vtctld
vtctld #
The Vitess cluster management daemon.
Synopsis #
vtctld provides web and gRPC interfaces to manage a single Vitess cluster. It is usually the first Vitess component to be started after a valid global topology service has been created.
For the last several releases, vtctld has been transitioning to a newer gRPC service for well-typed cluster management requests. This is required to use programs such as vtadmin and vtctldclient, and The old API and service are deprecated and will be removed in a future release. To enable this newer service, include "grpc-vtctld" in the --service-map argument. This is demonstrated in the example usage below.
vtctld [flags]
Examples #
vtctld \
--topo-implementation etcd2 \
--topo-global-server-address localhost:2379 \
--topo-global-root /vitess/ \
--service-map 'grpc-vtctl,grpc-vtctld' \
--backup-storage-implementation file \
--file-backup-storage-root $VTDATAROOT/backups \
--port 15000 \
--grpc-port 15999
Options #
--action-timeout duration time to wait for an action before resorting to force (default 1m0s)
--alsologtostderr log to standard error as well as files
--azblob-backup-account-key-file string Path to a file containing the Azure Storage account key; if this flag is unset, the environment variable VT_AZBLOB_ACCOUNT_KEY will be used as the key itself (NOT a file path).
--azblob-backup-account-name string Azure Storage Account name for backups; if this flag is unset, the environment variable VT_AZBLOB_ACCOUNT_NAME will be used.
--azblob-backup-buffer-size int The memory buffer size to use in bytes, per file or stripe, when streaming to Azure Blob Service. (default 104857600)
--azblob-backup-container-name string Azure Blob Container Name.
--azblob-backup-parallelism int Azure Blob operation parallelism (requires extra memory when increased -- a multiple of azblob-backup-buffer-size). (default 1)
--azblob-backup-storage-root string Root prefix for all backup-related Azure Blobs; this should exclude both initial and trailing '/' (e.g. just 'a/b' not '/a/b/').
--backup-engine-implementation string Specifies which implementation to use for creating new backups (builtin or xtrabackup). Restores will always be done with whichever engine created a given backup. (default "builtin")
--backup-storage-block-size int if backup-storage-compress is true, backup-storage-block-size sets the byte size for each block while compressing (default is 250000). (default 250000)
--backup-storage-compress if set, the backup files will be compressed. (default true)
--backup-storage-implementation string Which backup storage implementation to use for creating and restoring backups.
--backup-storage-number-blocks int if backup-storage-compress is true, backup-storage-number-blocks sets the number of blocks that can be processed, in parallel, before the writer blocks, during compression (default is 2). It should be equal to the number of CPUs available for compression. (default 2)
--bind-address string Bind address for the server. If empty, the server will listen on all available unicast and anycast IP addresses of the local system.
--builtinbackup-file-read-buffer-size uint read files using an IO buffer of this many bytes. Golang defaults are used when set to 0.
--builtinbackup-file-write-buffer-size uint write files using an IO buffer of this many bytes. Golang defaults are used when set to 0. (default 2097152)
--builtinbackup-incremental-restore-path string the directory where incremental restore files, namely binlog files, are extracted to. In k8s environments, this should be set to a directory that is shared between the vttablet and mysqld pods. The path should exist. When empty, the default OS temp dir is assumed.
--builtinbackup-mysqld-timeout duration how long to wait for mysqld to shutdown at the start of the backup. (default 10m0s)
--builtinbackup-progress duration how often to send progress updates when backing up large files. (default 5s)
--catch-sigpipe catch and ignore SIGPIPE on stdout and stderr if specified
--cell string cell to use
--ceph-backup-storage-config string Path to JSON config file for ceph backup storage. (default "ceph_backup_config.json")
--config-file string Full path of the config file (with extension) to use. If set, --config-path, --config-type, and --config-name are ignored.
--config-file-not-found-handling ConfigFileNotFoundHandling Behavior when a config file is not found. (Options: error, exit, ignore, warn) (default warn)
--config-name string Name of the config file (without extension) to search for. (default "vtconfig")
--config-path strings Paths to search for config files in. (default [<WORKDIR>])
--config-persistence-min-interval duration minimum interval between persisting dynamic config changes back to disk (if no change has occurred, nothing is done). (default 1s)
--config-type string Config file type (omit to infer config type from file extension).
