# Environment file for etcd {{ etcd_version }} ETCD_DATA_DIR={{ etcd_data_dir }} ETCD_ADVERTISE_CLIENT_URLS={{ etcd_client_url }} ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_peer_url }} ETCD_INITIAL_CLUSTER_STATE={% if etcd_cluster_is_healthy.rc == 0 | bool %}existing{% else %}new{% endif %} ETCD_METRICS={{ etcd_metrics }} {% if etcd_metrics_port is defined %} ETCD_LISTEN_METRICS_URLS=http://{{ etcd_address | ipwrap }}:{{ etcd_metrics_port }},http://127.0.0.1:{{ etcd_metrics_port }} {% endif %} ETCD_LISTEN_CLIENT_URLS=https://{{ etcd_address | ipwrap }}:2379,https://127.0.0.1:2379 ETCD_ELECTION_TIMEOUT={{ etcd_election_timeout }} ETCD_HEARTBEAT_INTERVAL={{ etcd_heartbeat_interval }} ETCD_INITIAL_CLUSTER_TOKEN=k8s_etcd ETCD_LISTEN_PEER_URLS=https://{{ etcd_address | ipwrap }}:2380 ETCD_NAME={{ etcd_member_name }} ETCD_PROXY=off ETCD_INITIAL_CLUSTER={{ etcd_peer_addresses }} ETCD_AUTO_COMPACTION_RETENTION={{ etcd_compaction_retention }} {% if etcd_snapshot_count is defined %} ETCD_SNAPSHOT_COUNT={{ etcd_snapshot_count }} {% endif %} {% if etcd_quota_backend_bytes is defined %} ETCD_QUOTA_BACKEND_BYTES={{ etcd_quota_backend_bytes }} {% endif %} {% if etcd_max_request_bytes is defined %} ETCD_MAX_REQUEST_BYTES={{ etcd_max_request_bytes }} {% endif %} {% if etcd_log_package_levels is defined %} ETCD_LOG_PACKAGE_LEVELS={{ etcd_log_package_levels }} {% endif %} {% if etcd_max_snapshots is defined %} ETCD_MAX_SNAPSHOTS={{ etcd_max_snapshots }} {% endif %} {% if etcd_max_wals is defined %} ETCD_MAX_WALS={{ etcd_max_wals }} {% endif %} # Flannel need etcd v2 API ETCD_ENABLE_V2=true # TLS settings ETCD_TRUSTED_CA_FILE={{ etcd_cert_dir }}/ca.pem ETCD_CERT_FILE={{ etcd_cert_dir }}/member-{{ inventory_hostname }}.pem ETCD_KEY_FILE={{ etcd_cert_dir }}/member-{{ inventory_hostname }}-key.pem ETCD_CLIENT_CERT_AUTH={{ etcd_secure_client | lower}} ETCD_PEER_TRUSTED_CA_FILE={{ etcd_cert_dir }}/ca.pem ETCD_PEER_CERT_FILE={{ etcd_cert_dir }}/member-{{ inventory_hostname }}.pem ETCD_PEER_KEY_FILE={{ etcd_cert_dir }}/member-{{ inventory_hostname }}-key.pem ETCD_PEER_CLIENT_CERT_AUTH={{ etcd_peer_client_auth }} {% if etcd_tls_cipher_suites is defined %} ETCD_CIPHER_SUITES={% for tls in etcd_tls_cipher_suites %}{{ tls }}{{ "," if not loop.last else "" }}{% endfor %} {% endif %} {% for key, value in etcd_extra_vars.items() %} {{ key }}={{ value }} {% endfor %} {% if host_architecture != "amd64" -%} ETCD_UNSUPPORTED_ARCH={{host_architecture}} {%- endif %} # CLI settings ETCDCTL_ENDPOINTS=https://127.0.0.1:2379 ETCDCTL_CACERT={{ etcd_cert_dir }}/ca.pem ETCDCTL_KEY={{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem ETCDCTL_CERT={{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem # ETCD 3.5.x issue # https://groups.google.com/a/kubernetes.io/g/dev/c/B7gJs88XtQc/m/rSgNOzV2BwAJ?utm_medium=email&utm_source=footer ETCD_EXPERIMENTAL_INITIAL_CORRUPT_CHECK={{ etcd_experimental_initial_corrupt_check }}