热门搜索:

bitnami/etcd

自动构建

Bitnami Secure Images（VMware Tanzu）

Bitnami Secure Image for etcd是Bitnami公司推出的针对分布式键值存储系统etcd的安全优化镜像，集成预配置安全策略、漏洞防护及合规性验证功能，适用于容器化环境与Kubernetes集群，旨在帮助用户便捷部署、高效管理安全可靠的etcd实例，保障数据一致性、服务发现及配置管理过程中的信息安全，同时简化运维流程并降低潜在安全风险。

203 次收藏下载次数: 0状态：自动构建维护者：Bitnami Secure Images（VMware Tanzu）仓库类型：镜像最近更新：7 个月前

当前 bitnami 安全镜像已不再通过 Docker Hub 免费提供，请使用备份镜像地址。前往新地址

轩辕镜像，不浪费每一次拉取。点击查看

DockerHub 官方简介

轩辕镜像中文简介

标签下载

镜像标签列表与下载命令

轩辕镜像，不浪费每一次拉取。点击查看

Bitnami Secure Image for Etcd

What is Etcd?

etcd is a distributed key-value store designed to securely store data across a cluster. etcd is widely used in production on account of its reliability, fault-tolerance and ease of use.

Overview of Etcd Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.

TL;DR

console
docker run -it --name etcd bitnami/etcd:latest

Why use Bitnami Secure Images?

Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise https://vmware.github.io/photon/. Why choose BSI images?

Hardened secure images of popular open source software with Near-Zero Vulnerabilities
Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores
Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM)
Software supply chain provenance attestation through in-toto
First class support for the internet’s favorite Helm charts

Each image comes with valuable security metadata. You can view the metadata in our public catalog here. Note: Some data is only available with commercial subscriptions to BSI.

!https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details" !https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report"

If you are looking for our previous generation of images based on Debian Linux, please see the https://hub.docker.com/u/bitnamilegacy.

How to deploy Etcd in Kubernetes?

Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the https://github.com/bitnami/charts/tree/master/bitnami/etcd.

Why use a non-root container?

Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers in our docs.

Supported tags and respective `Dockerfile` links

Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags in our documentation page.

You can see the equivalence between the different tags by taking a look at the tags-info.yaml file present in the branch folder, i.e bitnami/ASSET/BRANCH/DISTRO/tags-info.yaml.

Subscribe to project updates by watching the https://github.com/bitnami/containers.

Please note ARM support in branch 3.4 is experimental/unstable according to https://github.com/etcd-io/website/blob/main/content/en/docs/v3.4/op-guide/supported-platform.md, therefore branch 3.4 is only supported for AMD archs while branch 3.5 supports multiarch (AMD and ARM)

Prerequisites

To run this application you need Docker Engine >= 1.10.0. Docker Compose is recommended with a version 1.6.0 or later.

Get this image

The recommended way to get the Bitnami Etcd Docker Image is to pull the prebuilt image from the https://hub.docker.com/r/bitnami/etcd.

console
docker pull bitnami/etcd:latest

To use a specific version, you can pull a versioned tag. You can view the https://hub.docker.com/r/bitnami/etcd/tags/ in the Docker Hub Registry.

console
docker pull bitnami/etcd:[TAG]

If you wish, you can also build the image yourself by cloning the repository, changing to the directory containing the Dockerfile and executing the docker build command. Remember to replace the APP, VERSION and OPERATING-SYSTEM path placeholders in the example command below with the correct values.

console
git clone https://github.com/bitnami/containers.git
cd bitnami/APP/VERSION/OPERATING-SYSTEM
docker build -t bitnami/APP:latest .

Connecting to other containers

Using Docker container networking, a Etcd server running inside a container can easily be accessed by your application containers using a Etcd client.

Containers attached to the same network can communicate with each other using the container name as the hostname.

Using the Command Line

In this example, we will create a Etcd client instance that will connect to the server instance that is running on the same docker network as the client.

Step 1: Create a network

console
docker network create app-tier --driver bridge

Step 2: Launch the Etcd server instance

Use the --network app-tier argument to the docker run command to attach the Etcd container to the app-tier network.

console
docker run -d --name Etcd-server \
    --network app-tier \
    --publish 2379:2379 \
    --publish 2380:2380 \
    --env ALLOW_NONE_AUTHENTICATION=yes \
    --env ETCD_ADVERTISE_CLIENT_URLS=http://etcd-server:2379 \
    bitnami/etcd:latest

Step 3: Launch your Etcd client instance

Finally we create a new container instance to launch the Etcd client and connect to the server created in the previous step:

console
docker run -it --rm \
    --network app-tier \
    --env ALLOW_NONE_AUTHENTICATION=yes \
    bitnami/etcd:latest etcdctl --endpoints http://etcd-server:2379 put /message Hello

