scylladb docker-compose 用户密码认证配置

scylladb 对于用户的认证配置还是比较简单的,以下是一个docker-compose 配置的说明

环境准备

  • docker-compose 文件
version: "3"
services: 
  scylladb:
    image: scylladb/scylla
    command: --authenticator=PasswordAuthenticator
    ports: 
    - "9042:9042"
  scylladb2:
   image: scylladb/scylla
   command: --seeds=scylladb --authenticator=PasswordAuthenticator
   ports: 
   - "9043:9042"
  scylladb3:
   image: scylladb/scylla
   command: --seeds=scylladb --authenticator=PasswordAuthenticator
   ports: 
   - "9044:9042"
  jaeger:
    image: jaegertracing/all-in-one:1.13
    environment:
      - COLLECTOR_ZIPKIN_HTTP_PORT=9411
      - CASSANDRA_SERVERS=scylladb,scylladb2,scylladb3
      - SPAN_STORAGE_TYPE=cassandra
      - CASSANDRA_USERNAME=cassandra
      - CASSANDRA_PASSWORD=cassandra
    ports:
      - "9411:9411"
      - "5775:5775/udp"
      - "6831:6831/udp"
      - "6832:6832/udp"
      - "16686:16686"
  • 说明
    以上是一个jaeger 配置后端存储为jaeger 的例子,主要关于认证的是--authenticator=PasswordAuthenticator

启动&&测试

  • 启动
docker-comppose up -d
  • 连接
cqlsh -u cassandra -p cassandra
  • 简单操作
use system_auth;
select * from system_auth.roles;

效果

 role | can_login | is_superuser | member_of | salted_hash
-----------+-----------+--------------+-----------+------------------------------------------------------------------------------------------------------------
 cassandra | True | True | null | $6$yTLXoV.PE1VUxebi$30sNkUxHiuwxKtHj.9AQToZwFZnxXZxzV9J82avqePpG1x8hnNuBAH0JbfMYxKuDsaM6I.2U9SUDv66/ATuYd.
(1 rows)

说明

scylladb 也包含了完整的基于rbac 的访问控制机制,还是很不错的

参考资料

https://docs.scylladb.com/operating-scylla/security/rbac_usecase/
https://docs.scylladb.com/operating-scylla/security/authentication/

posted on 2019-07-18 20:19  荣锋亮  阅读(1416)  评论(0编辑  收藏  举报

导航