--consul-auth-static-file string JSON File to read the topos/tokens from.
--datadog-agent-host string host to send spans to. if empty, no tracing will be done
--datadog-agent-port string port to send spans to. if empty, no tracing will be done
--datadog-trace-debug-mode enable debug mode for datadog tracing
--disable-active-reparents if set, do not allow active reparents. Use this to protect a cluster using external reparents.
--emit-stats If set, emit stats to push-based monitoring and stats backends
--file-backup-storage-root string Root directory for the file backup storage.
--gcs-backup-storage-bucket string Google Cloud Storage bucket to use for backups.
--gcs-backup-storage-root string Root prefix for all backup-related object names.
--grpc-auth-mode string Which auth plugin implementation to use (eg: static)
--grpc-auth-mtls-allowed-substrings string List of substrings of at least one of the client certificate names (separated by colon).
--grpc-auth-static-client-creds string When using grpc_static_auth in the server, this file provides the credentials to use to authenticate with server.
--grpc-auth-static-password-file string JSON File to read the users/passwords from.
--grpc-bind-address string Bind address for gRPC calls. If empty, listen on all addresses.
--grpc-ca string server CA to use for gRPC connections, requires TLS, and enforces client certificate check
--grpc-cert string server certificate to use for gRPC connections, requires grpc-key, enables TLS
--grpc-compression string Which protocol to use for compressing gRPC. Default: nothing. Supported: snappy
--grpc-crl string path to a certificate revocation list in PEM format, client certificates will be further verified against this file during TLS handshake
--grpc-dial-concurrency-limit int Maximum concurrency of grpc dial operations. This should be less than the golang max thread limit of 10000. (default 1024)
--grpc-enable-optional-tls enable optional TLS mode when a server accepts both TLS and plain-text connections on the same port
--grpc-enable-orca-metrics gRPC server option to enable sending ORCA metrics to clients for load balancing
--grpc-enable-tracing Enable gRPC tracing.
--grpc-initial-conn-window-size int gRPC initial connection window size
--grpc-initial-window-size int gRPC initial window size
--grpc-keepalive-time duration After a duration of this time, if the client doesn't see any activity, it pings the server to see if the transport is still alive. (default 10s)
--grpc-keepalive-timeout duration After having pinged for keepalive check, the client waits for a duration of Timeout and if no activity is seen even after that the connection is closed. (default 10s)
--grpc-key string server private key to use for gRPC connections, requires grpc-cert, enables TLS
--grpc-max-connection-age duration Maximum age of a client connection before GoAway is sent. (default 2562047h47m16.854775807s)
--grpc-max-connection-age-grace duration Additional grace period after grpc-max-connection-age, after which connections are forcibly closed. (default 2562047h47m16.854775807s)
--grpc-max-message-size int Maximum allowed RPC message size. Larger messages will be rejected by gRPC with the error 'exceeding the max size'. (default 16777216)
--grpc-port int Port to listen on for gRPC calls. If zero, do not listen.
--grpc-prometheus Enable gRPC monitoring with Prometheus.
