-
Notifications
You must be signed in to change notification settings - Fork 10
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
9 changed files
with
162 additions
and
157 deletions.
There are no files selected for viewing
50 changes: 9 additions & 41 deletions
50
docs/administration-guide/gaffer-config/change-accumulo-passwords.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,51 +1,19 @@ | ||
# Changing the Accumulo Passwords | ||
|
||
When deploying Accumulo - either as part of a Gaffer stack or as a standalone, the passwords for all the users and the instance.secret are set to default values and should be changed. The instance.secret cannot be changed once deployed as it is used in initalisation. | ||
When deploying Accumulo - either as part of a Gaffer stack or as a standalone, | ||
the passwords for all the users and the instance.secret are set to default | ||
values and should be changed. The instance.secret cannot be changed once | ||
deployed as it is used in initalisation. | ||
|
||
## Standard Deployment | ||
The passwords can be configured in a standard deployment via the | ||
[`accumulo.properties`](https://accumulo.apache.org/docs/2.x/configuration/files#accumuloproperties) | ||
file. | ||
|
||
The passwords can be configured in a standard deployment via the `accumulo.properties` file. | ||
|
||
The following table outlines the values and defaults if using the container images: | ||
The following table outlines the values and defaults if using the container | ||
images: | ||
|
||
| Name | value | default value | | ||
| -------------------- | ------------------------------- | ------------- | | ||
| Instance Secret | `instance.secret` | "DEFAULT" | | ||
| Tracer user | `trace.user` | "root" | | ||
| Tracer user password | `trace.token.property.password` | "secret" | | ||
|
||
|
||
## Helm Deployment | ||
|
||
When deploying the Accumulo helm chart, the following values are set. If you are using the Gaffer helm chart with the Accumulo integration, the values will be prefixed with "accumulo": | ||
|
||
| Name | value | default value | | ||
| -------------------- | --------------------------------------------- | ------------- | | ||
| Instance Secret | `config.accumuloSite."instance.secret"` | "DEFAULT" | | ||
| Root password | `config.userManagement.rootPassword` | "root" | | ||
| Tracer user password | `config.userManagement.users.tracer.password` | "tracer" | | ||
|
||
When you deploy the Gaffer Helm chart with Accumulo, a "gaffer" user with a password of "gaffer" is used by default following the same pattern as the tracer user. | ||
|
||
So to install a new Gaffer with Accumulo store, create an `accumulo-passwords.yaml` with the following contents: | ||
|
||
```yaml | ||
accumulo: | ||
enabled: true | ||
config: | ||
accumuloSite: | ||
instance.secret: "changeme" | ||
userManagement: | ||
rootPassword: "changeme" | ||
users: | ||
tracer: | ||
password: "changme" | ||
gaffer: | ||
password: "changeme" | ||
``` | ||
You can install the graph with: | ||
```bash | ||
helm install my-graph gaffer-docker/gaffer -f accumulo-passwords.yaml | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
114 changes: 114 additions & 0 deletions
114
docs/administration-guide/gaffer-deployment/kubernetes-guide/helm-configuration.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,114 @@ | ||
# Configuring Gaffer with Helm | ||
|
||
!!! warning | ||
Configuration via Helm is under development the information here is subject | ||
to change in future releases. | ||
|
||
The general overview of what you can configure in a Gaffer graph is outlined | ||
under the [configuring Gaffer pages](../../gaffer-config/config.md). However, | ||
under a Helm based Kubernetes deployment the configuration needs to be applied | ||
slightly differently, this page captures how you can currently configure a | ||
Gaffer deployment using Helm. | ||
|
||
!!! tip | ||
Use the `--reuse-values` argument on a Helm upgrade to re-use passwords | ||
from the initial construction. | ||
|
||
## Graph Metadata | ||
|
||
Create a file called `graph-meta.yaml`. We will use this file to add our | ||
description and graph ID. Changing the description is as easy as changing the | ||
`graph.config.description` value. | ||
|
||
```yaml | ||
graph: | ||
config: | ||
description: "My graph description" | ||
``` | ||
Upgrade your deployment using Helm to load the new file: | ||
```bash | ||
helm upgrade my-graph gaffer-docker/gaffer -f graph-metadata.yaml --reuse-values | ||
``` | ||
|
||
### Graph ID | ||
|
||
Updating the ID may be simple or complicated depending on your store type. If | ||
you are using a Map or Federated store, you can just set the | ||
`graph.config.graphId` value like with the graph description. Though if you are | ||
using a Map Store, the graph will be emptied as a result. | ||
|
||
To safely update the Graph ID of an Accumulo instance you must change the gaffer | ||
users permissions to read and write to that table. To do that update the | ||
`graph-meta.yaml` file with the following contents: | ||
|
||
```yaml | ||
graph: | ||
config: | ||
graphId: "MyGraph" | ||
description: "My Graph description" | ||
|
||
accumulo: | ||
config: | ||
userManagement: | ||
users: | ||
gaffer: | ||
permissions: | ||
table: | ||
MyGraph: | ||
- READ | ||
- WRITE | ||
- BULK_IMPORT | ||
- ALTER_TABLE | ||
``` | ||
## Loading new Graph Schema | ||
The easiest way to deploy a schema file is to use helms `--set-file` option | ||
which lets you set a value from the contents of a file. For a Helm deployment to | ||
pick up changes to a Schema, you need to run a helm upgrade: | ||
|
||
```bash | ||
helm upgrade my-graph gaffer-docker/gaffer --set-file graph.schema."schema\.json"=./schema.json --reuse-values | ||
``` | ||
|
||
## Change Accumulo Passwords | ||
|
||
When deploying the Accumulo Helm chart, the following values are set. If you are | ||
using the Gaffer Helm chart with the Accumulo integration, the values will be | ||
prefixed with "accumulo": | ||
|
||
| Name | value | default value | | ||
| -------------------- | --------------------------------------------- | ------------- | | ||
| Instance Secret | `config.accumuloSite."instance.secret"` | "DEFAULT" | | ||
| Root password | `config.userManagement.rootPassword` | "root" | | ||
| Tracer user password | `config.userManagement.users.tracer.password` | "tracer" | | ||
|
||
When you deploy the Gaffer Helm chart with Accumulo, a "gaffer" user with a | ||
password of "gaffer" is used by default following the same pattern as the tracer | ||
user. | ||
|
||
So to install a new Gaffer with Accumulo store, create an | ||
`accumulo-passwords.yaml` with the following contents: | ||
|
||
```yaml | ||
accumulo: | ||
enabled: true | ||
config: | ||
accumuloSite: | ||
instance.secret: "changeme" | ||
userManagement: | ||
rootPassword: "changeme" | ||
users: | ||
tracer: | ||
password: "changme" | ||
gaffer: | ||
password: "changeme" | ||
``` | ||
|
||
You can install the graph with: | ||
|
||
```bash | ||
helm install my-graph gaffer-docker/gaffer -f accumulo-passwords.yaml | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.