Not able to change or add users in influxdb docker compose - docker

I have a docker compose file which sets up influxdb.
These are the env variables used-
DOCKER_INFLUXDB_INIT_BUCKET: test
DOCKER_INFLUXDB_INIT_MODE: setup
DOCKER_INFLUXDB_INIT_ORG: test_org
DOCKER_INFLUXDB_INIT_PASSWORD: test_pass
DOCKER_INFLUXDB_INIT_RETENTION: 1w
DOCKER_INFLUXDB_INIT_USERNAME: test_user
and volumes-
/mount/influxdb:/var/lib/influxdb2
I am able to login using DOCKER_INFLUXDB_INIT_USERNAME and DOCKER_INFLUXDB_INIT_PASSWORD.
The issue is when I execute influx user list it returns an empty table. Same goes for influx org list. Due to this I'm not able to add any users to the test_org or change the password of default user.
Is there any solution to this?

Related

Adding a local system variable, or the result of a command, to a dockerfile

I have seen some similar questions, but none of them appear to solve my problem. I want to add a user to a docker container and in my Dockerfile, I define the username with:
ARG USERNAME="some_user"
Instead, I want the username to be the current user's computer username, as obtained by running the command whoami in the local terminal.
So what I would like to have is something like
ARG USERNAME=$(whoami)
.
This $(whoami) should be obtained from the local system environment, and not from the docker container.
Is there a way to do this for dockerfiles? I have thought of .env and docker-compose solutions but these also require each user to set their own username according to my knowledge.
There is no integrated way to execute arbitrary commands on the host directly outside of a container using just docker build / docker-compose build.
So to execute an arbitrary command to get/generate the required information you'll need to provide a custom script / use another build system to call docker/docker-compose with the respective flags or maybe generate the .env file from a template / interactively.
If you only need the current user name you may want to use the $USER / $LOGNAME environment variables that are set by the system in many default configurations. But since these are just normal environment variables their values may be incorrect / empty / manually changed by the user, see this question.

Why can any user login influxdb?

I have installed influxdb. But in the server every user can login when ther type inlux.
Why is it like that? Is not it a security problem. And how can I solve it?
I want to login with spesific admin user and its admin password.
The "why"
Different databases have used reasonings with minor differences over the years, but basically, it goes like this:
In its most simple install, <insert DBMS here> should just run - for integration tests, simple evaluation purposes etc. We could generate a root/admin/superhoncho user password, but more often than not, this is not going to be changed, and that is a Bad Thing™.
And since nobody sane would run a database in production without authentication and authorisation enabled, providing easy access in the default installation is not a problem anyway, is it?
I tend to agree with this reasoning, though I am off the opinion that in the case the DBMS has authentication and authorisation disabled per default, it should bind to localhost by default, too. You make your DBMS accessible to the outside world, and be it only your company's network? You surely have thought about the implications!
The "how"
Authentication
I am going to use docker to illustrate it and it is quite obvious what you have to do in a non-docker environment.
First, we pull the influxdb docker image and create a default config file in one go:
$ docker run --rm influxdb influxd config > influxdb.conf
Unable to find image 'influxdb:latest' locally
latest: Pulling from library/influxdb
...
Digest: sha256:0aa7fea5336b5e5cc1c80e16062865821ec772e06519c138947ef5ebd9b34907
Status: Downloaded newer image for influxdb:latest
Merging with configuration at: /etc/influxdb/influxdb.conf
Now we change the authentication parameter in the [http] section of our influxdb.conf to true:
...
[http]
auth-enabled = true
...
Next, we start our InfluxDB using this modified config file:
$ docker run -d --name influxdb -p 8086:8086 \
-v $PWD/influxdb.conf:/etc/influxdb/influxdb.conf:ro \
influxdb -config /etc/influxdb/influxdb.conf
1987f962c331d2404a2564bb752d971553b13181dbbbb1e38cf50d345b3191c4
(The hash sum you get will be different.)
Now, we connect to our influxdb and create the admin user
$ docker exec -it influxdb influx
Connected to http://localhost:8086 version 1.7.8
InfluxDB shell version: 1.7.8
> create user admin with password 'secret' with all privileges;
From this point on, credentials are needed for pretty much everything
> show users
ERR: unable to parse authentication credentials
Warning: It is possible this error is due to not setting a database.
Please set a database with the command "use <database>".
> auth
username: admin
password:
> show users
user admin
---- -----
admin true
Authorization
Simple mnemonic: "Users are granted permissions per database." So, in order to grant something to a user, that user must first exist:
> create user berkancetin with password 'supersecret';
> create database foobar
> grant read on foobar to berkancetin
> show users
user admin
---- -----
admin true
berkancetin false
> show grants for "berkancetin"
database privilege
-------- ---------
foobar READ
Further reading (!!!)
Ignore at your own risk. You. Have. Been. Warned.
InfluxDB authentication
InfluxDB docs on Authorization

Is there any quick way to switch between docker hub accounts in command line?

Tired of typing in login and password. So the registry is the same, but accounts are different. Should I just make a script that replaces ~/.docker/config.json?
Unfortunately, no. The config.json can only hold one credentials value for each remote registry. Moreover, there is an open issue to handle multiple logins to dockerhub.
However, you can easily solve the problem using bash aliases. Edit your ~/.bashrc file and add the following lines:
alias dl1='docker login -u <user1> -p <password1>'
alias dl2='docker login -u <user2> -p <password2>'
Now you can do dl1 to login to account1 and dl2 to switch to account2
You can basically also do something similar if you are on MAC or Windows.

Using Environment variables with cloudera manager

What would be the best way to use an environment variables declared for different users in a cluster(all nodes) and make a call to a oozie workflow (Cloudera) and the container of yarn recover the environment variable according to the user.
In the configuration of yarn in Cloudera manager seems to have references of this kind, something like ENVVAR_USER=$ENVVAR_USER.
It is a way to get a different properties file depending on the user making the call.
You could define one set of env. variables for every user, then resolve the actual values based on actual user name:
### per-user config
Sex_Mary=female
Sex_Mario=male
### resolving config for current user
User=Mario
eval Sex=\$Sex_$User
echo $Sex
But it's an old Unix trick, nothing to do with Hadoop or Cloudera. And maintaining the whole config would be a chore.
Any chance you can store the values in LDAP, and retrieve them dynamically with ldapsearch plus sed or awk??

Programmatical register a Postgres Server with pgAdmin using Delphi

Im working on an application using Postgres 9 and Delphi 7 as the front end,
For setting up the database connection to the application we have to do the following steps
1.Register a server in postgres
(i cannot post an image because im new user)
Name:=Localhost
Host:=Localhost
Port:=5432
SSL:=
MaintenanceDB:=myDB
Username:=Admin
password:=******
.
.
Service:=Localhost
2.Create the database and the tables.
Can any one tell me if the step 1.
can be done programatically?
Like for example
"C:\Program Files\PostgreSQL\9.0\bin\psql.exe" -h localhost -p 5432 -d myDB -U Admin Service=Localhost " ?
as of now its done manually by the user.
thanks in advance:)
The registered servers in pgAdmin are stored in the Windows registry under HKEY_CURRENT_USER\Software\pgAdmin III\Servers
The number of registered servers is stored in the Count attribute.
Then each server gets its own entry according to the number. So the first one is stored in HKEY_CURRENT_USER\Software\pgAdmin III\Servers\1, the second one in HKEY_CURRENT_USER\Software\pgAdmin III\Servers\2 and so on.
Have a look into your registry and create an approriate entry from within your Delphi application.

Resources