You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by ko...@apache.org on 2022/02/09 18:17:41 UTC
[couchdb-helm] branch generate-erlang-cookie created (now eb1ca20)
This is an automated email from the ASF dual-hosted git repository.
kocolosk pushed a change to branch generate-erlang-cookie
in repository https://gitbox.apache.org/repos/asf/couchdb-helm.git.
at eb1ca20 Generate a unique Erlang cookie by default
This branch includes the following new commits:
new eb1ca20 Generate a unique Erlang cookie by default
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
[couchdb-helm] 01/01: Generate a unique Erlang cookie by default
Posted by ko...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
kocolosk pushed a commit to branch generate-erlang-cookie
in repository https://gitbox.apache.org/repos/asf/couchdb-helm.git
commit eb1ca208330cb5ea92b0249180d8b4ed59aa2d90
Author: Adam Kocoloski <ko...@apache.org>
AuthorDate: Wed Feb 9 13:14:59 2022 -0500
Generate a unique Erlang cookie by default
This relies on new support for the COUCHDB_ERLANG_COOKIE env to
generate a Secret that is written down into ~/.erlang.cookie instead
of passing the cookie in the ERL_FLAGS. I suppose it would be possible
to merge the generated cookie into ERL_FLAGS, but this approach seemed
cleaner and more maintainable going forward.
---
couchdb/templates/secrets.yaml | 1 +
couchdb/templates/statefulset.yaml | 5 +++++
couchdb/values.yaml | 9 ++++++---
3 files changed, 12 insertions(+), 3 deletions(-)
diff --git a/couchdb/templates/secrets.yaml b/couchdb/templates/secrets.yaml
index 92f55c6..857543b 100644
--- a/couchdb/templates/secrets.yaml
+++ b/couchdb/templates/secrets.yaml
@@ -12,6 +12,7 @@ type: Opaque
data:
adminUsername: {{ template "couchdb.defaultsecret" .Values.adminUsername }}
adminPassword: {{ template "couchdb.defaultsecret" .Values.adminPassword }}
+ erlangCookie: {{ template "couchdb.defaultsecret" .Values.erlangFlags.setcookie }}
cookieAuthSecret: {{ template "couchdb.defaultsecret" .Values.cookieAuthSecret }}
{{- if .Values.adminHash }}
password.ini: {{ tpl (.Files.Get "password.ini") . | b64enc }}
diff --git a/couchdb/templates/statefulset.yaml b/couchdb/templates/statefulset.yaml
index 233441d..03ae8bd 100644
--- a/couchdb/templates/statefulset.yaml
+++ b/couchdb/templates/statefulset.yaml
@@ -92,6 +92,11 @@ spec:
name: {{ template "couchdb.fullname" . }}
key: cookieAuthSecret
{{- end }}
+ - name: COUCHDB_ERLANG_COOKIE
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "couchdb.fullname" . }}
+ key: erlangCookie
- name: ERL_FLAGS
value: "{{ range $k, $v := .Values.erlangFlags }} -{{ $k }} {{ $v }} {{ end }}"
{{- if .Values.livenessProbe.enabled }}
diff --git a/couchdb/values.yaml b/couchdb/values.yaml
index f76dc25..44f74df 100644
--- a/couchdb/values.yaml
+++ b/couchdb/values.yaml
@@ -152,12 +152,15 @@ resources:
# memory: 256Gi
## erlangFlags is a map that is passed to the Erlang VM as flags using the
-## ERL_FLAGS env. `name` and `setcookie` flags are minimally required to
-## establish connectivity between cluster nodes.
+## ERL_FLAGS env. The `name` flag is required to establish connectivity
+## between cluster nodes.
## ref: http://erlang.org/doc/man/erl.html#init_flags
erlangFlags:
name: couchdb
- setcookie: monster
+ # Older versions of the official CouchDB image (anything prior to 3.2.1)
+ # do not act on the COUCHDB_ERLANG_COOKIE environment variable, so if you
+ # want to cluster these deployments it's necessary to pass in a cookie here
+ # setcookie: make-something-up
## couchdbConfig will override default CouchDB configuration settings.
## The contents of this map are reformatted into a .ini file laid down