Using a Docker Compose file

When not specified, Docker Compose automatically sets up a new network and attaches all deployed services to that network. However, we will explicitly define a new bridge network named app-tier. In this example we assume that you want to connect to the Etcd server from your own custom application image which is identified in the following snippet by the service name myapp.

yaml
version: '2'

networks:
  app-tier:
    driver: bridge

services:
  Etcd:
    image: bitnami/etcd:latest
    environment:
      - ALLOW_NONE_AUTHENTICATION=yes
      - ETCD_ADVERTISE_CLIENT_URLS=http://etcd:2379
    ports:
      - 2379:2379
      - 2380:2380
    networks:
      - app-tier
  myapp:
    image: YOUR_APPLICATION_IMAGE
    networks:
      - app-tier

IMPORTANT:

Please update the placeholder YOUR_APPLICATION_IMAGE in the above snippet with your application image

In your application container, use the hostname etcd to connect to the Etcd server

Launch the containers using:

console
docker-compose up -d

Configuration

The configuration can easily be setup by mounting your own configuration file on the directory /opt/bitnami/etcd/conf:

console
docker run --name Etcd -v /path/to/Etcd.conf.yml:/opt/bitnami/Etcd/conf/etcd.conf.yml bitnami/etcd:latest

After that, your configuration will be taken into account in the server's behaviour.

You can also do this by changing the https://github.com/bitnami/containers/blob/main/bitnami/etcd/docker-compose.yml file present in this repository:

yaml
Etcd:
  ...
  volumes:
    - /path/to/Etcd.conf.yml:/opt/bitnami/etcd/conf/etcd.conf.yml
  ...

You can find a sample configuration file on this https://github.com/coreos/etcd/blob/master/etcd.conf.yml.sample

Environment variables

Apart from providing your custom configuration file, you can also modify the server behavior via configuration as environment variables.

Customizable environment variables

Name	Description	Default Value
`ETCD_SNAPSHOTS_DIR`	etcd snaphots directory (used on "disaster recovery" feature).	`/snapshots`
`ETCD_SNAPSHOT_HISTORY_LIMIT`	etcd snaphots history limit.	`1`
`ETCD_INIT_SNAPSHOTS_DIR`	etcd init snaphots directory (used on "init from snapshot" feature).	`/init-snapshot`
`ALLOW_NONE_AUTHENTICATION`	Allow accessing etcd without any password.	`no`
`ETCD_ROOT_PASSWORD`	Password for the etcd root user.	`nil`
`ETCD_CLUSTER_DOMAIN`	Domain to use to discover other etcd members.	`nil`
`ETCD_START_FROM_SNAPSHOT`	Whether etcd should start from an existing snapshot or not.	`no`
`ETCD_DISASTER_RECOVERY`	Whether etcd should try or not to recover from snapshots when the cluste disastrously fails.	`no`
`ETCD_ON_K8S`	Whether etcd is running on a K8s environment or not.	`no`
`ETCD_INIT_SNAPSHOT_FILENAME`	Existing snapshot filename to start the etcd cluster from.	`nil`
`ETCD_PREUPGRADE_START_DELAY`	Optional delay before starting the pre-upgrade hook (in seconds).	`nil`
`ETCD_NAME`	etcd member name.	`nil`
`ETCD_LOG_LEVEL`	etcd log level.	`info`
`ETCD_LISTEN_CLIENT_URLS`	List of URLs to listen on for client traffic.	`http://0.0.0.0:2379`
`ETCD_ADVERTISE_CLIENT_URLS`	List of this member client URLs to advertise to the rest of the cluster.	`http://127.0.0.1:2379`
`ETCD_INITIAL_CLUSTER`	Initial list of members to bootstrap a cluster.	`nil`
`ETCD_LISTEN_PEER_URLS`	List of URLs to listen on for peers traffic.	`nil`
`ETCD_INITIAL_ADVERTISE_PEER_URLS`	List of this member peer URLs to advertise to the rest of the cluster while bootstrapping.	`nil`
`ETCD_INITIAL_CLUSTER_TOKEN`	Unique initial cluster token used for bootstrapping.	`nil`
`ETCD_AUTO_TLS`	Use generated certificates for TLS communications with clients.	`false`
`ETCD_CERT_FILE`	Path to the client server TLS cert file.	`nil`
`ETCD_KEY_FILE`	Path to the client server TLS key file.	`nil`
`ETCD_TRUSTED_CA_FILE`	Path to the client server TLS trusted CA cert file.	`nil`
`ETCD_CLIENT_CERT_AUTH`	Enable client cert authentication	`false`
`ETCD_PEER_AUTO_TLS`	Use generated certificates for TLS communications with peers.	`false`
`ETCD_EXTRA_AUTH_FLAGS`	Comma separated list of authentication flags to append to etcdctl	`nil`

