?Etcd租约即对特定的key实现时间控制处理。
本文包含了其关键操作梳理及特点分析,还不收藏等啥呢。
目录
创建一个240秒的租约:
docker exec etcd_test etcdctl lease grant 240???????????????????????????
lease 5a578262b3f6f545 granted with TTL(240s)设置一个值/abc
docker exec etcd_test etcdctl put /abc ?111? --user=root:root
OK查看该租约已经在自动减少中:
docker exec etcd_test etcdctl lease timetolive 5a578262b3f6f545
lease 5a578262b3f6f545 granted with TTL(240s), remaining(198s)给 /abc绑定租约:
docker exec etcd_test etcdctl put --lease=5a578262b3f6f545 /abc? 111 --user=root:root
OK查看一下/abc:
docker exec etcd_test etcdctl get /abc --user=root:root?????
/abc
111等到租约失效时:
docker exec etcd_test etcdctl lease timetolive 5a578262b3f6f545
lease 5a578262b3f6f545 already expired再次查看该key,发现已被删除。
也就是说,当对指定key设置租约,租约过期后如未续约则会自动删除对应的key。
如果给已过期的租约进行续约:
docker exec etcd_test etcdctl lease keep-alive 5a57833bbf5edc50 --user=root:root
lease 5a57833bbf5edc50 expired or revoked.会提示租约已经过期或者被撤销了,因此续约不成功。
注意,续约时不涉及专门的key,而是针对leaseID进行的操作。
创建一个60秒的租约,并绑定key:
docker exec etcd_test etcdctl lease grant 60
lease 5a57833bbf5edc5b granted with TTL(60s)
# docker exec etcd_test etcdctl put --lease=5a57833bbf5edc5b /abc? 111 --user=root:root
OK续约:
docker exec etcd_test etcdctl lease keep-alive 5a57833bbf5edc5b --user=root:root
lease 5a57833bbf5edc5b keepalived with TTL(60)
lease 5a57833bbf5edc5b keepalived with TTL(60)
lease 5a57833bbf5edc5b keepalived with TTL(60)
……(经过确认,每20秒打印一次)
经过调查,etcd主动给?Lease?进行续约,是以小于?TTL?的间隔来循环调用,可以想的到,如果比租期时间长,则已经过期了才续约就晚了)
每续约一次打印一次lease 5a57833bbf5edc5b keepalived with TTL(60)
快速查看租约的剩余时间:
docker exec etcd_test etcdctl lease timetolive 5a57833bbf5edc79
lease 5a57833bbf5edc79 granted with TTL(60s), remaining(41s)
# docker exec etcd_test etcdctl lease timetolive 5a57833bbf5edc79
lease 5a57833bbf5edc79 granted with TTL(60s), remaining(40s)
# docker exec etcd_test etcdctl lease timetolive 5a57833bbf5edc79
lease 5a57833bbf5edc79 granted with TTL(60s), remaining(40s)
# docker exec etcd_test etcdctl lease timetolive 5a57833bbf5edc79
lease 5a57833bbf5edc79 granted with TTL(60s), remaining(59s)可以看到每次到40秒时就会立即恢复为60秒。
需要指出的是,代码调用时也包含了续约单次
KeepAlive?:自动定时的续约某个租约;
KeepAliveOnce?:仅续约一次;
docker exec etcd_test etcdctl lease revoke 5a57833bbf5edc5b --user=root:root
lease 5a57833bbf5edc5b revoked撤销后再次查看,已经过期:
docker exec etcd_test etcdctl lease timetolive 5a57833bbf5edc5b
lease 5a57833bbf5edc5b already expired提示:在keep-alive自动续约那边中断,不能达到撤销/销毁租约的目的
?
