aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormahendrr <mahendra.raghuwanshi@amdocs.com>2019-05-03 06:50:10 +0000
committermahendrr <mahendra.raghuwanshi@amdocs.com>2019-05-03 08:36:33 +0000
commit8b20f77ac9cb60b7287bc10a0f25b04da17b7b24 (patch)
treeddb6c865abe183fcb78bb6a9dbbb00b9e506a7c1
parent96080d06124ab60ce9642a840e8b9b9ca15b2534 (diff)
Common Cassandra doesn't support user authentication
Change-Id: I337aaf258b1a3716d97e31ea3f53014738f3db55 Issue-ID: OOM-1835 Signed-off-by: mahendrr <mahendra.raghuwanshi@amdocs.com>
-rw-r--r--kubernetes/common/cassandra/resources/config/docker-entrypoint.sh92
-rw-r--r--kubernetes/common/cassandra/templates/configmap.yaml14
-rw-r--r--kubernetes/common/cassandra/templates/statefulset.yaml9
3 files changed, 114 insertions, 1 deletions
diff --git a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh
new file mode 100644
index 0000000000..5b652228a6
--- /dev/null
+++ b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+set -e
+
+# first arg is `-f` or `--some-option`
+# or there are no args
+if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then
+ set -- cassandra -f "$@"
+fi
+
+# allow the container to be started with `--user`
+if [ "$1" = 'cassandra' -a "$(id -u)" = '0' ]; then
+ find /var/lib/cassandra /var/log/cassandra "$CASSANDRA_CONFIG" \
+ \! -user cassandra -exec chown cassandra '{}' +
+ exec gosu cassandra "$BASH_SOURCE" "$@"
+fi
+
+_ip_address() {
+ # scrape the first non-localhost IP address of the container
+ # in Swarm Mode, we often get two IPs -- the container IP, and the (shared) VIP, and the container IP should always be first
+ ip address | awk '
+ $1 == "inet" && $NF != "lo" {
+ gsub(/\/.+$/, "", $2)
+ print $2
+ exit
+ }
+ '
+}
+
+# "sed -i", but without "mv" (which doesn't work on a bind-mounted file, for example)
+_sed-in-place() {
+ local filename="$1"; shift
+ local tempFile
+ tempFile="$(mktemp)"
+ sed "$@" "$filename" > "$tempFile"
+ cat "$tempFile" > "$filename"
+ rm "$tempFile"
+}
+
+if [ "$1" = 'cassandra' ]; then
+ : ${CASSANDRA_RPC_ADDRESS='0.0.0.0'}
+
+ : ${CASSANDRA_LISTEN_ADDRESS='auto'}
+ if [ "$CASSANDRA_LISTEN_ADDRESS" = 'auto' ]; then
+ CASSANDRA_LISTEN_ADDRESS="$(_ip_address)"
+ fi
+
+ : ${CASSANDRA_BROADCAST_ADDRESS="$CASSANDRA_LISTEN_ADDRESS"}
+
+ if [ "$CASSANDRA_BROADCAST_ADDRESS" = 'auto' ]; then
+ CASSANDRA_BROADCAST_ADDRESS="$(_ip_address)"
+ fi
+ : ${CASSANDRA_BROADCAST_RPC_ADDRESS:=$CASSANDRA_BROADCAST_ADDRESS}
+
+ if [ -n "${CASSANDRA_NAME:+1}" ]; then
+ : ${CASSANDRA_SEEDS:="cassandra"}
+ fi
+ : ${CASSANDRA_SEEDS:="$CASSANDRA_BROADCAST_ADDRESS"}
+
+ _sed-in-place "$CASSANDRA_CONFIG/cassandra.yaml" \
+ -r 's/(- seeds:).*/\1 "'"$CASSANDRA_SEEDS"'"/'
+
+ for yaml in \
+ broadcast_address \
+ broadcast_rpc_address \
+ cluster_name \
+ endpoint_snitch \
+ listen_address \
+ num_tokens \
+ rpc_address \
+ start_rpc \
+ authenticator \
+ ; do
+ var="CASSANDRA_${yaml^^}"
+ val="${!var}"
+ if [ "$val" ]; then
+ _sed-in-place "$CASSANDRA_CONFIG/cassandra.yaml" \
+ -r 's/^(# )?('"$yaml"':).*/\2 '"$val"'/'
+ fi
+ done
+
+ for rackdc in dc rack; do
+ var="CASSANDRA_${rackdc^^}"
+ val="${!var}"
+ if [ "$val" ]; then
+ _sed-in-place "$CASSANDRA_CONFIG/cassandra-rackdc.properties" \
+ -r 's/^('"$rackdc"'=).*/\1 '"$val"'/'
+ fi
+ done
+fi
+
+exec "$@"
+
diff --git a/kubernetes/common/cassandra/templates/configmap.yaml b/kubernetes/common/cassandra/templates/configmap.yaml
index a9420d7e5b..abb8a7e65f 100644
--- a/kubernetes/common/cassandra/templates/configmap.yaml
+++ b/kubernetes/common/cassandra/templates/configmap.yaml
@@ -12,4 +12,16 @@ metadata:
data:
{{ toYaml .Values.configOverrides | indent 2 }}
{{- end }}
-
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-entrypoint
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/docker-entrypoint.sh").AsConfig . | indent 2 }}
diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml
index a0b6b5f738..0c7a112bcb 100644
--- a/kubernetes/common/cassandra/templates/statefulset.yaml
+++ b/kubernetes/common/cassandra/templates/statefulset.yaml
@@ -54,6 +54,9 @@ spec:
- name: localtime
mountPath: /etc/localtime
readOnly: true
+ - name: cassandra-entrypoint
+ mountPath: /docker-entrypoint.sh
+ subPath: docker-entrypoint.sh
{{- range $key, $value := .Values.configOverrides }}
- name: cassandra-config-{{ $key | replace "." "-" }}
mountPath: /etc/cassandra/{{ $key }}
@@ -110,6 +113,8 @@ spec:
value: {{ default "true" .Values.config.start_rpc | quote }}
- name: CASSANDRA_ENDPOINT_SNITCH
value: {{ default "GossipingPropertyFileSnitch" .Values.config.endpoint_snitch | quote }}
+ - name: CASSANDRA_AUTHENTICATOR
+ value: {{ default "PasswordAuthenticator" .Values.config.authenticator | quote }}
- name: POD_IP
valueFrom:
fieldRef:
@@ -141,6 +146,10 @@ spec:
configMap:
name: {{ include "common.fullname" . }}-configOverrides
{{- end }}
+ - name: cassandra-entrypoint
+ configMap:
+ name: {{ include "common.fullname" . }}-entrypoint
+ defaultMode: 0755
{{- if not .Values.persistence.enabled }}
- name: cassandra-data
emptyDir: {}