Erlang cluster on Kubernetes: Erlang Cookie
I’ve covered this previously; see “Erlang/Elixir Cookies and Kubernetes”. Here’s the quick version.
First, we update the cowboy handler to report the Erlang cookie, so we can check that all of the nodes (remember: they’re behind an ingress; refreshing the browser will cycle through them) are using the same cookie.
init(Req0, Opts) ->
Headers = #{<<"content-type">> => <<"text/plain">>},
Body = io_lib:format("~p~n~p~n", [node(), erlang:get_cookie()]),
Req = cowboy_req:reply(200, Headers, Body, Req0),
{ok, Req, Opts}.
Then I updated the rebar-generated config files to pull the cookie from an environment variable:
{relx, [
%...
{vm_args_src, "./config/vm.args.src"}
%...
This is not needed since rebar 3.14.0. It automatically uses the presence of
config/vm.args.src to enable this mode.
% vm.args.src
-setcookie ${RELEASE_COOKIE}
Then I updated the deployment to set that environment variable from a secret:
env:
- name: RELEASE_COOKIE # might need to be RELX_COOKIE for the remote_console to work.
valueFrom:
secretKeyRef:
name: erlang-cookie
key: cookie
Then I set the cookie:
ERLANG_COOKIE="$(env LC_CTYPE=C tr -dc 'A-Z' < /dev/random | head -c 20)"
kubectl --namespace erlclu \
create secret generic erlang-cookie \
--from-literal=cookie="$ERLANG_COOKIE"