Working no auth

aerospike · Sep 12, 2024 · 7f4680e · 7f4680e
1 parent 375b5d3
commit 7f4680e
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 81 deletions.
diff --git a/kubernetes/full-create-and-install.sh b/kubernetes/full-create-and-install.sh
@@ -34,7 +34,7 @@ print_env() {
 set_env_variables() {
     export WORKSPACE="$(pwd)"
     export PROJECT_ID="$(gcloud config get-value project)"
-    export CLUSTER_NAME="${PROJECT_ID}-avs-noauth"
+    export CLUSTER_NAME="${PROJECT_ID}-avs-noauth-010"
     export NODE_POOL_NAME_AEROSPIKE="aerospike-pool"
     export NODE_POOL_NAME_AVS="avs-pool"
     export ZONE="us-central1-c"

diff --git a/kubernetes/manifests/aerospike-cr.yaml b/kubernetes/manifests/aerospike-cr.yaml
@@ -45,13 +45,6 @@ spec:
             secretName: aerospike-secret
         aerospike:
           path: /etc/aerospike/secret
-      - name: aerospike-tls-config
-        source:
-          secret:
-            secretName: aerospike-tls
-        aerospike:
-          path: /etc/aerospike/ssl
-
 
   podSpec:
     sidecars:
@@ -78,49 +71,18 @@ spec:
   #       roles:
   #         - sys-admin
   #         - user-admin
-  #     - name: tester
-  #       secretName: auth-secret
-  #       roles:
-  #         - truncate
-  #         - sindex-admin
-  #         - user-admin
-  #         - data-admin
-  #         - read-write
-  #         - read
-  #         - write
-  #         - read-write-udf
-  #         - sys-admin
-  #         - udf-admin
-  # operatorClientCert:
-  #   secretCertSource:
-  #     secretName: aerospike-tls
-  #     caCertsFilename: ca.aerospike.com.pem
-  #     clientCertFilename: asd.aerospike.com.pem
-  #     clientKeyFilename: asd.aerospike.com.key
 
   aerospikeConfig:
     service:
       feature-key-file: /etc/aerospike/secret/features.conf
-    # security: {}
+#    security: {}
     network:
       service:
-        #        port: 3000
-        tls-name: asd.aerospike.com
-        tls-authenticate-client: "false"
-        tls-port: 4333
+        port: 3000
       fabric:
-        #        port: 3001
-        tls-name: asd.aerospike.com
-        tls-port: 3012
+        port: 3001
       heartbeat:
-        #        port: 3002
-        tls-name: asd.aerospike.com
-        tls-port: 3011
-      tls:
-        - name: asd.aerospike.com
-          cert-file: /etc/aerospike/ssl/asd.aerospike.com.pem
-          key-file: /etc/aerospike/ssl/asd.aerospike.com.key
-          ca-file: /etc/aerospike/ssl/ca.aerospike.com.pem
+        port: 3002
     namespaces:
       - name: test
         replication-factor: 2

