Etcd Monitoring Now Available in UpGuard

Last updated by UpGuard on April 30, 2018

scroll down

Containers are all the rage these days, and for good reason: technologies such as Docker and CoreOS drastically simplify the packaging and shipping of applications, enabling them to scale without additional hardware or virtual machines. But with these benefits come issues related to management overhead and complexity—namely, how can developers quickly achieve visibility and validate configurations across distributed container clusters? The answer is with UpGuard's new etcd monitoring capabilities. 

What is etcd?

Etcd—short for "/etc distributed"—is an open source distributed key-value store developed for CoreOS. Its name is a play on the "/etc" directory, where most of the system configuration files live on UNIX machines. Etcd extends this notion to distributed systems, offering a reliable mechanism to store data (e.g., configurations) across a cluster of machines.

start managing configs with upguard

Though initially designed for CoreOS clusters, etcd has been adopted by a myriad of cluster management solutions. Kubernetes—Google's container cluster manager for Docker—is built on top of etcd. Apache Mesos, Pivotal Cloud Foundry, Fleet, and over 500 GitHub projects also use it for service discovery, cluster coordination, and shared configuration and state management.

Etcd enables the discovery and management of state/configurations across all nodes in a cluster, serving as the single source of truth for maintaining integrity in distributed systems. A common use case involves using it to store database connection settings. In this scenario, an application's database backend is contained as a microservice with connection settings stored in etcd. The application can then be set to monitor the database container instances and dynamically reconfigure them if the need arises.

How does UpGuard monitor etcd keys?

As mentioned previously, etcd stores configuration data in key/value pairs. UpGuard monitors and ingests these configuration items like any other IT assets in the environment. Once captured by our platform, configurations can be diffed for inconsistencies and automatically monitored for policy deviations and unauthorized changes.

UpGuard etcd scanning

The platform's single pane of glass view makes spotting inconsistencies and misconfigurations across distributed systems a trivial affair. Clicking on an etcd key name displays its value on the right-hand side.

UpGuard etcd scanning - keys

Why does this matter?

Modern organizations offering highly-available, mission critical applications and services require innovations like CoreOS, Docker, and Kubernetes to remain competitive. These technologies invariably add more moving parts and infrastructure complexity to the mix. And up until now, IT operations had no easy way to gain visibility into how their CoreOS or Kubernetes clusters were configured. Using UpGuard's new etcd monitoring capabilities, organizations can eliminate this opaqueness with full visibility into container configurations—where critical differences are, what changes have been made over time, and more. Our platform enables forward-thinking organizations to adopt cutting-edge technologies like Docker/Kubernetes and CoreOS without sacrificing control of their IT environments. 

get started with etcd and upguard

Related posts

Learn more about the latest issues in cybersecurity