v3.3.0-rc.0

etcd v3.3.0-rc.0 is now public!

For the full list, please see CHANGELOG and v3.3 upgrade guide for any breaking changes.

Latest support status for common architectures and operating systems can be found at supported platforms.

Release signing key can be found at coreos.com/security/app-signing-key.

Improved

• #8009,#8210 *: use coreos/bbolt (replace boltdb/bolt)
  • #8985 vendor: coreos/bbolt v1.3.1-coreos.6
  • #8801 vendor: coreos/bbolt v1.3.1-coreos.5
    • coreos/bbolt#67 fix freelist corruption on tx.WriteTo
  • #8801 vendor: coreos/bbolt v1.3.1-coreos.3
  • #8620 vendor: coreos/bbolt v1.3.1-coreos.2
    • coreos/bbolt#51 tx: load freelist on Check()
  • #8436 vendor: coreos/bbolt v1.3.1-coreos.1
  • #8392 vendor: coreos/bbolt v1.3.1-coreos.0
    • coreos/bbolt#1 add option to skip freelist sync
    • coreos/bbolt#3 garbage collect pages allocated after minimum txid
    • coreos/bbolt#6 rebuild freelist when opening with FreelistSync after NoFreelistSync
    • coreos/bbolt#10 fix NoSyncFreelist reachability checking
    • coreos/bbolt#12 freelist: read all free pages on count overflow
• #8428 mvcc: Revisions() method for index to avoid key allocation
• #8475 mvcc: don't allocate keys when computing Revisions
• #8097,#8099 lease: rate limit revoke runLoop
• #8096,#8101 lease: randomize expiry on initial refresh call
• #8149 lessor: extend leases on promote if expires will be rate limited
• #7927,#8079,#8083 etcdserver: better warning when initial-cluster doesn't match advertise urls

Changed(Breaking Changes)

• #7909 etcdserver,embed, integration: don't use pointer for ServerConfig
• #6174 require Go 1.9+
  • #8511 deprecate golang.org/x/net/context
• gRPC upgrade to v1.7.5
  • grpc#1743,#9042 vendor: upgrade grpc/grpc-go to v1.7.5
  • #8904,#8972 vendor: upgrade grpc/grpc-go to v1.7.4
  • #8972 vendor: upgrade grpc/grpc-go to v1.7.4
  • #8873 vendor: upgrade grpc/grpc-go to v1.7.3
  • #8840 vendor: upgrade grpc/grpc-go to v1.7.2
  • #8625 vendor: upgrade grpc/grpc-go to v1.6.0
  • #8296 vendor: upgrade grpc/grpc-go to v1.5.1
  • #7888,#7896 grpc/grpc-go v1.4.1, grpc-gateway v1.2.2, metadata.Incoming/OutgoingContext
  • #8553 upgrade to grpclog.LoggerV2
  • #8504,#8505 clientv3: deprecate grpc.ErrClientConnTimeout errors
  • #8437 v3rpc: use MaxRecvMsgSize and MaxSendMsgSize to limit message size
• #8838,#8845 vendor: upgrade grpc-gateway to v1.3.0
• #9038 client/v3: translate gRPC status error in v3 Snapshot API
• Upgrade github.com/ugorji/go/codec for v2 client
  • #8574 client/v2: regenerate sources for client with new ugorji/go changes
  • #8574 client/v2: regenerate with latest ugorji/go/codec

Added

etcd

• #6925,#8407 add --experimental-enable-v2v3 flag to emulate v2 API with v3
• #7125,#8420 add --experimental-corrupt-check-time flag to raise corrupt alarm monitoring
• #8313,#8554 add --experimental-initial-corrupt-check flag to check kv hash before serving client/peer traffic
• #7826,#7976 add --max-txn-ops flag to configure maximum number operations in transaction
• #7923,#7968 add --max-request-bytes flag to configure maximum client request size
• #8098,#8123 add --auto-compaction-mode flag to support revision-based compaction
• #8503,#8563 update --auto-compaction-retention flag to accept string values to support finer granularity
• #8535 add --grpc-keepalive-* flags to configure server-side keepalive policies
• #8207,#8272 /health endpoint reports unhealthy when alarm is raised
• #8312 provide error information in /health, fix /health JSON output
• #8322 /health endpoint in grpc-proxy
• #8060,#8242 support additional /metrics endpoints
• #8226,#8282 /metrics in insecure port if metrics URL scheme is http
• #8810 move logging setup to embed package, disable gRPC server log by default
• #8507 lease: use monotime in time.Time for Go 1.9
• #8379,#8384 warn about empty hosts in advertise urls
• #8380,#8385 warn about shadowed environment variables

