search

kelseyhightower / confd

Manage local application configuration files using templates and data from etcd or consul
MIT License
8.35k stars 1.42k forks source link

etcd backend proxy mode #456

Open ghost opened 8 years ago

ghost commented 8 years ago

As far as i understand https://github.com/kelseyhightower/confd/issues/319, this issue should be fixed. But in version confd 0.12.0-dev, confd still uses the advertised backends instead of the proxy.

2016-06-20T14:12:22Z bonobo confd[112]: INFO Backend set to etcd 2016-06-20T14:12:22Z bonobo confd[112]: INFO Starting confd 2016-06-20T14:12:22Z bonobo confd[112]: INFO Backend nodes set to 127.0.0.1:8080 2016-06-20T14:12:26Z bonobo confd[112]: ERROR 501: All the given peers are not reachable (failed to propose on members [https://xxx:2379 https://xxx:4001 https://xxx:2379 https://xxx:4001] twice [last error: Get https://xxx:2379/v2/keys/ceph-config/ceph/auth?quorum=false&recursive=true&sorted=true: remote error: bad certificate]) [0] Waiting for confd to write initial templates...

The proxy is used as a local gateway to an tls secured etcd cluster. So confd should only use the proxy.

pclalv commented 7 years ago

this turned out not to be an issue for me. with confd 0.11, i was running:

confd -onetime \
  -backend=etcd \
  -client-cert=/etc/ssl/etcd/cert.pem \
  -client-key=/etc/ssl/etcd/cert-key.pem \
  -node=127.0.0.1:2379 \
  -scheme=http

with confd 0.12, this works: 

confd -onetime \
  -backend=etcd \
  -node=http://127.0.0.1:2379

in particular, -node=127.0.0.1:2379 becomes -node=http://127.0.0.1:2379