Read-only environment variables

Name	Description	Value
`ETCD_BASE_DIR`	etcd installation directory.	`/opt/bitnami/etcd`
`ETCD_VOLUME_DIR`	Persistence base directory.	`/bitnami/etcd`
`ETCD_BIN_DIR`	etcd executables directory.	`${ETCD_BASE_DIR}/bin`
`ETCD_DATA_DIR`	etcd data directory.	`${ETCD_VOLUME_DIR}/data`
`ETCD_CONF_DIR`	etcd configuration directory.	`${ETCD_BASE_DIR}/conf`
`ETCD_DEFAULT_CONF_DIR`	etcd default configuration directory.	`${ETCD_BASE_DIR}/conf.default`
`ETCD_TMP_DIR`	Directory where ETCD temporary files are stored.	`${ETCD_BASE_DIR}/tmp`
`ETCD_CONF_FILE`	ETCD configuration file.	`${ETCD_CONF_DIR}/etcd.yaml`
`ETCD_NEW_MEMBERS_ENV_FILE`	File containining the etcd environment to use after adding a member.	`${ETCD_DATA_DIR}/new_member_envs`
`ETCD_DAEMON_USER`	etcd system user name.	`etcd`
`ETCD_DAEMON_GROUP`	etcd system user group.	`etcd`

Additionally, you can configure etcd using the upstream env variables here

FIPS configuration in Bitnami Secure Images

The Bitnami Etcd Docker image from the Bitnami Secure Images catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables:

OPENSSL_FIPS: whether OpenSSL runs in FIPS mode or not. yes (default), no.

Notable Changes

3.5.17-debian-12-r4

Drop support for non-Helm cluster deployment. Upgrading of any kind including increasing replica count must also be done with helm upgrade exclusively. CD automation tools that respect Helm hooks such as ArgoCD can also be used.
Remove prestop.sh script. Hence, container should no longer define lifecycle prestop hook.
Add preupgrade.sh script which should be run as a pre-upgrade Helm hook. This replaces the prestop hook as a more reliable mechanism to remove stale members when replica count is decreased.
Stop storing member ID in a local file which is unreliable. The container now check the member ID from the data dir instead.
Stop storing/checking for member removal from a local file. The container now check with other members in the cluster instead.

3.4.15-debian-10-r7

The container now contains the needed logic to deploy the Etcd container on Kubernetes using the https://github.com/bitnami/charts/tree/master/bitnami/etcd.

3.4.13-debian-10-r7

Arbitrary user ID(s) are supported again, see https://github.com/etcd-io/etcd/issues/*** for more information abut the changes in the upstream source code

3.4.10-debian-10-r0

Arbitrary user ID(s) when running the container with a non-privileged user are not supported (only 1001 UID is allowed).

Further documentation

For further documentation, please check Etcd documentation or its https://github.com/coreos/etcd

Using `docker-compose.yaml`

Please be aware this file has not undergone internal testing. Consequently, we advise its use exclusively for development or testing purposes. For production-ready deployments, we highly recommend utilizing its associated https://github.com/bitnami/charts/tree/main/bitnami/etcd.

If you detect any issue in the docker-compose.yaml file, feel free to report it or contribute with a fix by following our https://github.com/bitnami/containers/blob/main/CONTRIBUTING.md.

Contributing

We'd love for you to contribute to this container. You can request new features by creating an https://github.com/bitnami/containers/issues or submitting a https://github.com/bitnami/containers/pulls with your contribution.

Issues

If you encountered a problem running this container, you can file an https://github.com/bitnami/containers/issues/new/choose. For us to provide better support, be sure to fill the issue template.

License

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

<[***]>

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Deployment & Usage Documentation

重要公告：Bitnami 部分镜像 Docker Hub 免费获取通道变更，替代拉取方案看这篇就够了

近期Bitnami官方对旗下镜像分发策略进行重大调整，原可在Docker Hub免费获取的Bitnami核心安全镜像（覆盖Kafka、Redis、MySQL、Elasticsearch等全品类），现已全面取消免费下载服务，这将直接影响大家日常的开发、测试和项目部署工作。为了让大家快速找到可落地的解决方案，我们整理了清晰的替代拉取方法、场景化使用建议，小白也能一步上手，建议收藏备用！

