We’re kicking off our first project spotlight with etcd, which recently completed a security audit with Jepsen.
A CNCF incubating project, etcd is a distributed, reliable key-value store for critical data in a distributed system. As part of a security audit, the etcd team worked with Jepsen to verify etcd v3.4.3’s key-value operations, locks, and watches. The report, which was released earlier this year, concluded that there were no problems with key-value operations or watches. However, a theoretical risk discovered with the locks — that they could not guarantee mutual exclusion in asynchronous networks — led the etcd team to do further work on documentation around safety guarantees.
“Besides Jepsen analysis, the etcd community always welcomes contributions related to correctness and reliability,” says etcd co-creator Xiang Li. “We are excited about the results of this testing, and will remain vigilant while building a well engineered and correct product.”
Congratulations to the etcd team!