API

• #7924,#8025 ranges in txn comparisons
• #7857,#8102 nested txns
• #8324 lease comparison target in txn
• #8358 lease list
• #8016,#7976 hash by rev

clientv3

• #7247,#7941,#8545 health balancer to handle network partitions
  • #8601 wait for ConnectNotify before sending RPCs
  • #8660,#8669 balancer: handle network partition in health check
  • #8828,#8840 balancer: refactor health balancer
• kubernetes#46964,#8199 add keep-alive to connection
• kubernetes#51099,#9043,#9047 configurable gRPC message size limits
• #8324 accept Compare_LEASE in Compare()
• #8488 add LeaseValue helper to Cmp LeaseID values in Txn
• #7584,#8154 add MoveLeader to Maintenance
• #8348,#8351 add HashKV to Maintenance
• #8358 add Leases to Lease
• #7623,#8092 initial kv order caching

etcdctl

• #8479 v2: add backup --with-v3 flag
• #7584,#8154 v3: add move-leader command
• #8348,#8351 v3: add endpoint hashkv command
• #8358 v3: add lease list command
• #8440,#8462 v3: add --discovery-srv flag
• #8117,#8143 v3: add endpoint --cluster flag
• #8367 v3: add defrag --data-dir flag
• #8370 v3: add lock --ttl flag
• #8663 v3: add --keepalive-time, --keepalive-timeout flags
• kubernetes#51099,#9043,#9047 v3: add --max-send-bytes, --max-recv-bytes flags
• #8775 v3: add lease keep-alive --once flag
• #8814,#8919 v3: support watch key -- [exec-command…]
• #8672 v3: enable require-leader for watch command
• #8295,#8342 v3: exit non-zero on unhealthy ep command
• #8297 v3: print "del" instead of "delete" in txn interactive mode
• #8332 v3: print ETCD_INITIAL_ADVERTISE_PEER_URLS in member add

metrics

• #8948,#8960 add etcd_server_version metric
• #8050,#8064 add etcd_debugging_server_lease_expired_total metric
• #8280 mvcc: add metric for count of db key revisions compacted
• #8802,#8848,#8879 Documentation/op-guide: add rules for Prometheus 2.0
• #8878 initialize gRPC server metrics with zero values

grpc-gateway

• #8125,#8880 replace grpc-gateway endpoint with /v3beta
• #8838,#8845 vendor: upgrade grpc-gateway to v1.3.0
• #8237,#8257 embed: support websocket for bi-directional streams

grpc-proxy

• #6065,#8341 clientv3: Disconnected Linearized Reads
• #8315 experimental serializable ordering

Raft

• #8568,#8751 add non-voting member

Added/Fixed(Security/Auth)

• #8798,#8895 Documentation: explain TLS changes
  • #8262,#8616 CommonName(CN) based auth for inter peer connection
  • #8584,#8594 etcdserver: swap priority of cert CommonName(CN) and username + password
  • #8206,#8223 transport: accept connection if matched IP SAN but no DNS match
  • #8268,#8281 transport: use reverse lookup to match wildcard DNS SAN
  • #8445,#8884 Revert embed: fix HTTPS + DNS SRV discovery
• #4034,#8124 reject connections based on CRL file
• #8031 protecting lease revoking with auth
• #8157,#8164 allow users to know their roles and permissions
• golang/crypto@6c586e1,#8649 vendor: update golang.org/x/crypto/bcrypt
• #8608,#8695 auth: fix simpleToken to respect disabled state for assign

Fixed(v2)

• #8515,#8519 client: failover to next endpoint on oneshot failure
• #8062 v2http: put back /v2/machines and mark as non-deprecated

Fixed(v3)