镜像拉取方式

您可以使用以下命令拉取该镜像。请将 <标签> 替换为具体的标签版本。如需查看所有可用标签版本，请访问标签列表页面。

轩辕镜像加速拉取命令点我查看更多 etcd 镜像标签

docker pull docker.xuanyuan.run/bitnami/etcd:<标签>

使用方法：

DockerHub 原生拉取命令

docker pull bitnami/etcd:<标签>

轩辕镜像配置手册

探索更多轩辕镜像的使用方法，找到最适合您系统的配置方式

Docker 配置

登录仓库拉取

通过 Docker 登录认证访问私有仓库

专属域名拉取

无需登录使用专属域名

K8s Containerd

Kubernetes 集群配置 Containerd

K3s

K3s 轻量级 Kubernetes 镜像加速

Dev Containers

VS Code Dev Containers 配置

Podman

Podman 容器引擎配置

Singularity/Apptainer

HPC 科学计算容器配置

其他仓库配置

ghcr、Quay、nvcr 等镜像仓库

Harbor 镜像源配置

Harbor Proxy Repository 对接专属域名

Portainer 镜像源配置

Portainer Registries 加速拉取

Nexus 镜像源配置

Nexus3 Docker Proxy 内网缓存

系统配置

Linux

在 Linux 系统配置镜像服务

Windows/Mac

在 Docker Desktop 配置镜像

MacOS OrbStack

MacOS OrbStack 容器配置

Docker Compose

Docker Compose 项目配置

NAS 设备

群晖

Synology 群晖 NAS 配置

飞牛

飞牛 fnOS 系统配置镜像

绿联

绿联 NAS 系统配置镜像

威联通

QNAP 威联通 NAS 配置

极空间

极空间 NAS 系统配置服务

网络设备

爱快路由

爱快 iKuai 路由系统配置

宝塔面板

在宝塔面板一键配置镜像

需要其他帮助？请查看我们的常见问题Docker 镜像访问常见问题解答或提交工单

镜像拉取常见问题

使用与功能问题

配置了专属域名后，docker search 为什么会报错？

docker search 限制

Docker Hub 上有的镜像，为什么在轩辕镜像网站搜不到？

站内搜不到镜像

机器不能直连外网时，怎么用 docker save / load 迁镜像？

离线 save/load

docker pull 拉插件报错（plugin v1+json）怎么办？

插件要用 plugin install

WSL 里 Docker 拉镜像特别慢，怎么排查和优化？

WSL 拉取慢

轩辕镜像安全吗？如何用 digest 校验镜像没被篡改？

安全与 digest

第一次用轩辕镜像拉 Docker 镜像，要怎么登录和配置？

新手拉取配置

轩辕镜像合规吗？轩辕镜像的合规是怎么做的？

镜像合规机制

错误码与失败问题

docker pull 提示 manifest unknown 怎么办？

manifest unknown

docker pull 提示 no matching manifest 怎么办？

no matching manifest（架构）

镜像已拉取完成，却提示 invalid tar header 或 failed to register layer 怎么办？

invalid tar header（解压）

Docker pull 时 HTTPS / TLS 证书验证失败怎么办？

TLS 证书失败

Docker pull 时 DNS 解析超时或连不上仓库怎么办？

DNS 超时

docker 无法连接轩辕镜像域名怎么办？

域名连通性排查

Docker 拉取出现 410 Gone 怎么办？

410 Gone 排查

出现 402 或「流量用尽」提示怎么办？

402 与流量用尽

Docker 拉取提示 UNAUTHORIZED（401）怎么办？

401 认证失败

遇到 429 Too Many Requests（请求太频繁）怎么办？

429 限流

docker login 提示 Cannot autolaunch D-Bus，还算登录成功吗？

D-Bus 凭证提示

为什么会出现「单层超过 20GB」或 413，无法加速拉取？

413 与超大单层

账号 / 计费 / 权限

轩辕镜像免费版和专业版有什么区别？

免费版与专业版区别

轩辕镜像支持哪些 Docker 镜像仓库？

支持的镜像仓库

镜像拉取失败还会不会扣流量？

失败是否计费

麒麟 V10 / 统信 UOS 提示 KYSEC 权限不够怎么办？

KYSEC 拦截脚本

如何在轩辕镜像申请开具发票？

申请开票

怎么修改轩辕镜像的网站登录和仓库登录密码？

修改登录密码

如何注销轩辕镜像账户？要注意什么？

注销账户

配置与原理类

写了 registry-mirrors，为什么还是走官方或仍然报错？

mirrors 不生效

怎么用 docker tag 去掉镜像名里的轩辕域名前缀？

去掉域名前缀

如何拉取指定 CPU 架构的镜像（如 ARM64、AMD64）？

指定架构拉取

用轩辕镜像拉镜像时快时慢，常见原因有哪些？

拉取速度原因

查看全部问题→

用户好评

来自真实用户的反馈，见证轩辕镜像的优质服务

oldzhang

运维工程师

Linux服务器

"Docker访问体验非常流畅，大镜像也能快速完成下载。"

热门搜索:

bitnami/etcd

自动构建

Bitnami Secure Images（VMware Tanzu）

Bitnami Secure Image for etcd是Bitnami公司推出的针对分布式键值存储系统etcd的安全优化镜像，集成预配置安全策略、漏洞防护及合规性验证功能，适用于容器化环境与Kubernetes集群，旨在帮助用户便捷部署、高效管理安全可靠的etcd实例，保障数据一致性、服务发现及配置管理过程中的信息安全，同时简化运维流程并降低潜在安全风险。

