diff --git a/CHANGELOG.md b/CHANGELOG.md index 0b364270db..c724e00d72 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,9 +7,11 @@ * [ENHANCEMENT] Distributor: Added `max_inflight_push_requests` config to ingester client to protect distributor from OOMKilled. #5917 * [ENHANCEMENT] Distributor/Querier: Clean stale per-ingester metrics after ingester restarts. #5930 * [ENHANCEMENT] Distributor/Ring: Allow disabling detailed ring metrics by ring member. #5931 +* [ENHANCEMENT] KV: Etcd Added etcd.ping-without-stream-allowed parameter to disable/enable PermitWithoutStream #5933 * [CHANGE] Upgrade Dockerfile Node version from 14x to 18x. #5906 * [BUGFIX] Configsdb: Fix endline issue in db password. #5920 + ## 1.17.0 2024-04-30 * [CHANGE] Azure Storage: Upgraded objstore dependency and support Azure Workload Identity Authentication. Added `connection_string` to support authenticating via SAS token. Marked `msi_resource` config as deprecating. #5645 diff --git a/docs/configuration/arguments.md b/docs/configuration/arguments.md index 18ddf0ea89..145a5caea9 100644 --- a/docs/configuration/arguments.md +++ b/docs/configuration/arguments.md @@ -160,6 +160,9 @@ prefix these flags with `distributor.ha-tracker.` The trusted CA file path. - `etcd.tls-insecure-skip-verify` Skip validating server certificate. +- `etcd.ping-without-stream-allowd'` + Enable/Disable PermitWithoutStream parameter + #### memberlist diff --git a/docs/configuration/config-file-reference.md b/docs/configuration/config-file-reference.md index cdda0a3955..ed4234384c 100644 --- a/docs/configuration/config-file-reference.md +++ b/docs/configuration/config-file-reference.md @@ -2606,6 +2606,10 @@ The `etcd_config` configures the etcd client. The supported CLI flags `` # Etcd password. # CLI flag: -.etcd.password [password: | default = ""] + +# Send Keepalive pings with no streams. +# CLI flag: -.etcd.ping-without-stream-allowed +[ping-without-stream-allowed: | default = true] ``` ### `fifo_cache_config` diff --git a/pkg/ring/kv/etcd/etcd.go b/pkg/ring/kv/etcd/etcd.go index 34cc9d4752..ca7dcf050a 100644 --- a/pkg/ring/kv/etcd/etcd.go +++ b/pkg/ring/kv/etcd/etcd.go @@ -27,8 +27,9 @@ type Config struct { EnableTLS bool `yaml:"tls_enabled"` TLS cortextls.ClientConfig `yaml:",inline"` - UserName string `yaml:"username"` - Password string `yaml:"password"` + UserName string `yaml:"username"` + Password string `yaml:"password"` + PermitWithoutStream bool `yaml:"ping-without-stream-allowed"` } // Clientv3Facade is a subset of all Etcd client operations that are required @@ -59,6 +60,7 @@ func (cfg *Config) RegisterFlagsWithPrefix(f *flag.FlagSet, prefix string) { f.BoolVar(&cfg.EnableTLS, prefix+"etcd.tls-enabled", false, "Enable TLS.") f.StringVar(&cfg.UserName, prefix+"etcd.username", "", "Etcd username.") f.StringVar(&cfg.Password, prefix+"etcd.password", "", "Etcd password.") + f.BoolVar(&cfg.PermitWithoutStream, prefix+"etcd.ping-without-stream-allowed", true, "Send Keepalive pings with no streams.") cfg.TLS.RegisterFlagsWithPrefix(prefix+"etcd", f) } @@ -102,7 +104,7 @@ func New(cfg Config, codec codec.Codec, logger log.Logger) (*Client, error) { // to server without any active streams (enabled) DialKeepAliveTime: 10 * time.Second, DialKeepAliveTimeout: 2 * cfg.DialTimeout, - PermitWithoutStream: true, + PermitWithoutStream: cfg.PermitWithoutStream, TLS: tlsConfig, Username: cfg.UserName, Password: cfg.Password,