Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

etcdserver: check kv hash before serving client/peer traffic #8313

Closed
heyitsanthony opened this issue Jul 26, 2017 · 0 comments
Closed

etcdserver: check kv hash before serving client/peer traffic #8313

heyitsanthony opened this issue Jul 26, 2017 · 0 comments
Assignees
@gyuho
Labels
area/performance
Milestone
v3.3.0

Comments

@heyitsanthony
Copy link
Contributor

Even with a corruption alarm, an inconsistent etcd member can serve corrupted data to clients between the time of boot and detection. This is undesirable in cases where corruption can't be tolerated (e.g., serving disk geometry data). Worse, if the corruption is on a leader, it's possible it will further propagate the corruption by sending snapshots to other members.

Instead, if a member can contact the client addresses of its peers, it should first fetch hashes from the other members at a known revision and compare before serving any client requests. If the hashes don't match, the server will print a fatal and terminate. This will stop etcd from initializing with inconsistent data in most cases.

Related: #8214
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gyuho gyuho

Labels
area/performance
Milestone
v3.3.0
Development

No branches or pull requests
2 participants
@gyuho @heyitsanthony