Documentation/op-guide: add security guide link to clustering.md

Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
etcd-io · Nov 15, 2017 · 37b3108 · 37b3108
1 parent 9b772ba
commit 37b3108
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/Documentation/op-guide/clustering.md b/Documentation/op-guide/clustering.md
@@ -456,6 +456,8 @@ $ etcd --name infra2 \
 --listen-peer-urls http://10.0.1.12:2380
 ```
 
+Since v3.1.0 (except v3.2.9), when `etcd --discovery-srv=example.com` is configured with TLS, server will only authenticate peers/clients when the provided certs have root domain `example.com` as an entry in Subject Alternative Name (SAN) field. See [Notes for DNS SRV][security-guide-dns-srv].
+
 ### Gateway
 
 etcd gateway is a simple TCP proxy that forwards network data to the etcd cluster. Please read [gateway guide][gateway] for more information.
@@ -475,5 +477,6 @@ To setup an etcd cluster with proxies of v2 API, please read the the [clustering
 [proxy]: https://github.com/coreos/etcd/blob/release-2.3/Documentation/proxy.md
 [clustering_etcd2]: https://github.com/coreos/etcd/blob/release-2.3/Documentation/clustering.md
 [security-guide]: security.md
+[security-guide-dns-srv]: security.md#notes-for-dns-srv
 [tls-setup]: ../../hack/tls-setup
 [gateway]: gateway.md