• #8090 build-aci: fix ACI image name
• #8054 mvcc: count range/put/del operations for txns
• #8388,#8390 mvcc: reset keys gauge on restore
• #8080,#8120 mvcc: set db size metric on restore
• #8146,#8150 mvcc: use GaugeFunc metric to load db size when requested
• #8048,#8127 mvcc: restore into tree index with one key index
• #8411,#8427 mvcc: sending events after restore
• #8335 clientv3: put at most once
• #8494,#8514 etcdctl: handle empty key permission correctly
• #7889,#8010 v3rpc: treat nil txn request op as error
• #8231,#8283 v3rpc: set Canceled=true on compacted watch
• #6984,#8178,#8286 wal: fall back to closing wal if locked dir rename fails
• #8532,#8599 etcdserver: make peer dial timeout longer
• #8224,#8267 embed: wait up to request-timeout for pending RPCs when closing
• #8916,#8987 embed: fix *grpc.Server panic on GracefulStop with TLS-enabled server
• #8383,#8414 embed: associate peer serve() listener with corresponding peer
• #8406,#8306,#8442 concurrent auth ops don't cause old rev
• #8439 concurrency: retry snapshot serializable stm if writes since first header rev
• #8277 grpcproxy: return nil on receiving snapshot EOF
• #8366 grpcproxy: forward PrevKv flag in Put
• #8478,#8552 grpcproxy: respect KeysOnly flag
• #8542 vendor: upgrade go-systemd to v15 (see https://github.com/coreos/go-systemd/releases/tag/v15)

Other

• #8805 release: support to the previous two minor versions
• commit#e4e6147 op-guide/v2-migration: endpoint hashkv post migration
• #8369 Documentation/op-guide: add gcr.io image as alternative

Getting started

Linux

ETCD_VER=v3.3.0-rc.0

# choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/coreos/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}

rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test

curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz

/tmp/etcd-download-test/etcd --version
<<COMMENT
etcd Version: 3.3.0-rc.0
Git SHA: f7a395f
Go Version: go1.9.2
Go OS/Arch: linux/amd64
COMMENT

ETCDCTL_API=3 /tmp/etcd-download-test/etcdctl version
<<COMMENT
etcdctl version: 3.3.0-rc.0
API version: 3.3
COMMENT

# start a local etcd server
/tmp/etcd-download-test/etcd

# write,read to etcd
ETCDCTL_API=3 /tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
ETCDCTL_API=3 /tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)

ETCD_VER=v3.3.0-rc.0

# choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/coreos/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}

rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test

curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64

/tmp/etcd-download-test/etcd --version
ETCDCTL_API=3 /tmp/etcd-download-test/etcdctl version

Docker

etcd uses gcr.io/etcd-development/etcd as a primary container registry, and quay.io/coreos/etcd as secondary.

rm -rf /tmp/etcd-data.tmp && mkdir -p /tmp/etcd-data.tmp \
  docker rmi gcr.io/etcd-development/etcd:v3.3.0-rc.0 || true && \
  docker run \
  -p 2379:2379 \
  -p 2380:2380 \
  --mount type=bind,source=/tmp/etcd-data.tmp,destination=/etcd-data \
  --name etcd-gcr-v3.3.0-rc.0 \
  gcr.io/etcd-development/etcd:v3.3.0-rc.0 \
  /usr/local/bin/etcd \
  --name s1 \
  --data-dir /etcd-data \
  --listen-client-urls http://0.0.0.0:2379 \
  --advertise-client-urls http://0.0.0.0:2379 \
  --listen-peer-urls http://0.0.0.0:2380 \
  --initial-advertise-peer-urls http://0.0.0.0:2380 \
  --initial-cluster s1=http://0.0.0.0:2380 \
  --initial-cluster-token tkn \
  --initial-cluster-state new

docker exec etcd-gcr-v3.3.0-rc.0 /bin/sh -c "/usr/local/bin/etcd --version"
docker exec etcd-gcr-v3.3.0-rc.0 /bin/sh -c "ETCDCTL_API=3 /usr/local/bin/etcdctl version"
docker exec etcd-gcr-v3.3.0-rc.0 /bin/sh -c "ETCDCTL_API=3 /usr/local/bin/etcdctl endpoint health"

docker exec etcd-gcr-v3.3.0-rc.0 /bin/sh -c "ETCDCTL_API=3 /usr/local/bin/etcdctl put foo bar"
docker exec etcd-gcr-v3.3.0-rc.0 /bin/sh -c "ETCDCTL_API=3 /usr/local/bin/etcdctl get foo"

For more details, please check Docker guide.