# The etcd endpoints to connect to.# CLI flag: -.etcd.endpoints[endpoints: | default = []]# The dial timeout for the etcd connection.# CLI flag: -.etcd.dial-timeout[dial_timeout: | default = 10s]# The maximum number of retries to do for failed ops.# CLI flag: -.etcd.max-retries[max_retries: | default = 10]# Enable TLS.# CLI flag: -.etcd.tls-enabled[tls_enabled: | default = false]# Path to the client certificate, which will be used for authenticating with the# server. Also requires the key path to be configured.# CLI flag: -.etcd.tls-cert-path[tls_cert_path: | default = ""]# Path to the key for the client certificate. Also requires the client# certificate to be configured.# CLI flag: -.etcd.tls-key-path[tls_key_path: | default = ""]# Path to the CA certificates to validate server certificate against. If not# set, the host's root CA certificates are used.# CLI flag: -.etcd.tls-ca-path[tls_ca_path: | default = ""]# Override the expected name on the server certificate.# CLI flag: -.etcd.tls-server-name[tls_server_name: | default = ""]# Skip validating server certificate.# CLI flag: -.etcd.tls-insecure-skip-verify[tls_insecure_skip_verify: | default = false]# Override the default cipher suite list (separated by commas). Allowed values:# # Secure Ciphers:# - TLS_RSA_WITH_AES_128_CBC_SHA# - TLS_RSA_WITH_AES_256_CBC_SHA# - TLS_RSA_WITH_AES_128_GCM_SHA256# - TLS_RSA_WITH_AES_256_GCM_SHA384# - TLS_AES_128_GCM_SHA256# - TLS_AES_256_GCM_SHA384# - TLS_CHACHA20_POLY1305_SHA256# - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA# - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA# - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA# - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA# - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256# - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384# - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256# - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384# - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256# - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256# # Insecure Ciphers:# - TLS_RSA_WITH_RC4_128_SHA# - TLS_RSA_WITH_3DES_EDE_CBC_SHA# - TLS_RSA_WITH_AES_128_CBC_SHA256# - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA# - TLS_ECDHE_RSA_WITH_RC4_128_SHA# - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA# - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256# - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256# CLI flag: -.etcd.tls-cipher-suites[tls_cipher_suites: | default = ""]# Override the default minimum TLS version. Allowed values: VersionTLS10,# VersionTLS11, VersionTLS12, VersionTLS13# CLI flag: -.etcd.tls-min-version[tls_min_version: | default = ""]# Etcd username.# CLI flag: -.etcd.username[username: | default = ""]# Etcd password.# CLI flag: -.etcd.password[password: | default = ""]
Configuration for an ETCD v3 client. Only applies if the selected kvstore is
etcd
. The supported CLI flagsused to reference this configuration block are:
common.storage.ring
compactor.ring
distributor.ring
index-gateway.ring
query-scheduler.ring
ruler.ring