upgpkg: tikv-pd 5.0.1-1

3 files changed, 145 insertions, 45 deletions

diff --git a/.SRCINFO b/.SRCINFO
index d3cc3289f7a9..d0c0f0e25d01 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,6 +1,6 @@
 pkgbase = tikv-pd
 	pkgdesc = Manage and schedule the TiKV cluster.
-	pkgver = 5.0.0
+	pkgver = 5.0.1
 	pkgrel = 1
 	url = https://github.com/tikv/pd
 	install = pd.install
@@ -12,16 +12,16 @@ pkgbase = tikv-pd
 	makedepends = unzip
 	provides = pd-server
 	backup = etc/pd/pd.toml
-	source = pd-5.0.0.tar.gz::https://github.com/tikv/pd/archive/v5.0.0.tar.gz
+	source = pd-5.0.1.tar.gz::https://github.com/tikv/pd/archive/v5.0.1.tar.gz
 	source = pd.service
 	source = pd-sysusers.conf
 	source = pd-tmpfiles.conf
 	source = pd.toml
-	sha256sums = 563bfc8bc4a8bb1733bdee729e1ed363b554f0317288d971fe5dcf161daf6ee0
+	sha256sums = 557c747b6c3ed7138ca07e23620093942a86396981248badba571376ff11fb68
 	sha256sums = b03d12f2f8d6eb2e9d654d6258ca39000225cdf1418840f7e35081631bc4d924
 	sha256sums = 5edd250ba9e70a4f8d27581ed658f0fbfeca58ca62429dec12bb5fffc0919b67
 	sha256sums = 15633aaa2d7726375112a1b5af88105878f09c176a542cde6d0e5f0c4eee4495
-	sha256sums = dd3097d7f72da151d792894d2f3bb4188bfe9d445df8955d0f6f9b5c36980249
+	sha256sums = 10d3fdb40e522c8731e87a7ba2acc6a7866d8f967a6b931247ae8ff97709065a
 
 pkgname = tikv-pd
 
diff --git a/PKGBUILD b/PKGBUILD
index ae91a81b1b3f..fe6269997bdb 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Xuanwo <xuanwo@archlinuxcn.org>
 # Maintainer: Allen Zhong <zhongbenli@pingcap.com>
 pkgname=tikv-pd
-pkgver=5.0.0
+pkgver=5.0.1
 pkgrel=1
 pkgdesc='Manage and schedule the TiKV cluster.'
 makedepends=('go' 'make' 'git' 'unzip')
@@ -16,11 +16,11 @@ source=(pd-${pkgver}.tar.gz::https://github.com/tikv/pd/archive/v${pkgver}.tar.g
         pd-sysusers.conf
         pd-tmpfiles.conf
         pd.toml)
-sha256sums=('563bfc8bc4a8bb1733bdee729e1ed363b554f0317288d971fe5dcf161daf6ee0'
+sha256sums=('557c747b6c3ed7138ca07e23620093942a86396981248badba571376ff11fb68'
             'b03d12f2f8d6eb2e9d654d6258ca39000225cdf1418840f7e35081631bc4d924'
             '5edd250ba9e70a4f8d27581ed658f0fbfeca58ca62429dec12bb5fffc0919b67'
             '15633aaa2d7726375112a1b5af88105878f09c176a542cde6d0e5f0c4eee4495'
-            'dd3097d7f72da151d792894d2f3bb4188bfe9d445df8955d0f6f9b5c36980249')
+            '10d3fdb40e522c8731e87a7ba2acc6a7866d8f967a6b931247ae8ff97709065a')
 
 _gopkgname='github.com/tikv/pd'
 
diff --git a/pd.toml b/pd.toml
index a0a616d7e686..bb261328836d 100644
--- a/pd.toml
+++ b/pd.toml
@@ -4,58 +4,120 @@ name = "pd"
 data-dir = "/var/lib/pd"
 
 client-urls = "http://127.0.0.1:2379"
-# if not set, use ${client-urls}
+## if not set, use ${client-urls}
 advertise-client-urls = ""
 
 peer-urls = "http://127.0.0.1:2380"
-# if not set, use ${peer-urls}
+## if not set, use ${peer-urls}
 advertise-peer-urls = ""
 
 initial-cluster = "pd=http://127.0.0.1:2380"
 initial-cluster-state = "new"
 