203 次收藏下载次数: 0状态：自动构建维护者：Bitnami Secure Images（VMware Tanzu）仓库类型：镜像最近更新：7 个月前

当前 bitnami 安全镜像已不再通过 Docker Hub 免费提供，请使用备份镜像地址。前往新地址

轩辕镜像，不浪费每一次拉取。点击查看

DockerHub 官方简介

轩辕镜像中文简介

标签下载

镜像标签列表与下载命令

轩辕镜像，不浪费每一次拉取。点击查看

Bitnami Secure Image for Etcd

What is Etcd?

etcd is a distributed key-value store designed to securely store data across a cluster. etcd is widely used in production on account of its reliability, fault-tolerance and ease of use.

TL;DR

console
docker run -it --name etcd bitnami/etcd:latest

Why use Bitnami Secure Images?

Hardened secure images of popular open source software with Near-Zero Vulnerabilities
Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores
Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM)
Software supply chain provenance attestation through in-toto
First class support for the internet’s favorite Helm charts

Each image comes with valuable security metadata. You can view the metadata in our public catalog here. Note: Some data is only available with commercial subscriptions to BSI.

!https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details" !https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report"

If you are looking for our previous generation of images based on Debian Linux, please see the https://hub.docker.com/u/bitnamilegacy.

How to deploy Etcd in Kubernetes?

Why use a non-root container?

Supported tags and respective `Dockerfile` links

Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags in our documentation page.

You can see the equivalence between the different tags by taking a look at the tags-info.yaml file present in the branch folder, i.e bitnami/ASSET/BRANCH/DISTRO/tags-info.yaml.

Subscribe to project updates by watching the https://github.com/bitnami/containers.

Please note ARM support in branch 3.4 is experimental/unstable according to https://github.com/etcd-io/website/blob/main/content/en/docs/v3.4/op-guide/supported-platform.md, therefore branch 3.4 is only supported for AMD archs while branch 3.5 supports multiarch (AMD and ARM)

Prerequisites

To run this application you need Docker Engine >= 1.10.0. Docker Compose is recommended with a version 1.6.0 or later.

Get this image

The recommended way to get the Bitnami Etcd Docker Image is to pull the prebuilt image from the https://hub.docker.com/r/bitnami/etcd.

console
docker pull bitnami/etcd:latest

To use a specific version, you can pull a versioned tag. You can view the https://hub.docker.com/r/bitnami/etcd/tags/ in the Docker Hub Registry.

console
docker pull bitnami/etcd:[TAG]

console
git clone https://github.com/bitnami/containers.git
cd bitnami/APP/VERSION/OPERATING-SYSTEM
docker build -t bitnami/APP:latest .

Connecting to other containers

Using Docker container networking, a Etcd server running inside a container can easily be accessed by your application containers using a Etcd client.

Containers attached to the same network can communicate with each other using the container name as the hostname.

Using the Command Line

In this example, we will create a Etcd client instance that will connect to the server instance that is running on the same docker network as the client.

Step 1: Create a network

console
docker network create app-tier --driver bridge

Step 2: Launch the Etcd server instance

Use the --network app-tier argument to the docker run command to attach the Etcd container to the app-tier network.

console
docker run -d --name Etcd-server \
    --network app-tier \
    --publish 2379:2379 \
    --publish 2380:2380 \
    --env ALLOW_NONE_AUTHENTICATION=yes \
    --env ETCD_ADVERTISE_CLIENT_URLS=http://etcd-server:2379 \
    bitnami/etcd:latest

Step 3: Launch your Etcd client instance

Finally we create a new container instance to launch the Etcd client and connect to the server created in the previous step:

console
docker run -it --rm \
    --network app-tier \
    --env ALLOW_NONE_AUTHENTICATION=yes \
    bitnami/etcd:latest etcdctl --endpoints http://etcd-server:2379 put /message Hello

Using a Docker Compose file

yaml
version: '2'

networks:
  app-tier:
    driver: bridge

services:
  Etcd:
    image: bitnami/etcd:latest
    environment:
      - ALLOW_NONE_AUTHENTICATION=yes
      - ETCD_ADVERTISE_CLIENT_URLS=http://etcd:2379
    ports:
      - 2379:2379
      - 2380:2380
    networks:
      - app-tier
  myapp:
    image: YOUR_APPLICATION_IMAGE
    networks:
      - app-tier

IMPORTANT:

Please update the placeholder YOUR_APPLICATION_IMAGE in the above snippet with your application image

In your application container, use the hostname etcd to connect to the Etcd server

Launch the containers using:

console
docker-compose up -d

Configuration

The configuration can easily be setup by mounting your own configuration file on the directory /opt/bitnami/etcd/conf:

console
docker run --name Etcd -v /path/to/Etcd.conf.yml:/opt/bitnami/Etcd/conf/etcd.conf.yml bitnami/etcd:latest

After that, your configuration will be taken into account in the server's behaviour.

