Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update tidb secret docs and charts #398

Merged
merged 3 commits into from
Apr 17, 2019
Merged

update tidb secret docs and charts #398

merged 3 commits into from
Apr 17, 2019

Conversation

LinuxGit
Copy link
Contributor

No description provided.

@onlymellb
Copy link
Contributor

Can you separate the python script in tidb-initializer-job.yaml by the way?

@LinuxGit
Copy link
Contributor Author

Can you separate the python script in tidb-initializer-job.yaml by the way?

OK

xiaojingchen
xiaojingchen previously approved these changes Apr 16, 2019
View reviewed changes
gregwebs
gregwebs reviewed Apr 16, 2019
View reviewed changes
docs/operation-guide.md Outdated
@@ -34,10 +34,17 @@ By default TiDB service is exposed using [`NodePort`](https://kubernetes.io/docs
$ kubectl get svc -n ${namespace} # check the available services
```

By default the TiDB cluster has no password set. You can specify a password by setting `tidb.password` in `values.yaml` before deploying. You can retrieve the password from the initialization `Secret`:
By default the TiDB cluster has no password set. You can create `Secret` with following command, and uncomment setting `tidb.passwordSecretName` in `values.yaml` before deploying:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
By default the TiDB cluster has no password set. You can create `Secret` with following command, and uncomment setting `tidb.passwordSecretName` in `values.yaml` before deploying:
By default the TiDB cluster has no root password set. Setting a password in helm is insecure. Instead you can set the name of a K8s secret as `tidb.passwordSecretName` in `values.yaml`. Note that this is only used to initialize users: once your tidb cluster is initialized you may delete the secret. The format of the secret is `user=password`, so you can set the root user password with:

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good suggestion

@LinuxGit
Copy link
Contributor Author

@onlymellb PTAL

tennix
tennix approved these changes Apr 17, 2019
View reviewed changes
Copy link
Member

@tennix tennix left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@tennix tennix merged commit 5a7db94 into pingcap:master Apr 17, 2019
@LinuxGit LinuxGit deleted the Louis/fix-create-secret branch April 17, 2019 03:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gregwebs gregwebs gregwebs approved these changes

@tennix tennix tennix approved these changes

@xiaojingchen xiaojingchen xiaojingchen left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@LinuxGit @onlymellb @gregwebs @xiaojingchen @tennix