main.yml

---

## Role variables

etcd_user: etcd
etcd_group: etcd
etcd_conf_dir: /etc/etcd
etcd_default_inventory_group: etcd
etcd_client_port: 2379
etcd_peer_port: 2380
etcd_bin_path: /usr/local/bin/etcd
etcd_client_protocol: "http{% if etcd_cert_file != '' and etcd_key_file != '' %}s{% endif %}"
etcd_peer_protocol: "http{% if etcd_peer_cert_file != '' and etcd_peer_key_file != '' %}s{% endif %}"
etcd_remote_cert_files: []

## ETCD configuration variables

# Member flags
etcd_node_name: "{{ inventory_hostname.split('.')[0] }}"
etcd_data_dir: /var/lib/etcd
etcd_wal_dir: ''
etcd_snapshot_count: 100000
etcd_heartbeat_interval: 100
etcd_election_timeout: 1000
etcd_initial_election_tick_advance: 'true'
etcd_listen_peer_urls: "{{ etcd_peer_protocol }}://{{ hostvars[inventory_hostname]['ansible_facts']['default_ipv4']['address'] }}:{{ etcd_peer_port }}"
etcd_listen_client_urls: "{{ etcd_client_protocol }}://{{ hostvars[inventory_hostname]['ansible_facts']['default_ipv4']['address'] }}:{{ etcd_client_port }},{{ etcd_client_protocol }}://127.0.0.1:{{ etcd_client_port }}"
etcd_max_snapshots: 5
etcd_max_wals: 5
etcd_quota_backend_bytes: 0
etcd_backend_batch_limit: 0
etcd_backend_bbolt_freelist_type: 'map'
etcd_backend_batch_interval: 0
etcd_max_txn_ops: 128
etcd_max_request_bytes: 1572864
etcd_grpc_keepalive_min_time: '5s'
etcd_grpc_keepalive_interval: '7200s'
etcd_grpc_keepalive_timeout: '20s'
etcd_socket_reuse_port: 'false'
etcd_socket_reuse_address: 'false'
# Clustering flags
etcd_initial_advertise_peer_urls: "{{ etcd_peer_protocol }}://{{ hostvars[inventory_hostname]['ansible_facts']['default_ipv4']['address'] }}:{{ etcd_peer_port }}"
etcd_initial_cluster: "{% for host in groups[etcd_default_inventory_group] %}{{ hostvars[host]['ansible_facts']['hostname'] }}={{ etcd_peer_protocol }}://{{ hostvars[host]['ansible_facts']['default_ipv4']['address'] }}:{{ etcd_peer_port }}{% if not loop.last %},{% endif %}{% endfor %}"
etcd_initial_cluster_state: new
etcd_initial_cluster_token: etcd-cluster
etcd_advertise_client_urls: "{{ etcd_client_protocol }}://{{ hostvars[inventory_hostname]['ansible_facts']['default_ipv4']['address'] }}:{{ etcd_client_port }}"
etcd_discovery: ""
etcd_discovery_srv: ""
etcd_discovery_srv_name: ""
etcd_discovery_fallback: 'proxy'
etcd_discovery_proxy: ""
etcd_strict_reconfig_check: 'true'
etcd_pre_vote: 'true'
etcd_auto_compaction_retention: 0
etcd_auto_compaction_mode: periodic
etcd_enable_v2: 'false'
etcd_v2_deprecation: 'not-yet'
# Proxy flags
etcd_proxy: 'off'
etcd_proxy_failure_wait: 5000
etcd_proxy_refresh_interval: 30000
etcd_proxy_dial_timeout: 1000
etcd_proxy_write_timeout: 5000
etcd_proxy_read_timeout: 0
## Security flags
etcd_cert_file: ""
etcd_key_file: ""
etcd_client_cert_auth: 'false'
etcd_client_crl_file: ""
etcd_client_cert_allowed_hostname: ""
etcd_trusted_ca_file: ""
etcd_auto_tls: 'false'
etcd_peer_cert_file: ""
etcd_peer_key_file: ""
etcd_peer_client_cert_auth: 'false'
etcd_self_signed_cert_validity: 1
etcd_peer_crl_file: ''
etcd_peer_trusted_ca_file: ""
etcd_peer_auto_tls: 'false'
etcd_peer_cert_allowed_cn: ""
etcd_peer_cert_allowed_hostname: ""
etcd_cipher_suites: "TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
etcd_cors: "\"*\""
etcd_host_whitelist: "\"*\""
# Logging flags
etcd_logger: 'zap'
etcd_log_outputs: 'stderr'
etcd_log_level: info
etcd_enable_log_rotation: 'false'
etcd_log_rotation_config_json: '{"maxsize": 100, "maxage": 0, "maxbackups": 0, "localtime": false, "compress": false}'
etcd_debug: 'false'
etcd_log_package_levels: ""
# Experimental distributed flags
etcd_experimental_enable_distributed_tracing: 'false'
etcd_experimental_distributed_tracing_address: 'localhost:4317'
etcd_experimental_distributed_tracing_service_name: 'etcd'
etcd_experimental_distributed_tracing_instance_id: ''
# Unsafe flags
etcd_force_new_cluster: 'false'  # be careful changing this value!
etcd_unsafe_no_fsync: 'false'  # be careful changing this value!
# Miscellaneous flags
etcd_version: 'false'
etcd_config_file: /etc/etcd/etcd.conf.yaml  # this param won't be in config file, only in systemd unit
# Profiling flags
etcd_enable_pprof: 'false'
etcd_metrics: basic
etcd_listen_metrics_urls: ""
# Auth flags
etcd_auth_token: simple
etcd_bcrypt_cost: 10
etcd_auth_token_ttl: 300
# Experimental flags
etcd_experimental_initial_corrupt_check: 'false'
etcd_experimental_corrupt_check_time: 0
etcd_experimental_enable_v2v3: ""
etcd_experimental_enable_lease_checkpoint: 'false'
etcd_experimental_compaction_batch_limit: 1000
etcd_experimental_peer_skip_client_san_verification: 'false'
etcd_experimental_watch_progress_notify_interval: '600s'
etcd_experimental_warning_apply_duration: '100ms'
etcd_experimental_txn_mode_write_with_shared_buffer: 'true'
etcd_experimental_bootstrap_defrag_threshold_megabytes: