1. Transaction Manager for Microservices Developer Guide
  2. Install on Docker Swarm
  3. Update YAML files with etcd Details

B.6 Update YAML files with etcd Details

You must provide etcd credentials and etcd endpoints in the YAML files for the transaction coordinator. MicroTx uses this information to establish a connection to etcd after the service is installed.

Skip this step if you are not using etcd to store the transaction logs of MicroTx.

Before you begin, generate RSA certificates for server and client. Create a JSON file with the contents of the generated certificates. See Generate RSA Certificates for etcd.

To create Docker secret with details to access etcd:
  1. Update the tcs-docker-swarm.yaml file, provide the etcd endpoint, path to the credentials for etcd, and path to the RSA certificates for etcd. The following code snippet provides sample values used in Generate RSA Certificates for etcd. Replace these sample values with the actual values in your environment.
    storage:
  type: etcd
  etcd:
    endpoints: https://etcd:2379
    credentialsFilePath: "/app/etcd/etcdecred.json"
    cacertFilePath: "/app/etcd/ca.pem"
    skipHostNameVerification: false

    For reference information about each field, see Transaction Store Properties.

  2. Update the tcs-stack-compose.yaml file with details about etcd under services.

    Sample values

    The following code snippet provides sample values used in Generate RSA Certificates for etcd and it considers that etcd and the transaction coordinator are in the same network in a Docker Swarm.

    Replace these sample values with the actual values in your environment.

    services:
  etcd:
    image: "bitnami/etcd"
    ports:
      - "2379:2379"
      - "2380:2380"
    volumes:
      - <PATH_TO_CFSSL_DIRECTORY>/cfssl:/etcdssl
    environment:
      - ETCD_ROOT_PASSWORD=password
      - ETCD_CERT_FILE=/etcdssl/server.pem
      - ETCD_KEY_FILE=/etcdssl/server-key.pem
      - ETCD_LISTEN_CLIENT_URLS=https://0.0.0.0:2379
      - ETCD_ADVERTISE_CLIENT_URLS=https://127.0.0.1:2379

    Where,

    • image is the path to the etcd image file.
    • ports are the ports through which etcd communicates with the transaction coordinator.
    • volumes is the unique path to the etcd volume in Docker Swarm. Each service in Docker Swarm uses its own volume. MicroTx creates this volume during the installation process and copies the certificate files from your local directory to the volume. Specify the name in the following format: <absolute_path_to_certificate_directory_in_your_local_machine>:/<unique_name_of_etcd_volume>. For example, <PATH_TO_CFSSL_DIRECTORY>/cfssl:/etcdssl.
    • ETCD_ROOT_PASSWORD is an environment variable required by etcd. It is the password to access etcd.
    • ETCD_CERT_FILE is an environment variable required by etcd. It is the path to the server public key file in the etcd service volume in Docker Swarm. Specify the name in the following format: <unique_name_of_etcd_volume>/<name_of_server_certificate>. For example, /etcdssl/server.pem.
    • ETCD_KEY_FILE is an environment variable required by etcd. It is the path to the server private key file in the etcd service volume in Docker Swarm. Specify the name in the following format: <unique_name_of_etcd_volume>/<name_of_server_private_key_file>. For example, /etcdssl/server-key.pem.
    • ETCD_LISTEN_CLIENT_URLS is an environment variable required by etcd. Specify the value in the following format: <etcd_IP_address>/<etcd_port>. For example, https://0.0.0.0:2379 if etcd and the transaction coordinator are in the same network in Docker Swarm. In case, you have set up etcd is a separate network, specify the IP address of etcd. 2379 is the port used for communication with etcd. You have specified the ports that etcd uses under ports.
    • ETCD_ADVERTISE_CLIENT_URLS= is an environment variable required by etcd. Specify the value in the following format: <etcd_IP_address>/<etcd_port>. For example, https://127.0.0.1:2379. In case, you have set up etcd is a separate network, specify the IP address of etcd in place of 127.0.0.1. 2379 is the port used for communication with etcd. You have specified the ports that etcd uses under ports.
  3. Add details about the absolute path to the directory that contains the certificates under otmm-tcs in the tcs-stack-compose.yaml file.
    The following sample code shows a snippet of the entries under otmm-tcs.
    otmm-tcs:
   volumes:
     - <PATH_TO_CFSSL_DIRECTORY>/cfssl:/app/etcd

    Where, /app/etcd is the unique path to the transaction coordinator volume in Docker Swarm. Each service in Docker Swarm uses its own volume. MicroTx creates this volume during the installation process, and then copies the certificate files from your local directory to the volume. Specify the name in the following format: <absolute_path_to_certificate_directory_in_your_local_machine>:/<unique_name_of_transaction_coordinator_volume>. For example, <PATH_TO_CFSSL_DIRECTORY>/cfssl:/app/etcd.

  4. Save the changes.

Parent topic: Install on Docker Swarm