--grpc-server-ca string path to server CA in PEM format, which will be combine with server cert, return full certificate chain to clients
--grpc-server-initial-conn-window-size int gRPC server initial connection window size
--grpc-server-initial-window-size int gRPC server initial window size
--grpc-server-keepalive-enforcement-policy-min-time duration gRPC server minimum keepalive time (default 10s)
--grpc-server-keepalive-enforcement-policy-permit-without-stream gRPC server permit client keepalive pings even when there are no active streams (RPCs)
--grpc-server-keepalive-time duration After a duration of this time, if the server doesn't see any activity, it pings the client to see if the transport is still alive. (default 10s)
--grpc-server-keepalive-timeout duration After having pinged for keepalive check, the server waits for a duration of Timeout and if no activity is seen even after that the connection is closed. (default 10s)
-h, --help help for vtctld
--jaeger-agent-host string host and port to send spans to. if empty, no tracing will be done
--keep-logs duration keep logs for this long (using ctime) (zero to keep forever)
--keep-logs-by-mtime duration keep logs for this long (using mtime) (zero to keep forever)
--lameduck-period duration keep running at least this long after SIGTERM before stopping (default 50ms)
--lock-timeout duration Maximum time to wait when attempting to acquire a lock from the topo server (default 45s)
--log-err-stacks log stack traces for errors
--log-rotate-max-size uint size in bytes at which logs are rotated (glog.MaxSize) (default 1887436800)
--log-backtrace-at traceLocations when logging hits line file:N, emit a stack trace
--log-dir string If non-empty, write log files in this directory
--logtostderr log to standard error instead of files
--max-stack-size int configure the maximum stack size in bytes (default 67108864)
--mysql-server-version string MySQL server version to advertise. (default "8.4.6-Vitess")
--onclose-timeout duration wait no more than this for OnClose handlers before stopping (default 10s)
--onterm-timeout duration wait no more than this for OnTermSync handlers before stopping (default 10s)
--opentsdb-uri string URI of opentsdb /api/put method
--pid-file string If set, the process will write its pid to the named file, and delete it on graceful shutdown.
--port int port for the server
--pprof strings enable profiling
--pprof-http enable pprof http endpoints
--proxy-tablets Setting this true will make vtctld proxy the tablet status instead of redirecting to them
--purge-logs-interval duration how often try to remove old logs (default 1h0m0s)
--remote-operation-timeout duration time to wait for a remote operation (default 15s)
--s3-backup-aws-endpoint string endpoint of the S3 backend (region must be provided).
--s3-backup-aws-min-partsize int Minimum part size to use, defaults to 5MiB but can be increased due to the dataset size. (default 5242880)
--s3-backup-aws-region string AWS region to use. (default "us-east-1")
--s3-backup-aws-retries int AWS request retries. (default -1)
--s3-backup-force-path-style force the s3 path style.
--s3-backup-log-level string determine the S3 loglevel to use from LogOff, LogDebug, LogDebugWithSigning, LogDebugWithHTTPBody, LogDebugWithRequestRetries, LogDebugWithRequestErrors. (default "LogOff")
--s3-backup-server-side-encryption string server-side encryption algorithm (e.g., AES256, aws:kms, sse_c:/path/to/key/file).
--s3-backup-storage-bucket string S3 bucket to use for backups.
--s3-backup-storage-root string root prefix for all backup-related object names.
--s3-backup-tls-skip-verify-cert skip the 'certificate is valid' check for SSL connections.
--schema-change-check-interval duration How often the schema change dir is checked for schema changes. This value must be positive; if zero or lower, the default of 1m is used. (default 1m0s)
--schema-change-controller string Schema change controller is responsible for finding schema changes and responding to schema change events.
--schema-change-dir string Directory containing schema changes for all keyspaces. Each keyspace has its own directory, and schema changes are expected to live in '$KEYSPACE/input' dir. (e.g. 'test_keyspace/input/*sql'). Each sql file represents a schema change.
--schema-change-replicas-timeout duration How long to wait for replicas to receive a schema change. (default 10s)
--schema-change-user string The user who schema changes are submitted on behalf of.
--security-policy string the name of a registered security policy to use for controlling access to URLs - empty means allow all for anyone (built-in policies: deny-all, read-only)
--service-map strings comma separated list of services to enable (or disable if prefixed with '-') Example: grpc-queryservice
--sql-max-length-errors int truncate queries in error logs to the given length (default unlimited)
--sql-max-length-ui int truncate queries in debug UIs to the given length (default 512) (default 512)
--stats-backend string The name of the registered push-based monitoring/stats backend to use
--stats-combine-dimensions string List of dimensions to be combined into a single "all" value in exported stats vars
--stats-common-tags strings Comma-separated list of common tags for the stats backend. It provides both label and values. Example: label1:value1,label2:value2
--stats-drop-variables string Variables to be dropped from the list of exported variables.
