Updating etcd to 3.5.0

- Added git as makedep
- Configured build to correctly use recommended Arch Golang build flags
  per https://wiki.archlinux.org/title/Go_package_guidelines
- Updated default configuration file with latest options

1 files changed, 229 insertions, 4 deletions

diff --git a/etcd.env b/etcd.env
index 023129b0e075..7f711d7aff9a 100644
--- a/etcd.env
+++ b/etcd.env
@@ -67,6 +67,66 @@
 #
 # ETCD_CORS=
 
+# Raise alarms when backend size exceeds the given quota. 0 means use the
+# default quota.
+#
+# default: 0
+#
+# ETCD_QUOTA_BACKEND_BYTES=0
+
+# BackendBatchLimit is the maximum operations before commit the backend
+# transaction.
+#
+# default: 0
+#
+# ETCD_BACKEND_BATCH_LIMIT=0
+
+# The freelist type that etcd backend(bboltdb) uses (array and map are
+# supported types).
+#
+# default: ()
+#
+# ETCD_BACKEND_BBOLT_FREELIST_TYPE=()
+
+# BackendBatchInterval is the maximum time before commit the backend
+# transaction.
+#
+# default: 0
+#
+# ETCD_BACKEND_BATCH_INTERVAL=0
+
+# Maximum number of operations permitted in a transaction.
+#
+# default: 128
+#
+# ETCD_MAX_TXN_OPS=128
+
+# Maximum client request size in bytes the server will accept.
+#
+# default: 1572864
+#
+# ETCD_MAX_REQUEST_BYTES=1572864
+
+# Minimum duration interval that a client should wait before pinging server.
+#
+# default: 5s
+#
+# ETCD_GRPC_KEEPALIVE_MIN_TIME=5s
+
+# Frequency duration of server-to-client ping to check if a connection is
+# alive (0 to disable).
+#
+# default: 2h
+#
+# ETCD_GRPC_KEEPALIVE_INTERVAL=2h
+
+# Additional duration of wait before closing a non-responsive connection
+# (0 to disable).
+#
+# default: 20s
+#
+# ETCD_GRPC_KEEPALIVE_TIMEOUT=20s
+
 # List of this member's peer URLs to advertise to the rest of the cluster.
 # These addresses are used for communicating etcd data around the cluster.
 # At least one must be routable to all cluster members.
@@ -115,7 +175,14 @@
 #
 # ETCD_DISCOVERY_SRV=
 
+# Suffix to the DNS srv name queried when bootstrapping using DNS.
+#
+# default: none
+#
+# ETCD_DISCOVERY_SRV_NAME=
+
 # Expected behavior ("exit" or "proxy") when discovery services fails.
+# "proxy" supports v2 API only.
 #
 # default: "proxy"
 #
@@ -127,6 +194,33 @@
 #
 # ETCD_DISCOVERY_PROXY=
 
+# Reject reconfiguration requests that would cause quorum loss.
+#
+# default: true
+#
+# ETCD_STRICT_RECONFIG_CHECK=true
+
+# Auto compaction retention for mvcc key value store in hour. 0 means disable
+# auto compaction.
+#
+# default: 0
+#
+# ETCD_AUTO_COMPACTION_RETENTION=0
+
+# Interpret 'auto-compaction-retention' one of: 'periodic', 'revision'.
+# 'periodic' for duration based retention, defaulting to hours if no time
+# unit is provided (e.g. '5m'). 'revision' for revision number based retention.
+#
+# default: periodic
+#
+# ETCD_AUTO_COMPACTION_MODE=periodic
+
+# Accept etcd V2 client requests
+#
+# default: false
+#
+# ETCD_ENABLE_V2=false
+
 # Proxy mode setting ("off", "readonly" or "on").
 #
 # default: "off"
@@ -165,7 +259,7 @@
 #
 # ETCD_PROXY_READ_TIMEOUT=0
 
-# Path to the client server TLS CA file.
+# [DEPRECATED] Path to the client server TLS CA file.
 #
 # default: none
 #
@@ -189,12 +283,30 @@
 #
 # ETCD_CLIENT_CERT_AUTH=false
 
+# Path to the client certificate revocation list file.
+#
+# default: none
+#
+# ETCD_CLIENT_CRL_FILE=
+
+# Allowed Allowed TLS name for client cert authentication.
+#
+# default: none
+#
+# ETCD_CLIENT_CERT_ALLOWED_HOSTNAME=
+
 # Path to the client server TLS trusted CA key file.
 #
 # default: none
 #
 # ETCD_TRUSTED_CA_FILE=
 
