This page describes the clients that use etcd in the WMF stack.
Pybal watches the $conftool_prefix/pools/$::site/$::cluster/service-name keyspace for each pool it's configured for, and reacts to changes there by reloading its configuration.
The client supports https but no authentication and is purely read-only; it also doesn't support SRV records, so a specific server must always be specified.
Confd is an agent that is intended to be a bridge between etcd and any application that cannot speak to it directly. It can speak HTTPS and supports use of SRV records for client connections. It has the ability to watch a set of keys, or a single one, or to just query etcd at regular intervals. It is used for the following softwares:
- Varnish: used to handle the lists of backend directors. Varnish reloads its config upon upgrades
- DNS: it is used to manage the up/down state of IPs from eqiad/codfw for dns discovery. gdnsd watches the files and reacts to the changes.
- Redis: used to handle the replication direction. Uses the same record we use for discovery.
It's the only tool that actually is authorized to write to etcd. It supports authentication, https, SRV records.
There's also dbctl, an extension to conftool used to manage MW's view of databases.