You can also do this by changing the https://github.com/bitnami/containers/blob/main/bitnami/etcd/docker-compose.yml file present in this repository:

yaml
Etcd:
  ...
  volumes:
    - /path/to/Etcd.conf.yml:/opt/bitnami/etcd/conf/etcd.conf.yml
  ...

You can find a sample configuration file on this https://github.com/coreos/etcd/blob/master/etcd.conf.yml.sample

Environment variables

Apart from providing your custom configuration file, you can also modify the server behavior via configuration as environment variables.

Customizable environment variables

Name	Description	Default Value
`ETCD_SNAPSHOTS_DIR`	etcd snaphots directory (used on "disaster recovery" feature).	`/snapshots`
`ETCD_SNAPSHOT_HISTORY_LIMIT`	etcd snaphots history limit.	`1`
`ETCD_INIT_SNAPSHOTS_DIR`	etcd init snaphots directory (used on "init from snapshot" feature).	`/init-snapshot`
`ALLOW_NONE_AUTHENTICATION`	Allow accessing etcd without any password.	`no`
`ETCD_ROOT_PASSWORD`	Password for the etcd root user.	`nil`
`ETCD_CLUSTER_DOMAIN`	Domain to use to discover other etcd members.	`nil`
`ETCD_START_FROM_SNAPSHOT`	Whether etcd should start from an existing snapshot or not.	`no`
`ETCD_DISASTER_RECOVERY`	Whether etcd should try or not to recover from snapshots when the cluste disastrously fails.	`no`
`ETCD_ON_K8S`	Whether etcd is running on a K8s environment or not.	`no`
`ETCD_INIT_SNAPSHOT_FILENAME`	Existing snapshot filename to start the etcd cluster from.	`nil`
`ETCD_PREUPGRADE_START_DELAY`	Optional delay before starting the pre-upgrade hook (in seconds).	`nil`
`ETCD_NAME`	etcd member name.	`nil`
`ETCD_LOG_LEVEL`	etcd log level.	`info`
`ETCD_LISTEN_CLIENT_URLS`	List of URLs to listen on for client traffic.	`http://0.0.0.0:2379`
`ETCD_ADVERTISE_CLIENT_URLS`	List of this member client URLs to advertise to the rest of the cluster.	`http://127.0.0.1:2379`
`ETCD_INITIAL_CLUSTER`	Initial list of members to bootstrap a cluster.	`nil`
`ETCD_LISTEN_PEER_URLS`	List of URLs to listen on for peers traffic.	`nil`
`ETCD_INITIAL_ADVERTISE_PEER_URLS`	List of this member peer URLs to advertise to the rest of the cluster while bootstrapping.	`nil`
`ETCD_INITIAL_CLUSTER_TOKEN`	Unique initial cluster token used for bootstrapping.	`nil`
`ETCD_AUTO_TLS`	Use generated certificates for TLS communications with clients.	`false`
`ETCD_CERT_FILE`	Path to the client server TLS cert file.	`nil`
`ETCD_KEY_FILE`	Path to the client server TLS key file.	`nil`
`ETCD_TRUSTED_CA_FILE`	Path to the client server TLS trusted CA cert file.	`nil`
`ETCD_CLIENT_CERT_AUTH`	Enable client cert authentication	`false`
`ETCD_PEER_AUTO_TLS`	Use generated certificates for TLS communications with peers.	`false`
`ETCD_EXTRA_AUTH_FLAGS`	Comma separated list of authentication flags to append to etcdctl	`nil`

Read-only environment variables

Name	Description	Value
`ETCD_BASE_DIR`	etcd installation directory.	`/opt/bitnami/etcd`
`ETCD_VOLUME_DIR`	Persistence base directory.	`/bitnami/etcd`
`ETCD_BIN_DIR`	etcd executables directory.	`${ETCD_BASE_DIR}/bin`
`ETCD_DATA_DIR`	etcd data directory.	`${ETCD_VOLUME_DIR}/data`
`ETCD_CONF_DIR`	etcd configuration directory.	`${ETCD_BASE_DIR}/conf`
`ETCD_DEFAULT_CONF_DIR`	etcd default configuration directory.	`${ETCD_BASE_DIR}/conf.default`
`ETCD_TMP_DIR`	Directory where ETCD temporary files are stored.	`${ETCD_BASE_DIR}/tmp`
`ETCD_CONF_FILE`	ETCD configuration file.	`${ETCD_CONF_DIR}/etcd.yaml`
`ETCD_NEW_MEMBERS_ENV_FILE`	File containining the etcd environment to use after adding a member.	`${ETCD_DATA_DIR}/new_member_envs`
`ETCD_DAEMON_USER`	etcd system user name.	`etcd`
`ETCD_DAEMON_GROUP`	etcd system user group.	`etcd`

Additionally, you can configure etcd using the upstream env variables here

FIPS configuration in Bitnami Secure Images

OPENSSL_FIPS: whether OpenSSL runs in FIPS mode or not. yes (default), no.