+## set different tokens to prevent communication between PDs in different clusters.
+# initial-cluster-token = "pd-cluster"
+
 lease = 3
 tso-save-interval = "3s"
 
-namespace-classifier = "table"
+## Make sure you set the "zone" label for this PD server before enabling its Local TSO service.
+# enable-local-tso = true
 
 enable-prevote = true
 
+[labels]
+## This means **this** PD server belongs to data center "dc-1". Setting it alone won't have any effect.
+## It should be used with enable-local-tso together if you want to make the Local TSO function work.
+# zone="dc-1"
+
 [security]
-# Path of file that contains list of trusted SSL CAs. if set, following four settings shouldn't be empty
+## Path of file that contains list of trusted SSL CAs. if set, following four settings shouldn't be empty
 cacert-path = ""
-# Path of file that contains X509 certificate in PEM format.
+## Path of file that contains X509 certificate in PEM format.
 cert-path = ""
-# Path of file that contains X509 key in PEM format.
+## Path of file that contains X509 key in PEM format.
 key-path = ""
 
+cert-allowed-cn = ["example.com"]
+
+[security.encryption]
+## Encryption method to use for PD data. One of "plaintext", "aes128-ctr", "aes192-ctr" and "aes256-ctr".
+## Defaults to "plaintext" if not set.
+# data-encryption-method = "plaintext"
+## Specifies how often PD rotates data encryption key. Default is 7 days.
+# data-key-rotation-period = "168h"
+
+## Specifies master key if encryption is enabled. There are three types of master key:
+##
+##   * "plaintext":
+##
+##     Plaintext as master key means no master key is given and only applicable when
+##     encryption is not enabled, i.e. data-encryption-method = "plaintext". This type doesn't
+##     have sub-config items. Example:
+##     
+##     [security.encryption.master-key]
+##     type = "plaintext"
+##
+##   * "kms":
+##
+##     Use a KMS service to supply master key. Currently only AWS KMS is supported. This type of
+##     master key is recommended for production use. Example:
+##
+##     [security.encryption.master-key]
+##     type = "kms"
+##     ## KMS CMK key id. Must be a valid KMS CMK where the TiKV process has access to.
+##     ## In production is recommended to grant access of the CMK to TiKV using IAM.
+##     key-id = "1234abcd-12ab-34cd-56ef-1234567890ab"
+##     ## AWS region of the KMS CMK.
+##     region = "us-west-2"
+##     ## (Optional) AWS KMS service endpoint. Only required when non-default KMS endpoint is
+##     ## desired.
+##     endpoint = "https://kms.us-west-2.amazonaws.com"
+##
+##   * "file":
+##
+##     Supply a custom encryption key stored in a file. It is recommended NOT to use in production,
+##     as it breaks the purpose of encryption at rest, unless the file is stored in tempfs.
+##     The file must contain a 256-bits (32 bytes, regardless of key length implied by 
+##     data-encryption-method) key encoded as hex string and end with newline ("\n"). Example:
+##
+##     [security.encryption.master-key]
+##     type = "file"
+##     path = "/path/to/master/key/file"
+# [security.encryption.master-key]
+# type = "plaintext"
+
 [log]
 level = "info"
 
-# log format, one of json, text, console
-#format = "text"
+## log format, one of json, text, console
+# format = "text"
 
-# disable automatic timestamps in output
-#disable-timestamp = false
+## disable automatic timestamps in output
+# disable-timestamp = false
 
 # file logging
 [log.file]
-#filename = ""
-# max log file size in MB
-#max-size = 300
-# max log file keep days
-#max-days = 28
-# maximum number of old log files to retain
-#max-backups = 7
-# rotate log by day
-#log-rotate = true
+# filename = ""
+## max log file size in MB
+# max-size = 300
+## max log file keep days
+# max-days = 28
+## maximum number of old log files to retain
+# max-backups = 7
 