diff --git a/kubernetes/manifests/avs-gke-values.yaml b/kubernetes/manifests/avs-gke-values.yaml
@@ -9,7 +9,7 @@ aerospikeVectorSearchConfig:
       5433:
         addresses:
           "0.0.0.0"
-        tls-id: service-tls
+        # tls-id: service-tls
   manage:
     ports:
       5040: { }
@@ -20,12 +20,12 @@ aerospikeVectorSearchConfig:
 #        port: 5001
         port: 5444
   interconnect:
-    client-tls-id: interconnect-tls
+    # client-tls-id: interconnect-tls
     ports:
       5444:
         addresses:
           "0.0.0.0"
-        tls-id: interconnect-tls
+        # tls-id: interconnect-tls
 #    ports:
 #      5001:
 #        addresses:
@@ -34,53 +34,53 @@ aerospikeVectorSearchConfig:
     client-policy:
 #      cluster-name: aerocluster
 #      max-conns-per-node: 1000
-      tls-id: aerospike-tls
+      # tls-id: aerospike-tls
       credentials:
         username: tester
         password-file: "/etc/aerospike-vector-search/secrets/aerospike-password.txt"
     seeds:
       - aerocluster-0-0.aerocluster.aerospike.svc.cluster.local:
 #          port: 3000
-          port: 4333
-          tls-name: "asd.aerospike.com"
+          port: 3000
+          # tls-name: "asd.aerospike.com"
   # security:
   #   auth-token:
   #     private-key: "/etc/aerospike-vector-search/secrets/private_key.pem"
   #     private-key-password: "/etc/aerospike-vector-search/secrets/client-password.txt"
   #     public-key: "/etc/aerospike-vector-search/secrets/public_key.pem"
-  tls:
-    service-tls:
-      trust-store:
-        store-file: /etc/ssl/certs/ca.aerospike.com.truststore.jks
-        store-password-file: /etc/ssl/certs/storepass
-        key-password-file: "/etc/ssl/certs/keypass"
-      key-store:
-        store-file: /etc/ssl/certs/svc.aerospike.com.keystore.jks
-        store-password-file: /etc/ssl/certs/storepass
-        key-password-file: /etc/ssl/certs/keypass
-#      override-tls-hostname: avs-gke-aerospike-vector-search-0.avs-gke-aerospike-vector-search.aerospike.svc.cluster.local
+#   tls:
+#     service-tls:
+#       trust-store:
+#         store-file: /etc/ssl/certs/ca.aerospike.com.truststore.jks
+#         store-password-file: /etc/ssl/certs/storepass
+#         key-password-file: "/etc/ssl/certs/keypass"
+#       key-store:
+#         store-file: /etc/ssl/certs/svc.aerospike.com.keystore.jks
+#         store-password-file: /etc/ssl/certs/storepass
+#         key-password-file: /etc/ssl/certs/keypass
+# #      override-tls-hostname: avs-gke-aerospike-vector-search-0.avs-gke-aerospike-vector-search.aerospike.svc.cluster.local
 
-    interconnect-tls:
-      trust-store:
-        store-file: /etc/ssl/certs/ca.aerospike.com.truststore.jks
-        store-password-file: /etc/ssl/certs/storepass
-        key-password-file: "/etc/ssl/certs/keypass"
-      key-store:
-        store-file: /etc/ssl/certs/avs.aerospike.com.keystore.jks
-        store-password-file: /etc/ssl/certs/storepass
-        key-password-file: /etc/ssl/certs/keypass
-      override-tls-hostname: avs.aerospike.com
+#     interconnect-tls:
+#       trust-store:
+#         store-file: /etc/ssl/certs/ca.aerospike.com.truststore.jks
+#         store-password-file: /etc/ssl/certs/storepass
+#         key-password-file: "/etc/ssl/certs/keypass"
+#       key-store:
+#         store-file: /etc/ssl/certs/avs.aerospike.com.keystore.jks
+#         store-password-file: /etc/ssl/certs/storepass
+#         key-password-file: /etc/ssl/certs/keypass
+#       override-tls-hostname: avs.aerospike.com
 
-    aerospike-tls:
-      trust-store:
-        store-file: "/etc/ssl/certs/ca.aerospike.com.truststore.jks"
-        store-password-file: "/etc/ssl/certs/storepass"
-        key-password-file: "/etc/ssl/certs/keypass"
-      key-store:
-        store-file: "/etc/ssl/certs/avs.aerospike.com.keystore.jks"
-        store-password-file: "/etc/ssl/certs/storepass"
-        key-password-file: "/etc/ssl/certs/keypass"
-#      override-tls-hostname: "asd.aerospike.com"
+#     aerospike-tls:
+#       trust-store:
+#         store-file: "/etc/ssl/certs/ca.aerospike.com.truststore.jks"
+#         store-password-file: "/etc/ssl/certs/storepass"
+#         key-password-file: "/etc/ssl/certs/keypass"
+#       key-store:
+#         store-file: "/etc/ssl/certs/avs.aerospike.com.keystore.jks"
+#         store-password-file: "/etc/ssl/certs/storepass"
+#         key-password-file: "/etc/ssl/certs/keypass"
+# #      override-tls-hostname: "asd.aerospike.com"
   logging:
     #    file: /var/log/aerospike-vector-search/aerospike-vector-search.log
     enable-console-logging: false
@@ -98,7 +98,7 @@ image:
   repository: "aerospike/aerospike-vector-search"
   pullPolicy: "IfNotPresent"
   # Overrides the image tag whose default is the chart appVersion.
-  tag: "0.9.0"
+  tag: "0.10.0"
 extraSecretVolumeMounts:
   - name: aerospike-tls
     mountPath: "/etc/ssl/certs"