!续约期间删除对应的key是什么情况?
docker exec etcd_test etcdctl del /abc --user=root:root
1
# docker exec etcd_test etcdctl del /abc --user=root:root
0
# docker exec etcd_test etcdctl lease timetolive 5a57833bbf5edc79
lease 5a57833bbf5edc79 granted with TTL(60s), remaining(54s)
# docker exec etcd_test etcdctl lease timetolive 5a57833bbf5edc79
lease 5a57833bbf5edc79 granted with TTL(60s), remaining(52s)
# docker exec etcd_test etcdctl lease timetolive 5a57833bbf5edc79
lease 5a57833bbf5edc79 granted with TTL(60s), remaining(42s)
# docker exec etcd_test etcdctl lease timetolive 5a57833bbf5edc79
lease 5a57833bbf5edc79 granted with TTL(60s), remaining(59s)可以看到,删除key后,不影响租约,租约依旧自动续期。
docker exec etcd etcdctl --help
或只看租约相关操作:
docker exec etcd etcdctl lease --help
NAME:
? ? ? ? etcdctl - A simple command line client for etcd3.
USAGE:
? ? ? ? etcdctl [flags]
VERSION:
? ? ? ? 3.5.2
API VERSION:
? ? ? ? 3.5
COMMANDS:
? ? ? ? alarm disarm ? ? ? ? ? ?Disarms all alarms
? ? ? ? alarm list ? ? ? ? ? ? ?Lists all alarms
? ? ? ? auth disable ? ? ? ? ? ?Disables authentication
? ? ? ? auth enable ? ? ? ? ? ? Enables authentication
? ? ? ? auth status ? ? ? ? ? ? Returns authentication status
? ? ? ? check datascale ? ? ? ? Check the memory usage of holding data for different workloads on a given server endpoint.
? ? ? ? check perf ? ? ? ? ? ? ?Check the performance of the etcd cluster
? ? ? ? compaction ? ? ? ? ? ? ?Compacts the event history in etcd
? ? ? ? defrag ? ? ? ? ? ? ? ? ?Defragments the storage of the etcd members with given endpoints
? ? ? ? del ? ? ? ? ? ? ? ? ? ? Removes the specified key or range of keys [key, range_end)
? ? ? ? elect ? ? ? ? ? ? ? ? ? Observes and participates in leader election
? ? ? ? endpoint hashkv ? ? ? ? Prints the KV history hash for each endpoint in --endpoints
? ? ? ? endpoint health ? ? ? ? Checks the healthiness of endpoints specified in `--endpoints` flag
? ? ? ? endpoint status ? ? ? ? Prints out the status of endpoints specified in `--endpoints` flag
? ? ? ? get ? ? ? ? ? ? ? ? ? ? Gets the key or a range of keys
? ? ? ? help ? ? ? ? ? ? ? ? ? ?Help about any command
? ? ? ? lease grant ? ? ? ? ? ? Creates leases
? ? ? ? lease keep-alive ? ? ? ?Keeps leases alive (renew)
? ? ? ? lease list ? ? ? ? ? ? ?List all active leases
? ? ? ? lease revoke ? ? ? ? ? ?Revokes leases
? ? ? ? lease timetolive ? ? ? ?Get lease information
? ? ? ? lock ? ? ? ? ? ? ? ? ? ?Acquires a named lock
? ? ? ? make-mirror ? ? ? ? ? ? Makes a mirror at the destination etcd cluster
? ? ? ? member add ? ? ? ? ? ? ?Adds a member into the cluster
? ? ? ? member list ? ? ? ? ? ? Lists all members in the cluster
? ? ? ? member promote ? ? ? ? ?Promotes a non-voting member in the cluster
? ? ? ? member remove ? ? ? ? ? Removes a member from the cluster
? ? ? ? member update ? ? ? ? ? Updates a member in the cluster
? ? ? ? move-leader ? ? ? ? ? ? Transfers leadership to another etcd cluster member.
