davissp14 / etcdv3-ruby Goto Github PK

• watch - Watches events stream on keys or prefixes

https://github.com/coreos/etcd/blob/master/etcdserver/etcdserverpb/rpc.proto#L520

Timeout related specs appear to break due to gRPC changes in v1.8.0.

Branch to reproduce: https://github.com/davissp14/etcdv3-ruby/tree/grpc-update

Travis Build reference:
https://travis-ci.org/davissp14/etcdv3-ruby/jobs/374700857

cc:// @mgates

Since reconnection attempts are made using recursion, if all etcd3 endpoints go away, the application will die with stack too deep exception:

Failed to connect to endpoint 'localhost:2379'
Failover event triggered. Failing over to 'localhost:2379'
Traceback (most recent call last):
        10079: from test.rb:4:in `<main>'
        10078: from /home/wolf/devel/etcdv3-ruby/lib/etcdv3.rb:126:in `put'
        10077: from /home/wolf/devel/etcdv3-ruby/lib/etcdv3/connection_wrapper.rb:13:in `handle'
        10076: from /home/wolf/devel/etcdv3-ruby/lib/etcdv3/connection_wrapper.rb:21:in `rescue in handle'
        10075: from /home/wolf/devel/etcdv3-ruby/lib/etcdv3/connection_wrapper.rb:13:in `handle'
        10074: from /home/wolf/devel/etcdv3-ruby/lib/etcdv3/connection_wrapper.rb:21:in `rescue in handle'
        10073: from /home/wolf/devel/etcdv3-ruby/lib/etcdv3/connection_wrapper.rb:13:in `handle'
        10072: from /home/wolf/devel/etcdv3-ruby/lib/etcdv3/connection_wrapper.rb:21:in `rescue in handle'
         ... 10067 levels...
            4: from /home/wolf/devel/etcdv3-ruby/.bundle/vendor/ruby/2.5.0/gems/grpc-1.18.0-x86_64-linux/src/ruby/lib/grpc/generic/active_call.rb:377:in `request_response'
            3: from /home/wolf/devel/etcdv3-ruby/.bundle/vendor/ruby/2.5.0/gems/grpc-1.18.0-x86_64-linux/src/ruby/lib/grpc/generic/active_call.rb:181:in `attach_status_results_and_complete_call'
            2: from /home/wolf/devel/etcdv3-ruby/.bundle/vendor/ruby/2.5.0/gems/grpc-1.18.0-x86_64-linux/src/ruby/lib/grpc/generic/active_call.rb:31:in `check_status'
            1: from /home/wolf/devel/etcdv3-ruby/.bundle/vendor/ruby/2.5.0/gems/grpc-1.18.0-x86_64-linux/src/ruby/lib/grpc/errors.rb:77:in `new_status_exception'
/home/wolf/devel/etcdv3-ruby/.bundle/vendor/ruby/2.5.0/gems/grpc-1.18.0-x86_64-linux/src/ruby/lib/grpc/errors.rb:77:in `new': stack level too deep (SystemStackError)

Patch incomming.

If connection to etcd3 is lost or credentials expires, the timeout is not honored.

+:( $ cat test.rb
require "etcdv3"

conn = Etcdv3.new(endpoints: 'http://localhost:2379, http://localhost:2379')
conn.put('foo', 'bar', timeout: 1)

should die after 1 second with timeout error, instead:

Traceback (most recent call last):
        10079: from test.rb:4:in `<main>'
        10078: from /home/wolf/devel/etcdv3-ruby/lib/etcdv3.rb:126:in `put'
        10077: from /home/wolf/devel/etcdv3-ruby/lib/etcdv3/connection_wrapper.rb:13:in `handle'
        10076: from /home/wolf/devel/etcdv3-ruby/lib/etcdv3/connection_wrapper.rb:21:in `rescue in handle'
        10075: from /home/wolf/devel/etcdv3-ruby/lib/etcdv3/connection_wrapper.rb:13:in `handle'
        10074: from /home/wolf/devel/etcdv3-ruby/lib/etcdv3/connection_wrapper.rb:21:in `rescue in handle'
        10073: from /home/wolf/devel/etcdv3-ruby/lib/etcdv3/connection_wrapper.rb:13:in `handle'
        10072: from /home/wolf/devel/etcdv3-ruby/lib/etcdv3/connection_wrapper.rb:21:in `rescue in handle'
         ... 10067 levels...
            4: from /home/wolf/devel/etcdv3-ruby/.bundle/vendor/ruby/2.5.0/gems/grpc-1.18.0-x86_64-linux/src/ruby/lib/grpc/generic/active_call.rb:377:in `request_response'
            3: from /home/wolf/devel/etcdv3-ruby/.bundle/vendor/ruby/2.5.0/gems/grpc-1.18.0-x86_64-linux/src/ruby/lib/grpc/generic/active_call.rb:181:in `attach_status_results_and_complete_call'
            2: from /home/wolf/devel/etcdv3-ruby/.bundle/vendor/ruby/2.5.0/gems/grpc-1.18.0-x86_64-linux/src/ruby/lib/grpc/generic/active_call.rb:31:in `check_status'
            1: from /home/wolf/devel/etcdv3-ruby/.bundle/vendor/ruby/2.5.0/gems/grpc-1.18.0-x86_64-linux/src/ruby/lib/grpc/errors.rb:77:in `new_status_exception'
/home/wolf/devel/etcdv3-ruby/.bundle/vendor/ruby/2.5.0/gems/grpc-1.18.0-x86_64-linux/src/ruby/lib/grpc/errors.rb:77:in `new': stack level too deep (SystemStackError)

real    0m4.262s
user    0m2.497s
sys     0m0.416s

Stack overflow is due to #130, but after that it solved, it will not honor the timeout (as it is not).

Patch incoming.

Auth

• auth_enable - Enables authentication
• auth_disable - Disables authentication

Alarms

• alarm_deactivate - Disarms all alarms
• alarm_list - Lists all alarms

Cluster

• member_add - Adds a member into the cluster
• member_remove - Removes a member from the cluster
• member_update - Updates a member in the cluster
• member_list - Lists all members in the cluster

Keys

• put - Puts the given key into the store
• get - Gets the key or a range of keys
• del - Removes the specified key or range of keys
• transaction - Txn processes all the requests in one transaction

Leases

• lease_grant - Creates leases
• lease_revoke - Revokes leases
• lease_ttl - Get lease information
• lease keep-alive - Keeps leases alive (renew)

Maintenance

• compaction - Compacts the event history in etcd
• defrag - Defragments the storage of the etcd members with given endpoints
• hash_kv - HashKV returns a hash of the KV state at the time of the RPC.
• move_leader - MoveLeader requests current leader to transfer its leadership to the
  transferee. Request must be made to the leader.

Misc.

• version - Lists the active Etcd version
• leader_id - Lists the current leader id
• db_size - Current db size in bytes

Roles

• role_add - Adds a new role
• role_delete - Deletes a role
• role_get - Gets detailed information of a role
• role_list - Lists all roles
• role_grant_permission - Grants a key to a role
• role_revoke_permission - Revokes a key from a role

Snapshots

• snapshot_save - Stores an etcd node backend snapshot to a given file
• snapshot_restore - Restores an etcd member snapshot to an etcd directory
• snapshot_status - Gets backend snapshot status of a given file

Users

• user_add - Adds a new user
• user_delete - Deletes a user
• user get - Gets detailed information of a user
• user list - Lists all users
• user_change_password - Changes password of user
• user_grant_role - Grants a role to a user
• user_revoke_role - Revokes a role from a user

Watch

• watch - Watches events stream on keys or prefixes

Lock

• lock - Distributed lock support

These things are starting to get a little messy and hard to work with.

It looks like if the etcd cluster is unreachable then the client spins with Failed to connect to endpoint 'example.com:2379'. I think the desired behavior would be it should try each endpoint once, and if there is only one endpoint, it should raise immediately.

It also looks like there is retry parameter that a user could use to adjust this further.

There are two issues as I see it

• The infinite recursion
• The retry parameter isn't used / cannot be set

I can totally take a stab at it if you like! Just let me know, thanks!

• snapshot save - Stores an etcd node backend snapshot to a given file
• snapshot restore - Restores an etcd member snapshot to an etcd directory
• snapshot status - Gets backend snapshot status of a given file

This happens when the connection has been sitting idle for a while (5 min) and the token expires. In the event this happens, we need to re-authenticate and retry the operation.

Hey - I was wondering if you'd be in favor of a method to do a put and generate a lease for it with one method call, maybe something like conn.put_with_lease "foo", "bar", ttl: 60, or maybe just another option on the current put method. This would be nice for me, but I also understand if you'd like the library to match the protocol semantics more closely.

https://github.com/mperham/connection_pool seems like it would do the job just fine.

Return something a bit nicer than the current Protobuf / Etcdserverpb response.

For high availability purposes, the user should be able to specify multiple endpoints. In the event the active endpoint becomes unresponsive, we should look to try and establish a new connection using a different endpoint.

• version - Prints the version of etcdctl

• member add Adds a member into the cluster
• member remove Removes a member from the cluster
• member update Updates a member in the cluster
• member list Lists all members in the cluster

• alarm disarm - Disarms all alarms
• alarm list - Lists all alarms

Make whatever changes necessary to support 3.2

Consider using HashWithIndifferentAccess. The hash / symbol craziness with hash keys is one of my biggest gripes with Ruby.

It looks like if the etcd cluster is unreachable then the client spins with Failed to connect to endpoint 'example.com:2379'. I think the desired behavior would be it should try each endpoint once, and if there is only one endpoint, it should raise immediately.

It also looks like there is retry parameter that a user could use to adjust this further.

There are two issues as I see it

• The infinite recursion
• The retry parameter isn't used / cannot be set

I can totally take a stab at it if you like! Just let me know, thanks!

