Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hardcoded transport tcp comms to the leader node #192

Open
michaelhyatt opened this issue May 13, 2024 · 5 comments
Open

Hardcoded transport tcp comms to the leader node #192

michaelhyatt opened this issue May 13, 2024 · 5 comments

Comments

@michaelhyatt
Copy link

The template seem to hardcode tcp as the protocol. Can you please add support for tls?

helm-charts/helm-chart-sources/logstream-leader/templates/_pod.tpl

Line 89 in c041366

value: "tcp://{{ .Values.config.token }}@{{ .Values.config.bindHost }}:4200"

helm-charts/helm-chart-sources/logstream-leader/templates/_pod.tpl

Line 91 in c041366

value: "tcp://{{ .Values.config.token }}@{{ .Values.config.bindHost }}:4200"

@yenoromm
Copy link

yenoromm commented May 13, 2024
edited
Loading

A string value at config.overrideLeaderURL would be ideal. This would provide a very flexible value for also configuring tls.<settingName> in the url

@yenoromm yenoromm mentioned this issue May 20, 2024
Merged
@bdalpe
Copy link
Contributor

bdalpe commented May 24, 2024

@michaelhyatt @yenoromm You can do this today.

  1. Create a secret (either on your own or use the extraObjects value)
  2. Configure your Helm Values like the following:
config: 
  useExistingSecret: true

envValueFrom:
  - name: CRIBL_DIST_MASTER_URL
    valueFrom:
      secretKeyRef:
        name: <secretName>
        key: <secretKey>

Bonus setting for extraObjects:

extraObjects:
  - apiVersion: v1
    kind: Secret
    metadata:
      name: cribl-leader-secret
    type: Opaque
    data:
      leaderUrl: "tls://authToken@criblleader:4200?group=foo"

Extra objects supports a string or object for each array item. You can see more examples of how to use this in https://github.com/criblio/helm-charts/blob/master/helm-chart-sources/logstream-workergroup/tests/extras_test.yaml

@yenoromm
Copy link

yenoromm commented May 24, 2024
edited
Loading

@bdalpe

If you look at the first comment or the PR, you will notice we are talking about the leader helm chart and not the workergroup chart.

The config.useExistingSecret is well documented and what we use to set the leader url for the workergroup.

@bdalpe
Copy link
Contributor

bdalpe commented May 24, 2024

Sorry, @yenoromm I missed that detail.

You can still do something similar for the leader helm chart by redefining the environment variable. Your new definition in the helm values would win.

https://stackoverflow.com/questions/73443818/precedence-rule-in-container-env-list-with-duplicate-name-key-in-kubernetes

I agree this is not perfect and should be addressed long-term. IMO, the best way to do this would be to remove the current way it's done and replace with user specifying all the details. That would be a major breaking change though.

@yenoromm
Copy link

In the PR it supplies the current value if an override value is not supplied. There should be no breaking change only added functionality if the user decides to use it.

We are using Pulumi to handle deployments. The tooling throws an error with duplicate keys even if it isn’t caused by helm directly. Therefore this isn’t a solution for us, other Pulumi shops and possibly even Terraform shops if the underlying provider is what throws the error.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@michaelhyatt @bdalpe @yenoromm