crate.operator.bootstrap module

class crate.operator.bootstrap.CreateUsersSubHandler(namespace, name, ref, context, depends_on=None, run_on_dep_failures=False)

Bases: StateBasedSubHandler

Parameters

  • namespace (str) –

  • name (str) –

  • ref (str) –

  • context (dict) –

async handle(namespace, name, master_node_pod, has_ssl, users, logger, **kwargs)
Parameters
async crate.operator.bootstrap.bootstrap_gc_admin_user(core, namespace, name)

Create the gc_admin user, which is used by Grand Central to run queries against CrateDB.

Parameters

  • core (CoreV1Api) – An instance of the Kubernetes Core V1 API.

  • namespace (str) – The Kubernetes namespace for the CrateDB cluster.

  • name (str) – The name for the CrateDB custom resource. Used to lookup the password for the system user created during deployment.

async crate.operator.bootstrap.bootstrap_system_user(core, namespace, name, master_node_pod, has_ssl, logger)

Exec into to a CrateDB container and create the system user.

When starting up a cluster, the operator doesn’t have a system user yet that it could use. The operator will therefore exec into the crate container in the master_node_pod and attempt to create a user and grant it all privileges.

Parameters

  • core (CoreV1Api) – An instance of the Kubernetes Core V1 API.

  • namespace (str) – The Kubernetes namespace for the CrateDB cluster.

  • name (str) – The name for the CrateDB custom resource. Used to lookup the password for the system user created during deployment.

  • master_node_pod (str) – The pod name of one of the eligible master nodes in the cluster. Used to exec into.

  • has_ssl (bool) – When True, crash will establish a connection to the CrateDB cluster from inside the crate container using SSL/TLS. This must match how the cluster is configured, otherwise crash won’t be able to connect, since non-encrypted connections are forbidden when SSL/TLS is enabled, and encrypted connections aren’t possible when no SSL/TLS is configured.

  • logger (Logger) –

Return type

None

async crate.operator.bootstrap.bootstrap_users(core, namespace, name, users)

Create all users in the CrateDB clusters that are defined in the cluster spec.

Parameters

  • core (CoreV1Api) – An instance of the Kubernetes Core V1 API.

  • namespace (str) – The Kubernetes namespace for the CrateDB cluster.

  • name (str) – The name for the CrateDB custom resource. Used to lookup the password for the system user created during deployment.

  • users (List[Dict[str, Any]]) – A list of user definitions containing the username and the secret key reference to their password.

async crate.operator.bootstrap.create_users(core, namespace, name, master_node_pod, has_ssl, users, logger)

Create the system user, and any additional configured users.

Parameters

  • core (CoreV1Api) – An instance of the Kubernetes Core V1 API.

  • namespace (str) – The Kubernetes namespace for the CrateDB cluster.

  • name (str) – The name for the CrateDB custom resource. Used to lookup the password for the system user created during deployment.

  • master_node_pod (str) – The pod name of one of the eligible master nodes in the cluster. Used to exec into.

  • has_ssl (bool) – When True, crash will establish a connection to the CrateDB cluster from inside the crate container using SSL/TLS. This must match how the cluster is configured, otherwise crash won’t be able to connect, since non-encrypted connections are forbidden when SSL/TLS is enabled, and encrypted connections aren’t possible when no SSL/TLS is configured.

  • users (Optional[List[Dict[str, Any]]]) – An optional list of user definitions containing the username and the secret key reference to their password.

  • logger (Logger) –