Return true if token already exists instead of regenerating a new token each time.

Add authenticate(user, pass) that can be used post enabling authentication. This would set the username and password as well as set the auth token on the connection.

Not sure if we want to be specific about which alarms to deactivate or just generalize it and always attempt to disarm everything.
https://github.com/davissp14/etcdv3-ruby/blob/master/lib/etcdv3/etcdrpc/rpc_pb.rb#L407

Allow users to specify client / server-side certificates.

When using namespaces, if you issue something like:

 conn.del("", "\0")

It will delete everything and break the contract the namespace is mean't to provide.

Namespacing is a common pattern in key/value stores when multiple application usages are present as a strategy to avoid name conflicts and data leakage. Support for this pattern is found with Ruby libraries for Memcached and Redis and the Go language Etcd client.

An implementation of this might look like passing a namespace constructor argument, similar to timeout: Etcdv3.new(:endpoints => “http://foo”, :namespace => “app1:”) - calls to this object would then operate on keys within the namespace with a prefix in a transparent way that does not require the caller to remember to add or remove this prefix.

While investigating how to potentially add support for this feature, we noted that calls return the Protobuf generated objects which have immutable strings. This means that for instance a get request would have a response that would have the prefixed key in the result: <Mvccp:KeyValue: key: “namespace:foo” … - which could lead to errors if this value is read and subsequently used. Since this object cannot be modified to solve this problem we would need to wrap this in a proxy object.

We were hoping to get your thoughts on this approach and issue before digging into this further as this is a pretty significant change even if the interface does not change.

cc/ @mgates

• lease docs in readme
• lease grant Creates leases
• lease revoke Revokes leases
• lease timetolive Get lease information
• lease keep-alive Keeps leases alive (renew)

When I try to run travis job against etcd v3.3.10, it timeouts and shows lots of fails. Weird thing is that everything works just fine on my machine. Any idea what could be wrong?

https://travis-ci.org/graywolf-at-work/etcdv3-ruby/jobs/466079241

I would be more than happy to help debug this but tbh I'm out of ideas where to look.

If there's a local etcd running when you initiate rspec, it will run against the active instance. If this is the case, we should raise an exception and encourage users to configure a custom port range for their test environment.

Hello,
Ubuntu Bionic is shipping with Ruby 2.5.0 so when trying to install etcdv3 it will fail because the grpc dependency selects an older version (1.7.0) instead of the later versions that supports ruby 2.5.
Supports for ruby 2.5 in grpc gem is starting at 1.9.0

I assume this is still blocked by issue #114

2018-07-25 09:50:27.017262 | ubuntu-bionic | Fetching grpc 1.7.0 (x86_64-linux)
2018-07-25 09:50:27.538272 | ubuntu-bionic | Installing grpc 1.7.0 (x86_64-linux)
2018-07-25 09:50:28.081327 | ubuntu-bionic | Gem::RuntimeRequirementNotMetError: grpc requires Ruby version < 2.5, >= 2.0.
2018-07-25 09:50:28.081473 | ubuntu-bionic | The current ruby version is 2.5.0.
2018-07-25 09:50:28.081641 | ubuntu-bionic | An error occurred while installing grpc (1.7.0), and Bundler cannot continue.
2018-07-25 09:50:28.081804 | ubuntu-bionic | Make sure that `gem install grpc -v '1.7.0' --source 'https://rubygems.org/'`
2018-07-25 09:50:28.081877 | ubuntu-bionic | succeeds before bundling.
2018-07-25 09:50:28.081916 | ubuntu-bionic |
2018-07-25 09:50:28.082059 | ubuntu-bionic | In Gemfile:
2018-07-25 09:50:28.082349 | ubuntu-bionic |   puppet-openstack_spec_helper was resolved to 12.0.0, which depends on
2018-07-25 09:50:28.082473 | ubuntu-bionic |     etcdv3 was resolved to 0.8.3, which depends on
2018-07-25 09:50:28.082521 | ubuntu-bionic |       grpc

Add support for command timeouts.

#99

Haven't quite figured out how to properly handle bidirectional streams. There seems to be very little documentation on it.

Grpc docs: https://github.com/grpc/grpc.github.io/blob/master/docs/tutorials/basic/ruby.md

• auth enable - Enables authentication
• auth disable - Disables authentication
• user add - Adds a new user
• user delete - Deletes a user
• user get - Gets detailed information of a user
• user list - Lists all users
• user passwd - Changes password of user
• user grant-role - Grants a role to a user
• user revoke-role - Revokes a role from a user
• role add - Adds a new role
• role delete - Deletes a role
• role get - Gets detailed information of a role
• role list - Lists all roles
• role grant-permission - Grants a key to a role
• role revoke-permission - Revokes a key from a role

Ran into some issues running this with Ruby 2.2.X.

Need to pass metadata to both user_delete and user_get methods in order for these commands to work when auth is enabled.