Notable Changes

3.5.17-debian-12-r4

Drop support for non-Helm cluster deployment. Upgrading of any kind including increasing replica count must also be done with helm upgrade exclusively. CD automation tools that respect Helm hooks such as ArgoCD can also be used.
Remove prestop.sh script. Hence, container should no longer define lifecycle prestop hook.
Add preupgrade.sh script which should be run as a pre-upgrade Helm hook. This replaces the prestop hook as a more reliable mechanism to remove stale members when replica count is decreased.
Stop storing member ID in a local file which is unreliable. The container now check the member ID from the data dir instead.
Stop storing/checking for member removal from a local file. The container now check with other members in the cluster instead.

3.4.15-debian-10-r7

The container now contains the needed logic to deploy the Etcd container on Kubernetes using the https://github.com/bitnami/charts/tree/master/bitnami/etcd.

3.4.13-debian-10-r7

Arbitrary user ID(s) are supported again, see https://github.com/etcd-io/etcd/issues/*** for more information abut the changes in the upstream source code

3.4.10-debian-10-r0

Arbitrary user ID(s) when running the container with a non-privileged user are not supported (only 1001 UID is allowed).

Further documentation

For further documentation, please check Etcd documentation or its https://github.com/coreos/etcd

Using `docker-compose.yaml`

If you detect any issue in the docker-compose.yaml file, feel free to report it or contribute with a fix by following our https://github.com/bitnami/containers/blob/main/CONTRIBUTING.md.

Contributing

Issues

If you encountered a problem running this container, you can file an https://github.com/bitnami/containers/issues/new/choose. For us to provide better support, be sure to fill the issue template.

