You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
etcdctl --write-out=table --endpoints=https://foo.example.com:2379 endpoint health gives a false-negative cluster health indication:
+------------------------------+--------+-------------+--------------------------------+
| ENDPOINT | HEALTH | TOOK | ERROR |
+------------------------------+--------+-------------+--------------------------------+
| https://etc2.example.com:2379 | false | 47.552071ms | etcdserver: user name is empty |
| https://etc1.example.com:2379 | false | 48.137024ms | etcdserver: user name is empty |
| https://etc3.example.com:2379 | false | 48.444852ms | etcdserver: user name is empty |
+------------------------------+--------+-------------+--------------------------------+
Error: unhealthy cluster
This is unhelpful and misleading. If ectdctl was unable to determine the health of a cluster due to failed or missing authentication, it should not fallback to delivering an "unhealthy cluster" (or "false" in the node health).
What did you expect to happen?
Not report "false" on individual node health.
Not conclude "Error: unhealthy cluster"
How can we reproduce it (as minimally and precisely as possible)?
udf2457
changed the title
etcdctl false-negative "unhealthy cluster" when unauthicated
etcdctl false-negative "unhealthy cluster" when unauthenticated
Feb 12, 2022
An endpoint is considered unhealthy when it cannot participate in consensus with the rest of the cluster. Inaccessible endpoints, for whatever reason, is considered unhealthy in general and a related log message is provide per it's documented https://github.com/etcd-io/etcd/tree/main/etcdctl#output-15.
Another example of unreachable endpoint,
+-----------------------------+--------+-------------+---------------------------+
| ENDPOINT | HEALTH | TOOK | ERROR |
+-----------------------------+--------+-------------+---------------------------+
| http://foo.example.com:2379 | false | 5.00937926s | context deadline exceeded |
+-----------------------------+--------+-------------+---------------------------+
Error: unhealthy cluster
The cause of error is provided clearly, whether it's a missing credential, connection etc. Closing this issue as this logging behavior is documented and expected. Please reopen if needed. Thanks!
cc @serathius@ahrtr@ptabor
What happened?
etcdctl --write-out=table --endpoints=https://foo.example.com:2379 endpoint health
gives a false-negative cluster health indication:This is unhelpful and misleading. If
ectdctl
was unable to determine the health of a cluster due to failed or missing authentication, it should not fallback to delivering an "unhealthy cluster" (or "false" in the node health).What did you expect to happen?
Not report "false" on individual node health.
Not conclude "Error: unhealthy cluster"
How can we reproduce it (as minimally and precisely as possible)?
See above
Anything else we need to know?
No response
Etcd version (please run commands below)
Etcd configuration (command line flags or environment variables)
paste your configuration here
Etcd debug information (please run commands blow, feel free to obfuscate the IP address or FQDN in the output)
Relevant log output
No response
The text was updated successfully, but these errors were encountered: