rocketmq-operator icon indicating copy to clipboard operation
rocketmq-operator copied to clipboard
verified publisher icon apache

rocketmq开启acl后plain_acl.yml这个文件如何持久化

Open wolf27w opened this issue 1 year ago • 4 comments

我是在k8s中部署的rockermq,但是开启acl后,plain_acl.yml这个文件是在conf目录下,我无法映射出来或者修改plain_acl.yml文件的路径,请问一下有其他的方法吗?

wolf27w avatar Mar 13 '24 02:03 wolf27w

duplicated with #184

caigy avatar Mar 13 '24 04:03 caigy

@wolf27w 目前尚未支持,#200 仍在开发中。可以看看这个方法是否能临时解决?https://github.com/apache/rocketmq-operator/issues/184#issuecomment-1750292679

caigy avatar Mar 13 '24 04:03 caigy

明白了,我看他写的有点错误,应该把configmap里的plain_acl.yml替换到/home/rocketmq/rocketmq-4.9.7/conf/plain_acl.yml才是正确的,不需要在开发了

wolf27w avatar Mar 14 '24 03:03 wolf27w

挂载自定义ACL有了新的姿势。

  1. 创建acl configmap,kubectl create configmap broker-acl --from-file=plain_acl.yml=plain_acl.yml
  2. broker cr配置acl configmap,kubectl edit brokers.rocketmq.apache.org rocketmq-cluster-test 
apiVersion: rocketmq.apache.org/v1alpha1
kind: Broker
...
spec:
volumes:
  - configMap:
      name: broker-acl
    name: broker-acl
  1. sts挂载acl configmap到pod。kubectl edit statefulsets.apps rocketmq-cluster-test-0-0 
apiVersion: apps/v1
kind: StatefulSet
...
spec:
  volumes:
  - configMap:
          defaultMode: 420
          name: broker-acl
        name: broker-acl
  containers:
    volumeMounts:
    - mountPath: /root/rocketmq/broker/conf/acl
          name: broker-acl

可以实现acl配置热加载。

moweilong avatar Jul 03 '24 07:07 moweilong