License

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

<[***]>

Deployment & Usage Documentation

重要公告：Bitnami 部分镜像 Docker Hub 免费获取通道变更，替代拉取方案看这篇就够了

镜像拉取方式

您可以使用以下命令拉取该镜像。请将 <标签> 替换为具体的标签版本。如需查看所有可用标签版本，请访问标签列表页面。

轩辕镜像加速拉取命令点我查看更多 etcd 镜像标签

docker pull docker.xuanyuan.run/bitnami/etcd:<标签>

使用方法：

DockerHub 原生拉取命令

docker pull bitnami/etcd:<标签>

轩辕镜像配置手册

探索更多轩辕镜像的使用方法，找到最适合您系统的配置方式

Docker 配置

登录仓库拉取

通过 Docker 登录认证访问私有仓库

专属域名拉取

无需登录使用专属域名

K8s Containerd

Kubernetes 集群配置 Containerd

K3s

K3s 轻量级 Kubernetes 镜像加速

Dev Containers

VS Code Dev Containers 配置

Podman

Podman 容器引擎配置

Singularity/Apptainer

HPC 科学计算容器配置

其他仓库配置

ghcr、Quay、nvcr 等镜像仓库

Harbor 镜像源配置

Harbor Proxy Repository 对接专属域名

Portainer 镜像源配置

Portainer Registries 加速拉取

Nexus 镜像源配置

Nexus3 Docker Proxy 内网缓存

系统配置

Linux

在 Linux 系统配置镜像服务

Windows/Mac

在 Docker Desktop 配置镜像

MacOS OrbStack

MacOS OrbStack 容器配置

Docker Compose

Docker Compose 项目配置

NAS 设备

群晖

Synology 群晖 NAS 配置

飞牛

飞牛 fnOS 系统配置镜像

绿联

绿联 NAS 系统配置镜像

威联通

QNAP 威联通 NAS 配置

极空间

极空间 NAS 系统配置服务

网络设备

爱快路由

爱快 iKuai 路由系统配置

宝塔面板

在宝塔面板一键配置镜像

需要其他帮助？请查看我们的常见问题Docker 镜像访问常见问题解答或提交工单

镜像拉取常见问题

使用与功能问题

配置了专属域名后，docker search 为什么会报错？

docker search 限制

Docker Hub 上有的镜像，为什么在轩辕镜像网站搜不到？

站内搜不到镜像

机器不能直连外网时，怎么用 docker save / load 迁镜像？

离线 save/load

docker pull 拉插件报错（plugin v1+json）怎么办？

插件要用 plugin install

WSL 里 Docker 拉镜像特别慢，怎么排查和优化？

WSL 拉取慢

轩辕镜像安全吗？如何用 digest 校验镜像没被篡改？

安全与 digest

第一次用轩辕镜像拉 Docker 镜像，要怎么登录和配置？

新手拉取配置

轩辕镜像合规吗？轩辕镜像的合规是怎么做的？

镜像合规机制

错误码与失败问题

docker pull 提示 manifest unknown 怎么办？

manifest unknown

docker pull 提示 no matching manifest 怎么办？

no matching manifest（架构）

镜像已拉取完成，却提示 invalid tar header 或 failed to register layer 怎么办？

invalid tar header（解压）

Docker pull 时 HTTPS / TLS 证书验证失败怎么办？

TLS 证书失败

Docker pull 时 DNS 解析超时或连不上仓库怎么办？

DNS 超时

docker 无法连接轩辕镜像域名怎么办？

域名连通性排查

Docker 拉取出现 410 Gone 怎么办？

410 Gone 排查

出现 402 或「流量用尽」提示怎么办？

402 与流量用尽

Docker 拉取提示 UNAUTHORIZED（401）怎么办？

401 认证失败

遇到 429 Too Many Requests（请求太频繁）怎么办？

429 限流

docker login 提示 Cannot autolaunch D-Bus，还算登录成功吗？

D-Bus 凭证提示

为什么会出现「单层超过 20GB」或 413，无法加速拉取？

413 与超大单层

账号 / 计费 / 权限

轩辕镜像免费版和专业版有什么区别？

免费版与专业版区别

轩辕镜像支持哪些 Docker 镜像仓库？

支持的镜像仓库

镜像拉取失败还会不会扣流量？

失败是否计费

麒麟 V10 / 统信 UOS 提示 KYSEC 权限不够怎么办？

KYSEC 拦截脚本

如何在轩辕镜像申请开具发票？

申请开票

怎么修改轩辕镜像的网站登录和仓库登录密码？

修改登录密码

如何注销轩辕镜像账户？要注意什么？

注销账户

配置与原理类

写了 registry-mirrors，为什么还是走官方或仍然报错？

mirrors 不生效

怎么用 docker tag 去掉镜像名里的轩辕域名前缀？

去掉域名前缀

如何拉取指定 CPU 架构的镜像（如 ARM64、AMD64）？

指定架构拉取

用轩辕镜像拉镜像时快时慢，常见原因有哪些？

拉取速度原因

查看全部问题→

用户好评

来自真实用户的反馈，见证轩辕镜像的优质服务

oldzhang

运维工程师

Linux服务器

"Docker访问体验非常流畅，大镜像也能快速完成下载。"

bitnami/etcd

Bitnami Secure Image for Etcd

What is Etcd?

TL;DR

Why use Bitnami Secure Images?

How to deploy Etcd in Kubernetes?

Why use a non-root container?

Supported tags and respective Dockerfile links

Prerequisites

Get this image

Connecting to other containers

Using the Command Line

Using a Docker Compose file

Configuration

Environment variables

FIPS configuration in Bitnami Secure Images

Notable Changes

3.5.17-debian-12-r4

3.4.15-debian-10-r7

3.4.13-debian-10-r7

3.4.10-debian-10-r0

Further documentation

Using docker-compose.yaml

Contributing

Issues

License

更多相关 Docker 镜像与资源

Deployment & Usage Documentation

重要公告：Bitnami 部分镜像 Docker Hub 免费获取通道变更，替代拉取方案看这篇就够了

镜像拉取方式

轩辕镜像加速拉取命令点我查看更多 etcd 镜像标签

DockerHub 原生拉取命令

更多 etcd 镜像推荐

bitnamicharts/etcd

rancher/etcd

openeuler/etcd

dyrnq/etcd

ibmcom/etcd

kubesphere/etcd

查看更多 etcd 相关镜像

轩辕镜像配置手册

Docker 配置

登录仓库拉取

专属域名拉取

K8s Containerd

K3s

Dev Containers

Podman

Singularity/Apptainer

其他仓库配置

Harbor 镜像源配置

Portainer 镜像源配置

Nexus 镜像源配置

系统配置

Linux

Windows/Mac

MacOS OrbStack

Docker Compose

NAS 设备

群晖

飞牛

绿联

威联通

极空间

网络设备

爱快路由

宝塔面板

镜像拉取常见问题

使用与功能问题

配置了专属域名后，docker search 为什么会报错？

Docker Hub 上有的镜像，为什么在轩辕镜像网站搜不到？

机器不能直连外网时，怎么用 docker save / load 迁镜像？

docker pull 拉插件报错（plugin v1+json）怎么办？

WSL 里 Docker 拉镜像特别慢，怎么排查和优化？

轩辕镜像安全吗？如何用 digest 校验镜像没被篡改？

第一次用轩辕镜像拉 Docker 镜像，要怎么登录和配置？

轩辕镜像合规吗？轩辕镜像的合规是怎么做的？

错误码与失败问题

docker pull 提示 manifest unknown 怎么办？

docker pull 提示 no matching manifest 怎么办？

Supported tags and respective `Dockerfile` links

Using `docker-compose.yaml`

Supported tags and respective `Dockerfile` links

Using `docker-compose.yaml`