--stats-emit-period duration Interval between emitting stats to all registered backends (default 1m0s)
--stderrthreshold severityFlag logs at or above this threshold go to stderr (default 1)
--table-refresh-interval int interval in milliseconds to refresh tables in status page with refreshRequired class
--tablet-dir string The directory within the vtdataroot to store vttablet/mysql files. Defaults to being generated by the tablet uid.
--tablet-grpc-ca string the server ca to use to validate servers when connecting
--tablet-grpc-cert string the cert to use to connect
--tablet-grpc-crl string the server crl to use to validate server certificates when connecting
--tablet-grpc-key string the key to use to connect
--tablet-grpc-server-name string the server name to use to validate server certificate
--tablet-health-keep-alive duration close streaming tablet health connection if there are no requests for this long (default 5m0s)
--tablet-manager-grpc-ca string the server ca to use to validate servers when connecting
--tablet-manager-grpc-cert string the cert to use to connect
--tablet-manager-grpc-concurrency int concurrency to use to talk to a vttablet server for performance-sensitive RPCs (like ExecuteFetchAs{Dba,App}, CheckThrottler and FullStatus) (default 8)
--tablet-manager-grpc-connpool-size int number of tablets to keep tmclient connections open to (default 100)
--tablet-manager-grpc-crl string the server crl to use to validate server certificates when connecting
--tablet-manager-grpc-key string the key to use to connect
--tablet-manager-grpc-server-name string the server name to use to validate server certificate
--tablet-manager-protocol string Protocol to use to make tabletmanager RPCs to vttablets. (default "grpc")
--tablet-protocol string Protocol to use to make queryservice RPCs to vttablets. (default "grpc")
--tablet-refresh-interval duration Tablet refresh interval. (default 1m0s)
--tablet-refresh-known-tablets Whether to reload the tablet's address/port map from topo in case they change. (default true)
--tablet-url-template string Format string describing debug tablet url formatting. See getTabletDebugURL() for how to customize this. (default "http://{{.GetTabletHostPort}}")
--topo-consul-lock-delay duration LockDelay for consul session. (default 15s)
--topo-consul-lock-session-checks string List of checks for consul session. (default "serfHealth")
--topo-consul-lock-session-ttl string TTL for consul session.
--topo-consul-watch-poll-duration duration time of the long poll for watch queries. (default 30s)
--topo-etcd-lease-ttl int Lease TTL for locks and leader election. The client will use KeepAlive to keep the lease going. (default 30)
--topo-etcd-tls-ca string path to the ca to use to validate the server cert when connecting to the etcd topo server
--topo-etcd-tls-cert string path to the client cert to use to connect to the etcd topo server, requires topo-etcd-tls-key, enables TLS
--topo-etcd-tls-key string path to the client key to use to connect to the etcd topo server, enables TLS
--topo-global-root string the path of the global topology data in the global topology server
--topo-global-server-address string the address of the global topology server
--topo-implementation string the topology implementation to use
--topo-read-concurrency int Maximum concurrency of topo reads per global or local cell. (default 32)
--topo-zk-auth-file string auth to use when connecting to the zk topo server, file contents should be <scheme>:<auth>, e.g., digest:user:pass
--topo-zk-base-timeout duration zk base timeout (see zk.Connect) (default 30s)
--topo-zk-max-concurrency int maximum number of pending requests to send to a Zookeeper server. (default 64)
--topo-zk-tls-ca string the server ca to use to validate servers when connecting to the zk topo server
--topo-zk-tls-cert string the cert to use to connect to the zk topo server, requires topo-zk-tls-key, enables TLS
--topo-zk-tls-key string the key to use to connect to the zk topo server, enables TLS
--tracer string tracing service to use (default "noop")
--tracing-enable-logging whether to enable logging in the tracing service
--tracing-sampling-rate float sampling rate for the probabilistic jaeger sampler (default 0.1)
--tracing-sampling-type string sampling strategy to use for jaeger. possible values are 'const', 'probabilistic', 'rateLimiting', or 'remote' (default "const")
--v Level log level for V logs
-v, --version print binary version
--vmodule vModuleFlag comma-separated list of pattern=N settings for file-filtered logging
--vtctld-sanitize-log-messages When true, vtctld sanitizes logging.