? ? ? ? put ? ? ? ? ? ? ? ? ? ? Puts the given key into the store
? ? ? ? role add ? ? ? ? ? ? ? ?Adds a new role
? ? ? ? role delete ? ? ? ? ? ? Deletes a role
? ? ? ? role get ? ? ? ? ? ? ? ?Gets detailed information of a role
? ? ? ? role grant-permission ? Grants a key to a role
? ? ? ? role list ? ? ? ? ? ? ? Lists all roles
? ? ? ? role revoke-permission ?Revokes a key from a role
? ? ? ? snapshot restore ? ? ? ?Restores an etcd member snapshot to an etcd directory
? ? ? ? snapshot save ? ? ? ? ? Stores an etcd node backend snapshot to a given file
? ? ? ? snapshot status ? ? ? ? [deprecated] Gets backend snapshot status of a given file
? ? ? ? txn ? ? ? ? ? ? ? ? ? ? Txn processes all the requests in one transaction
? ? ? ? user add ? ? ? ? ? ? ? ?Adds a new user
? ? ? ? user delete ? ? ? ? ? ? Deletes a user
? ? ? ? user get ? ? ? ? ? ? ? ?Gets detailed information of a user
? ? ? ? user grant-role ? ? ? ? Grants a role to a user
? ? ? ? user list ? ? ? ? ? ? ? Lists all users
? ? ? ? user passwd ? ? ? ? ? ? Changes password of user
? ? ? ? user revoke-role ? ? ? ?Revokes a role from a user
? ? ? ? version ? ? ? ? ? ? ? ? Prints the version of etcdctl
? ? ? ? watch ? ? ? ? ? ? ? ? ? Watches events stream on keys or prefixes
OPTIONS:
? ? ? --cacert="" ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? verify certificates of TLS-enabled secure servers using this CA bundle
? ? ? --cert="" ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? identify secure client using this TLS certificate file
? ? ? --command-timeout=5s ? ? ? ? ? ? ? ? ? ? ?timeout for short running command (excluding dial timeout)
? ? ? --debug[=false] ? ? ? ? ? ? ? ? ? ? ? ? ? enable client-side debug logging
? ? ? --dial-timeout=2s ? ? ? ? ? ? ? ? ? ? ? ? dial timeout for client connections
? -d, --discovery-srv="" ? ? ? ? ? ? ? ? ? ? ? ?domain name to query for SRV records describing cluster endpoints
? ? ? --discovery-srv-name="" ? ? ? ? ? ? ? ? ? service name to query when using DNS discovery
? ? ? --endpoints=[127.0.0.1:2379] ? ? ? ? ? ? ?gRPC endpoints
? -h, --help[=false] ? ? ? ? ? ? ? ? ? ? ? ? ? ?help for etcdctl
? ? ? --hex[=false] ? ? ? ? ? ? ? ? ? ? ? ? ? ? print byte strings as hex encoded strings
? ? ? --insecure-discovery[=true] ? ? ? ? ? ? ? accept insecure SRV records describing cluster endpoints
? ? ? --insecure-skip-tls-verify[=false] ? ? ? ?skip server certificate verification (CAUTION: this option should be enabled only for testing purposes)
? ? ? --insecure-transport[=true] ? ? ? ? ? ? ? disable transport security for client connections
? ? ? --keepalive-time=2s ? ? ? ? ? ? ? ? ? ? ? keepalive time for client connections
? ? ? --keepalive-timeout=6s ? ? ? ? ? ? ? ? ? ?keepalive timeout for client connections
? ? ? --key="" ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?identify secure client using this TLS key file
? ? ? --password="" ? ? ? ? ? ? ? ? ? ? ? ? ? ? password for authentication (if this option is used, --user option shouldn't include password)
? ? ? --user="" ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? username[:password] for authentication (prompt if password is not supplied)
? -w, --write-out="simple" ? ? ? ? ? ? ? ? ? ? ?set the output format (fields, json, protobuf, simple, table)