Trino. Helm Deploy

image:
  repository: trinodb/trino
  pullPolicy: Always
server:
  workers: 1
  node:
    environment: production
    dataDir: /data/trino
    pluginDir: /usr/lib/trino/plugin
  log:
    trino:
      level: INFO
  config:
    path: /etc/trino
    # authenticationType: PASSWORD
  coordinatorExtraConfig: |
    http-server.process-forwarded=true
    http-server.authentication.type=PASSWORD

Π˜Π΄ΡƒΡ‰ΠΈΠ΅ дальшС Π΄Π²Π° Π±Π»ΠΎΠΊΠ° частично Π΄Ρ€ΡƒΠ³ Π΄Ρ€ΡƒΠ³Π° ΠΈΡΠΊΠ»ΡŽΡ‡Π°ΡŽΡ‚. Π’ΠΎ Π΅ΡΡ‚ΡŒ Ссли создана сСкция auth Π²ΠΎΡ‚ Π² Ρ‚Π°ΠΊΠΎΠΌ Π²ΠΎΡ‚ Π²ΠΈΠ΄Π΅, Ρ‚ΠΎ Π±ΡƒΠ΄Π΅Ρ‚ создан /etc/trino/auth/password/password.db содСрТащий ΠΏΠ°Ρ€ΠΎΠ»ΠΈ ΠΈ вСсь Π±Π»ΠΎΠΊ ΠΊΠΎΠΎΡ€Π΄ΠΈΠ½Π°Ρ‚ΠΎΡ€Π° ΠΊΠΎΡ‚ΠΎΡ€Ρ‹ΠΉ этот Ρ„Π°ΠΉΠ» создаСт лишний. Π‘Π°ΠΌ Ρ„Π°ΠΉΠ» password-authenticator.properties Π±ΡƒΠ΄Π΅Ρ‚ сформирован автоматичСски Ссли Π² ΠΏΡ€Π΅Π΄Ρ‹Π΄ΡƒΡ‰Π΅ΠΌ Π±Π»ΠΎΠΊΠ΅ Ρ€Π°ΡΠΊΠΎΠΌΠΌΠ΅Π½Ρ‚ΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ authenticationType: PASSWORD. ΠŸΠ°Ρ€ΠΎΠ»ΡŒ гСнСрируСтся Ρ‡Π΅Ρ€Π΅Π· ΡƒΡ‚ΠΈΠ»ΠΈΡ‚Ρƒ htpasswd.

auth:
  passwordAuth: "maksim:$2y$10$U/zP4cpbTXiEiBTFggw15.2vlTc8N9Iug2r7iBkuhoR/QZ.iowqhS"
  refreshPeriod: 5s
coordinator:
  secretMounts:
     - name: password-secret
       secretName: password-secret
       path: /tmp/password.db
       subPath: password.db
  additionalConfigFiles:
    password-authenticator.properties: |
      password-authenticator.name=file
      file.password-file=/tmp/password.db

ΠžΠ±ΡΠ·Π°Ρ‚Π΅Π»ΡŒΠ½ΠΎ!

additionalConfigProperties:
  - internal-communication.shared-secret=TUVDHge141LW3bPLHdB0pacw0lfnMmNJqjNPLxBqzUF+DYYeKe1UG8MjpQTojdoXEaG988DLmuxp
catalogs:
  tpcds: |
    connector.name=tpcds
    tpcds.splits-per-node=4
  health: |
    connector.name=postgresql
    connection-url=jdbc:postgresql://127.0.0.1:5432/health
    user-credential-name=user
    password-credential-name=password
    unsupported-type-handling=CONVERT_TO_VARCHAR
ingress:
  enabled: true
  className: nginx
  annotations:
    cert-manager.io/cluster-issuer: lets-encrypt
  hosts:
    - host: trino.example.ru
      paths:
        - path: /
          pathType: Prefix
  tls:
    - secretName: trino-tls
      hosts:
        - trino.example.ru