometimes this change will be synchronize to other members, but sometimes it won't. And it seemed that using command line tool etcdctl auth enable has greater chance to trigger this bug than using curl.

Here's my steps:

  1. Start the cluster according to https://github.com/coreos/etcd/blob/master/Documentation/clustering.md
  2. Create root user on infra1 by curl or etcdctl, this change will be reflected on all the other members.
  3. Use etcdctl auth enable on infra1, or curl, to enable authentication.
  4. Use curl http://dev02:2379/v2/auth/enable and curl http://dev03:2379/v2/auth/enable to check the authentication status on infra2 and infra3. Sometime one or both will return {"enabled": false }

Thanks.
@yichengq
Copy link
Contributor

I could reproduce this.

It is caused by the cache of enabled var in auth pkg.

@densetsunozero
Copy link
Author

Thanks for the reply. I hope this issue get fixed soon.

@xiang90 xiang90 added this to the v2.3.0 milestone Sep 29, 2015
@MSamman
Copy link

MSamman commented Oct 2, 2015

I can pick this up?

@raoofm
Copy link
Contributor

raoofm commented Oct 14, 2015

@yichengq I use the same version, why don't I face this issue?

@yichengq
Copy link
Contributor

@MSamman sure.

@raoofm I think if it restarts, it will work correctly then.

@xiang90 xiang90 self-assigned this Nov 23, 2015
@mitake mitake mentioned this issue Dec 16, 2015
Closed
@xiang90
Copy link
Contributor

xiang90 commented Jan 25, 2016

@mitake Are you still working on this one?

mitake added a commit to mitake/etcd that referenced this issue Jan 26, 2016
@mitake
etcdserver, auth: not cache a flag of auth status
74938a6 
This commit removes a flag that indicates auth is enabled or disabled
because it doesn't have an invalidation mechanism.

Fixes etcd-io#3601 and etcd-io#3964
mitake added a commit to mitake/etcd that referenced this issue Jan 26, 2016
@mitake
etcdserver, auth: not cache a flag of auth status
753b136 
This commit removes a flag that indicates auth is enabled or disabled
because it doesn't have an invalidation mechanism.

Fixes etcd-io#3601 and etcd-io#3964
@mitake mitake mentioned this issue Jan 26, 2016
Merged
mitake added a commit to mitake/etcd that referenced this issue Jan 26, 2016
@mitake
etcdserver, auth: not cache a flag of auth status
0ca3ca5 
This commit removes a flag that indicates auth is enabled or disabled
because it doesn't have an invalidation mechanism.

Fixes etcd-io#3601 and etcd-io#3964
mitake added a commit to mitake/etcd that referenced this issue Jan 26, 2016
@mitake
etcdserver, auth: not cache a flag of auth status
b2d2c79 
This commit removes a flag that indicates auth is enabled or disabled
because it doesn't have an invalidation mechanism.

Fixes etcd-io#3601 and etcd-io#3964
gyuho pushed a commit to gyuho/etcd that referenced this issue Jan 27, 2016
@mitake @gyuho
etcdserver, auth: not cache a flag of auth status
f7314e6 
This commit removes a flag that indicates auth is enabled or disabled
because it doesn't have an invalidation mechanism.

Fixes etcd-io#3601 and etcd-io#3964

Conflicts:
	etcdserver/auth/auth.go
gyuho pushed a commit to gyuho/etcd that referenced this issue Jan 27, 2016
@mitake @gyuho
etcdserver, auth: not cache a flag of auth status
dc7c9eb 
This commit removes a flag that indicates auth is enabled or disabled
because it doesn't have an invalidation mechanism.

Fixes etcd-io#3601 and etcd-io#3964

Conflicts:
	etcdserver/auth/auth.go
gyuho pushed a commit that referenced this issue Jan 27, 2016
@mitake @gyuho
etcdserver, auth: not cache a flag of auth status
259f89d 
This commit removes a flag that indicates auth is enabled or disabled
because it doesn't have an invalidation mechanism.

Fixes #3601 and #3964

Conflicts (Resolved):
	etcdserver/auth/auth.go
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@xiang90 xiang90

Labels
type/bug
Milestone
v2.3.0-alpha1
Development

No branches or pull requests
5 participants
@MSamman @densetsunozero @yichengq @xiang90 @raoofm