 [metric]
-# prometheus client push interval, set "0s" to disable prometheus.
+## prometheus client push interval, set "0s" to disable prometheus.
 interval = "15s"
-# prometheus pushgateway address, leaves it empty will disable prometheus.
+## prometheus pushgateway address, leaves it empty will disable prometheus.
 address = ""
 
+[pd-server]
+## the metric storage is the cluster metric storage. This is use for query metric data.
+## Currently we use prometheus as metric storage, we may use PD/TiKV as metric storage later.
+## For usability, recommended to temporarily set it to the prometheus address, eg: http://127.0.0.1:9090
+metric-storage = ""
+
 [schedule]
 max-merge-region-size = 20
 max-merge-region-keys = 200000
@@ -64,32 +126,70 @@ max-snapshot-count = 3
 max-pending-peer-count = 16
 max-store-down-time = "30m"
 leader-schedule-limit = 4
-region-schedule-limit = 64
+region-schedule-limit = 2048
 replica-schedule-limit = 64
 merge-schedule-limit = 8
 hot-region-schedule-limit = 4
-#tolerant-size-ratio = 0.0
-#enable-one-way-merge = false
-
-# customized schedulers, the format is as below
-# if empty, it will use balance-leader, balance-region, hot-region as default
+## There are some policies supported: ["count", "size"], default: "count"
+# leader-schedule-policy = "count"
+## When the score difference between the leader or Region of the two stores is
+## less than specified multiple times of the Region size, it is considered in balance by PD.
+## If it equals 0.0, PD will automatically adjust it.
+# tolerant-size-ratio = 0.0
+
+## This three parameters control the merge scheduler behavior.
+## If it is true, it means a region can only be merged into the next region of it.
+# enable-one-way-merge = false
+## If it is true, it means two region within different tables can be merged.
+## This option only works when key type is "table".
+# enable-cross-table-merge = false
+
+## customized schedulers, the format is as below
+## if empty, it will use balance-leader, balance-region, hot-region as default
 # [[schedule.schedulers]]
 # type = "evict-leader"
 # args = ["1"]
 
 [replication]
-# The number of replicas for each region.
+## The number of replicas for each region.
 max-replicas = 3
-# The label keys specified the location of a store.
-# The placement priorities is implied by the order of label keys.
-# For example, ["zone", "rack"] means that we should place replicas to
-# different zones first, then to different racks if we don't have enough zones.
+## The label keys specified the location of a store.
+## The placement priorities is implied by the order of label keys.
+## For example, ["zone", "rack"] means that we should place replicas to
+## different zones first, then to different racks if we don't have enough zones.
 location-labels = []
-# Strictly checks if the label of TiKV is matched with location labels.
-#strictly-match-label = false
+## Strictly checks if the label of TiKV is matched with location labels.
+# strictly-match-label = false
 
 [label-property]
-# Do not assign region leaders to stores that have these tags.
-#  [[label-property.reject-leader]]
-#  key = "zone"
-#  value = "cn1
+## Do not assign region leaders to stores that have these tags.
+# [[label-property.reject-leader]]
+# key = "zone"
+# value = "cn1
+
+[dashboard]
+## Configurations below are for the TiDB Dashboard embedded in the PD.
+
+## The path of the CA certificate used to verify the TiDB server in TLS.
+# tidb-cacert-path = ""
+## The path of the certificate used to connect to TiDB server in TLS.
+# tidb-cert-path = ""
+## The path of the certificate private key.
+# tidb-key-path = ""
+
+## The public path prefix to serve Dashboard urls. It can be set when Dashboard
+## is running behind a reverse proxy. Do not configure it if you access
+## Dashboard directly.
+# public-path-prefix = "/dashboard"
+
+## When enabled, request will be proxied to the instance running Dashboard
+## internally instead of result in a 307 redirection.
+# internal-proxy = false
+
+## When enabled, usage data will be sent to PingCAP for improving user experience.
+# enable-telemetry = true
+
+## When enabled, experimental TiDB Dashboard features will be available.
+## These features are incomplete or not well tested. Suggest not to enable in
+## production.
+# enable-experimental = false