crate.operator.bootstrap module¶
- class crate.operator.bootstrap.CreateUsersSubHandler(namespace, name, ref, context, depends_on=None, run_on_dep_failures=False)¶
Bases:
StateBasedSubHandler
- async crate.operator.bootstrap.bootstrap_gc_admin_user(core, namespace, name)¶
Create the gc_admin user, which is used by Grand Central to run queries against CrateDB.
- async crate.operator.bootstrap.bootstrap_system_user(core, namespace, name, master_node_pod, has_ssl, logger)¶
Exec into to a CrateDB container and create the system user.
When starting up a cluster, the operator doesn’t have a system user yet that it could use. The operator will therefore
exec
into thecrate
container in themaster_node_pod
and attempt to create a user and grant it all privileges.- Parameters
core (
CoreV1Api
) – An instance of the Kubernetes Core V1 API.namespace (
str
) – The Kubernetes namespace for the CrateDB cluster.name (
str
) – The name for theCrateDB
custom resource. Used to lookup the password for the system user created during deployment.master_node_pod (
str
) – The pod name of one of the eligible master nodes in the cluster. Used toexec
into.has_ssl (
bool
) – WhenTrue
,crash
will establish a connection to the CrateDB cluster from inside thecrate
container using SSL/TLS. This must match how the cluster is configured, otherwisecrash
won’t be able to connect, since non-encrypted connections are forbidden when SSL/TLS is enabled, and encrypted connections aren’t possible when no SSL/TLS is configured.logger (
Logger
) –
- Return type
- async crate.operator.bootstrap.bootstrap_users(core, namespace, name, users)¶
Create all users in the CrateDB clusters that are defined in the cluster spec.
- Parameters
core (
CoreV1Api
) – An instance of the Kubernetes Core V1 API.namespace (
str
) – The Kubernetes namespace for the CrateDB cluster.name (
str
) – The name for theCrateDB
custom resource. Used to lookup the password for the system user created during deployment.users (
List
[Dict
[str
,Any
]]) – A list of user definitions containing the username and the secret key reference to their password.
- async crate.operator.bootstrap.create_users(core, namespace, name, master_node_pod, has_ssl, users, logger)¶
Create the system user, and any additional configured users.
- Parameters
core (
CoreV1Api
) – An instance of the Kubernetes Core V1 API.namespace (
str
) – The Kubernetes namespace for the CrateDB cluster.name (
str
) – The name for theCrateDB
custom resource. Used to lookup the password for the system user created during deployment.master_node_pod (
str
) – The pod name of one of the eligible master nodes in the cluster. Used toexec
into.has_ssl (
bool
) – WhenTrue
,crash
will establish a connection to the CrateDB cluster from inside thecrate
container using SSL/TLS. This must match how the cluster is configured, otherwisecrash
won’t be able to connect, since non-encrypted connections are forbidden when SSL/TLS is enabled, and encrypted connections aren’t possible when no SSL/TLS is configured.users (
Optional
[List
[Dict
[str
,Any
]]]) – An optional list of user definitions containing the username and the secret key reference to their password.logger (
Logger
) –