hailin0 commented on code in PR #331: URL: https://github.com/apache/skywalking-banyandb/pull/331#discussion_r1365724556
########## docs/installation/cluster.md: ########## @@ -28,3 +28,45 @@ The host is registered to the etcd cluster by the `banyand-server` automatically - `node-host-provider=hostname` : Default. The OS's hostname is registered as the host part in the address. - `node-host-provider=ip` : The OS's the first non-loopback active IP address(IPv4) is registered as the host part in the address. - `node-host-provider=flag` : `node-host` is registered as the host part in the address. + +## Etcd Client Authentication + +etcd supports through tls certificates and RBAC based authentication for both clients to server communication. This section is intended to help users set up authentication in etcd client. + +### Client-to-server authentication with username/password + +The etcd user can be setup by the [etcd authentication guide](https://etcd.io/docs/v3.5/op-guide/authentication/) + +The username/password is configured in the following command: + +- `etcd-username`: The username for etcd client authentication. +- `etcd-password`: The password for etcd client authentication. + +```shell +$ ./banyand-server storage --etcd-endpoints=your-endpoints --etcd-username=your-username --etcd-password=your-password <flags> +$ ./banyand-server liaison --etcd-endpoints=your-endpoints --etcd-username=your-username --etcd-password=your-password <flags> +``` + +### Client-to-server transport security with HTTPS Review Comment: fixed ########## docs/installation/cluster.md: ########## @@ -28,3 +28,45 @@ The host is registered to the etcd cluster by the `banyand-server` automatically - `node-host-provider=hostname` : Default. The OS's hostname is registered as the host part in the address. - `node-host-provider=ip` : The OS's the first non-loopback active IP address(IPv4) is registered as the host part in the address. - `node-host-provider=flag` : `node-host` is registered as the host part in the address. + +## Etcd Client Authentication + +etcd supports through tls certificates and RBAC based authentication for both clients to server communication. This section is intended to help users set up authentication in etcd client. + +### Client-to-server authentication with username/password Review Comment: fixed ########## docs/installation/cluster.md: ########## @@ -28,3 +28,45 @@ The host is registered to the etcd cluster by the `banyand-server` automatically - `node-host-provider=hostname` : Default. The OS's hostname is registered as the host part in the address. - `node-host-provider=ip` : The OS's the first non-loopback active IP address(IPv4) is registered as the host part in the address. - `node-host-provider=flag` : `node-host` is registered as the host part in the address. + +## Etcd Client Authentication Review Comment: fixed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
