Erlang cluster on Kubernetes: Erlang Cookie

21 Dec 2022 19:51 erlang kubernetes

I’ve covered this previously; see “Erlang/Elixir Cookies and Kubernetes”. Here’s the quick version.

First, we update the cowboy handler to report the Erlang cookie, so we can check that all of the nodes (remember: they’re behind an ingress; refreshing the browser will cycle through them) are using the same cookie.

init(Req0, Opts) ->
    Headers = #{<<"content-type">> => <<"text/plain">>},
    Body = io_lib:format("~p~n~p~n", [node(), erlang:get_cookie()]),
    Req = cowboy_req:reply(200, Headers, Body, Req0),
    {ok, Req, Opts}.

Then I updated the rebar-generated config files to pull the cookie from an environment variable:

{relx, [
    {vm_args_src, "./config/vm.args.src"}
This is not needed since rebar 3.14.0. It automatically uses the presence of config/vm.args.src to enable this mode.
% vm.args.src
-setcookie ${RELEASE_COOKIE}

Then I updated the deployment to set that environment variable from a secret:

- name: RELEASE_COOKIE # might need to be RELX_COOKIE for the remote_console to work.
      name: erlang-cookie
      key: cookie

Then I set the cookie:

ERLANG_COOKIE="$(env LC_CTYPE=C tr -dc 'A-Z' < /dev/random | head -c 20)"
kubectl --namespace erlclu \
    create secret generic erlang-cookie \