+# Client TLS using generated certificates
+#
+# default: false
+#
+# ETCD_AUTO_TLS=false
+
 # [DEPRECATED] Path to the peer server TLS CA file.
 #
 # default: none
@@ -219,19 +331,71 @@
 #
 # ETCD_PEER_CLIENT_CERT_AUTH=false
 
+# Path to the peer certificate revocation list file.
+#
+# default: none
+#
+# ETCD_PEER_CRL_FILE=
+
 # Path to the peer server TLS trusted CA file.
 #
 # default: none
 #
 # ETCD_PEER_TRUSTED_CA_FILE=
 
-# Drop the default log level to DEBUG for all subpackages.
+# Peer TLS using generated certificates.
+#
+# default: false
+#
+# ETCD_PEER_AUTO_TLS=false
+
+# Allowed CommonName for inter peer authentication.
+#
+# default: none
+#
+# ETCD_PEER_CERT_ALLOWED_CN=
+
+# Allowed TLS certificate name for inter peer authentication.
+#
+# default: none
+#
+# ETCD_PEER_CERT_ALLOWED_HOSTNAME=
+
+# Comma-separated list of supported TLS cipher suites between server/client
+# and peers.
+#
+# default: none
+#
+# ETCD_CIPHER_SUITES=
+
+# Specify 'zap' for structured logging or 'capnslog'.
+# WARNING: --logger=capnslog to be deprecated in v3.5.
+#
+# default: capnslog
+#
+# ETCD_LOGGER=capnslog
+
+# Specify 'stdout' or 'stderr' to skip journald logging even when running
+# under systemd, or list of comma separated output targets.
+#
+# default: default
+#
+# ETCD_LOG_OUTPUTS=default
+
+# Configures log level. Only supports debug, info, warn, error, panic,
+# or fatal.
+#
+# default: info
+#
+# ETCD_LOG_LEVEL=info
+
+# [DEPRECATED] Drop the default log level to DEBUG for all subpackages.
 #
 # default: false (INFO for all packages)
 #
 # ETCD_DEBUG=false
 
-# Set individual etcd subpackages to specific log levels.
+# [DEPRECATED] Set individual etcd subpackages to specific log levels.
 # An example being etcdserver=WARNING,security=DEBUG
 #
 # default: none (INFO for all packages)
@@ -246,4 +410,65 @@
 #
 # ETCD_FORCE_NEW_CLUSTER=false
 
-# vim:ft=sh:
+# Enable runtime profiling data via HTTP server. Address is at client URL +
+# "/debug/pprof/"
+#
+# default: false
+#
+# ETCD_ENABLE_PPROF=false
+
+# Set level of detail for exported metrics, specify 'extensive to include
+# server side grpc histogram metrics.
+#
+# default: basic
+#
+# ETCD_METRICS=basic
+
+# List of additional URLs to listen on that will respond to both
+# the /metrics and /health endpoints.
+#
+# default: none
+#
+# ETCD_LISTEN_METRICS_URLS=
+
+# Specify a token type and token specific options, especially for JWT.
+# Its format is "type,var1=val1,var2=val2,...". Possible type is 'simple'
+# or 'jwt'. Possible variables are 'sign-method' for specifying a sign
+# method of jwt (its possible values are 'ES256', 'ES384', 'ES512',
+# 'HS256', 'HS384', 'HS512', 'RS256', 'RS384', 'RS512', 'PS256',
+# 'PS384', or 'PS512'), 'pub-key' for specifying a path to a public
+# key for verifying jwt, 'priv-key' for specifying a path to a private key
+# for signing jwt, and 'ttl' for specifying TTL of jwt tokens.
+#
+# For asymmetric algorithms ('RS', 'PS', 'ES'), the public key
+# is optional, as the private key contains enough information to both sign
+# and verify tokens.
+#
+# Example option of JWT: '–auth-token jwt,pub-key=app.rsa.pub,priv-
+# key=app.rsa,sign-method=RS512,ttl=10m'
+#
+# default: "simple"
+#
+# ETCD_AUTH_TOKEN="simple"
+
+# Duration of time between cluster corruption check passes.
+#
+# default: 0s
+#
+# ETCD_EXPERIMENTAL_CORRUPT_CHECK_TIME=0s
+
+# Sets the maximum revisions deleted in each compaction batch.
+#
+# default: 1000
+#
+# ETCD_EXPERIMENTAL_COMPACTION_BATCH_LIMIT=1000
+
+# Skip verification of SAN field in client certificate for peer connections.
+# This can be helpful e.g. if cluster members run in different networks
+# behind a NAT. In this case make sure to use peer certificates based on a
+# private certificate authority using --peer-cert-file, --peer-key-file,
+# --peer-trusted-ca-file.
+#
+# default: false
+#
+# ETCD_EXPERIMENTAL_PEER_SKIP_CLIENT_SAN_VERIFICATION=false