roachprod: make clusters secure by default#123593
Merged
craig[bot] merged 2 commits intocockroachdb:masterfrom May 6, 2024
Merged
roachprod: make clusters secure by default#123593craig[bot] merged 2 commits intocockroachdb:masterfrom
craig[bot] merged 2 commits intocockroachdb:masterfrom
Conversation
Roachtest has been creating secure clusters in tests for a while now. It makes sense for roachprod to use the same, better default when setting up clusters. If necessary, users can still create insecure clusters by passing the `--insecure` flag to `roachprod start` and other commands. Fixes: cockroachdb#38539 Release note: None
Member
|
This change is |
This brings roachprod's and roachtest's defaults closer. Now that we create secure roachprod clusters by default (which includes creating an admin user), we are able to change the default authentication mode used when starting a SQL shell. Like with `pgurl`, the authentication mode can be changed with the `--auth-mode` command line flag. Epic: none Release note: None
0ccbe82 to
b632f68
Compare
Author
|
TFTR! bors r=srosenberg |
Contributor
renatolabs
pushed a commit
to renatolabs/cockroach
that referenced
this pull request
May 8, 2024
In cockroachdb#123593, we changed roachprod's default when starting clusters: it will now start secure clusters unless the `--insecure` flag is passed (mirroring cockroach's behaviour and flag name). However, this leads to problems when running roachprod commands in commits before and after this change. In this commit, we temporarily reintroduce the `--secure` flag to roachprod to reduce disruptions. Once the new default has existed for a while, we can revert this commit. Epic: none Release note: None
craig bot
pushed a commit
that referenced
this pull request
May 8, 2024
123421: ci: check GHA results in TeamCity r=rickystewart a=rail Bazel Essential CI is a no-op on master and release-24.1 since the GitHub Actions CI migration completed. This PR adds a new TeamCity build configuration which polls the required GitHub action results and reflects the overall status in TeamCity. Fixes: DEVINF-1124 Release note: None 123764: drtprod: add datadog-agent setup for workload-chaos r=sudomateo a=itsbilal This change updates the drtprod script to add the workload-choas datadog-agent setup commands and config files. Epic: none Release note: None 123793: sql: don't use SetWithPlanner for `password_encryption` r=yuzefovich a=yuzefovich Using the default Set method is sufficient. Epic: None Release note: None 123826: roachprod: reintroduce --secure flag r=dt,srosenberg a=renatolabs In #123593, we changed roachprod's default when starting clusters: it will now start secure clusters unless the `--insecure` flag is passed (mirroring cockroach's behaviour and flag name). However, this leads to problems when running roachprod commands in commits before and after this change. In this commit, we temporarily reintroduce the `--secure` flag to roachprod to reduce disruptions. Once the new default has existed for a while, we can revert this commit. Epic: none Release note: None Co-authored-by: Rail Aliiev <rail@iqchoice.com> Co-authored-by: Bilal Akhtar <bilal@cockroachlabs.com> Co-authored-by: Yahor Yuzefovich <yahor@cockroachlabs.com> Co-authored-by: Renato Costa <renato@cockroachlabs.com>
srosenberg
added a commit
to srosenberg/cockroach
that referenced
this pull request
Jun 4, 2025
As of [1], [2], `roachprod` defaulted to "secure" mode to keep it in one-to-one correspondence with `roachtest`. However, upon further reflection (see an internal thread [3]), "secure mode" adds an unnecessary friction. As of this change, `roachprod` now defaults to "insecure" mode while `roachtest` _continues_ to default to "secure". We also refactor `drtprod` to reuse the cli wrapper from `roachprod`. This way both binaries have the same behavior wrt `--insecure/--secure`. [1] cockroachdb#123593 [2] cockroachdb#123826 [3] https://cockroachlabs.slack.com/archives/C023S0V4YEB/p1748888536180379?thread_ts=1724452649.312729&cid=C023S0V4YEB Epic: none Release note: None
srosenberg
added a commit
to srosenberg/cockroach
that referenced
this pull request
Jun 26, 2025
As of [1], [2], `roachprod` defaulted to "secure" mode to keep it in one-to-one correspondence with `roachtest`. However, upon further reflection (see an internal thread [3]), "secure mode" adds an unnecessary friction. As of this change, `roachprod` now defaults to "insecure" mode while `roachtest` _continues_ to default to "secure". Further, `drtprod` also continues to default to "secure" mode. [1] cockroachdb#123593 [2] cockroachdb#123826 [3] https://cockroachlabs.slack.com/archives/C023S0V4YEB/p1748888536180379?thread_ts=1724452649.312729&cid=C023S0V4YEB Epic: none Release note: None
craig bot
pushed a commit
that referenced
this pull request
Jun 27, 2025
147737: roachprod: default `--insecure` to `true` r=herkolategan,darrylwong,nameisbhaskar a=srosenberg As of [1], [2], `roachprod` defaulted to "secure" mode to keep it in one-to-one correspondence with `roachtest`. However, upon further reflection (see an internal thread [3]), "secure mode" adds an unnecessary friction. As of this change, `roachprod` now defaults to "insecure" mode while `roachtest` _continues_ to default to "secure". Further, `drtprod` also continues to default to "secure" mode. [1] #123593 [2] #123826 [3] https://cockroachlabs.slack.com/archives/C023S0V4YEB/p1748888536180379?thread_ts=1724452649.312729&cid=C023S0V4YEB Epic: none Release note: None Co-authored-by: Stan Rosenberg <stan.rosenberg@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
roachprod: make clusters secure by default
Roachtest has been creating secure clusters in tests for a while
now. It makes sense for roachprod to use the same, better default when
setting up clusters.
If necessary, users can still create insecure clusters by passing the
--insecureflag toroachprod startand other commands.Fixes: #38539
Release note: None
roachprod: use non-root user by default in roachprod sql
This brings roachprod's and roachtest's defaults closer. Now that we
create secure roachprod clusters by default (which includes creating
an admin user), we are able to change the default authentication mode
used when starting a SQL shell.
Like with
pgurl, the authentication mode can be changed with the--auth-modecommand line flag.