Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

etcdctl requires auth for endpoint status in 3.1.5 #7721

Closed
raoofm opened this issue Apr 12, 2017 · 4 comments
Closed

etcdctl requires auth for endpoint status in 3.1.5 #7721

raoofm opened this issue Apr 12, 2017 · 4 comments

Comments

@raoofm
Copy link
Contributor

raoofm commented Apr 12, 2017

This was not the case before. I'm sure until 3.1.3

[rm@dev-vm-01 etcd]$ sudo ETCDCTL_API=3 ./etcdctl --endpoints=https://dev-vm-01.example.com:2379,https://dev-vm-02.example.com:2379,https://dev-vm-03.example.com:2379 --cacert=/var/home/rm/cfssl/ca.pem -w table endpoint status
2017-04-12 16:21:24.474696 I | warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated
Failed to get the status of endpoint https://dev-vm-01.example.com:2379 (rpc error: code = 2 desc = auth: user name is empty)
Failed to get the status of endpoint https://dev-vm-02.example.com:2379 (rpc error: code = 2 desc = auth: user name is empty)
Failed to get the status of endpoint https://dev-vm-03.example.com:2379 (rpc error: code = 2 desc = auth: user name is empty)
+----------+----+---------+---------+-----------+-----------+------------+
| ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | RAFT TERM | RAFT INDEX |
+----------+----+---------+---------+-----------+-----------+------------+
+----------+----+---------+---------+-----------+-----------+------------+
[rm@dev-vm-01 etcd]$ sudo ETCDCTL_API=3 ./etcdctl --endpoints=https://dev-vm-01.example.com:2379 version
etcdctl version: 3.1.5
API version: 3.1
@heyitsanthony
Copy link
Contributor

it's been there since 3.1.1: 98c60e8

/cc @mitake

@raoofm
Copy link
Contributor Author

raoofm commented Apr 12, 2017

my bad, i was running 3.1.0 b4
@heyitsanthony any reason this requires auth.

@heyitsanthony
Copy link
Contributor

the auth requirement on Status can probably be relaxed

@mitake
Copy link
Contributor

mitake commented Apr 13, 2017

@raoofm @heyitsanthony I agree with relaxing the auth requirement of Status(). It doesn't need the protection unlike other maintenance RPCs.

mitake added a commit to mitake/etcd that referenced this issue Apr 13, 2017
@mitake
etcdserver: let Status() not require authentication
67f2e41 
The information that can be obtained with the RPC doesn't need to be
protected.

Fix etcd-io#7721
@mitake mitake mentioned this issue Apr 13, 2017
Merged
gyuho pushed a commit that referenced this issue Apr 13, 2017
@mitake @gyuho
etcdserver: let Status() not require authentication
9f7bb0d 
The information that can be obtained with the RPC doesn't need to be
protected.

Fix #7721
heyitsanthony pushed a commit to heyitsanthony/etcd that referenced this issue Apr 17, 2017
@mitake @heyitsanthony
etcdserver: let Status() not require authentication
c40f195 
The information that can be obtained with the RPC doesn't need to be
protected.

Fix etcd-io#7721
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mitake @raoofm @heyitsanthony