Docker yaml authentication settings (gremlinserver.authentication) question

Does anyone have any experience setting up authentication on Docker by using the supplied .yaml file? I'm having trouble passingin a map to properly set one of the options: gremlinserver.authentication.config.

Additional info, but not related to the my main problem:
I have a file with the contents of username/password pairs which follow the schema:

username:password (sha256)

This file is located within the docker instance at: /etc/opt/janusgraph/janusgraph-credentials-server.properties

However, gremlin server expects credentialsDb as a map and docker wants a string. Therefore I seem unable to configure this property.

Here are the relevant parts of my docker .yaml file:

services:
  janusgraph:
    image: docker.io/janusgraph/janusgraph:latest
    restart: "on-failure"
    container_name: janusgraph-server-1
    environment:
      JANUS_PROPS_TEMPLATE: cql
      janusgraph.storage.hostname: 192.168.1.44
      janusgraph.storage.port: 9042
      janusgraph.storage.username: cassandra
      janusgraph.storage.password: cassandra
      janusgraph.query.batch.enabled: true
      janusgraph.query.batch.limited: false
      janusgraph.index.search.elasticsearch.interface: REST_CLIENT
      gremlinserver.evaluationTimeout: 180000
      gremlinserver.authentication.authenticator: org.apache.tinkerpop.gremlin.server.auth.SimpleAuthenticator
      gremlinserver.authentication.config: {"credentialsDb": "/etc/opt/janusgraph/janusgraph-credentials-server.properties"} # <--- Source of problem
    ports:
      - "8182:8182"
    networks:
      - web
    healthcheck:
      test: ["CMD", "bin/gremlin.sh", "-e", "scripts/remote-connect.groovy"]
      interval: 10s
      timeout: 30s
      retries: 3
    volumes:
      - /home/user/janusgraph-credentials-server.properties:/etc/opt/janusgraph/janusgraph-credentials-server.properties:ro

services:
  janusgraph:
    image: docker.io/janusgraph/janusgraph:latest
    restart: "on-failure"
    container_name: janusgraph-server-1
    environment:
      JANUS_PROPS_TEMPLATE: cql
      janusgraph.storage.hostname: 192.168.1.44
      janusgraph.storage.port: 9042
      janusgraph.storage.username: cassandra
      janusgraph.storage.password: cassandra
      janusgraph.query.batch.enabled: true
      janusgraph.query.batch.limited: false
      janusgraph.index.search.elasticsearch.interface: REST_CLIENT
      gremlinserver.evaluationTimeout: 180000
      gremlinserver.authentication.authenticator: org.apache.tinkerpop.gremlin.server.auth.SimpleAuthenticator
      gremlinserver.authentication.config: {"credentialsDb": "/etc/opt/janusgraph/janusgraph-credentials-server.properties"} # <--- Source of problem
    ports:
      - "8182:8182"
    networks:
      - web
    healthcheck:
      test: ["CMD", "bin/gremlin.sh", "-e", "scripts/remote-connect.groovy"]
      interval: 10s
      timeout: 30s
      retries: 3
    volumes:
      - /home/user/janusgraph-credentials-server.properties:/etc/opt/janusgraph/janusgraph-credentials-server.properties:ro

services:
  janusgraph:
    image: docker.io/janusgraph/janusgraph:latest
    restart: "on-failure"
    container_name: janusgraph-server-1
    environment:
      JANUS_PROPS_TEMPLATE: cql
      janusgraph.storage.hostname: 192.168.1.44
      janusgraph.storage.port: 9042
      janusgraph.storage.username: cassandra
      janusgraph.storage.password: cassandra
      janusgraph.query.batch.enabled: true
      janusgraph.query.batch.limited: false
      janusgraph.index.search.elasticsearch.interface: REST_CLIENT
      gremlinserver.evaluationTimeout: 180000
      gremlinserver.authentication.authenticator: org.apache.tinkerpop.gremlin.server.auth.SimpleAuthenticator
      gremlinserver.authentication.config: {"credentialsDb": "/etc/opt/janusgraph/janusgraph-credentials-server.properties"} # <--- Source of problem
    ports:
      - "8182:8182"
    networks:
      - web
    healthcheck:
      test: ["CMD", "bin/gremlin.sh", "-e", "scripts/remote-connect.groovy"]
      interval: 10s
      timeout: 30s
      retries: 3
    volumes:
      - /home/user/janusgraph-credentials-server.properties:/etc/opt/janusgraph/janusgraph-credentials-server.properties:ro

services:
  janusgraph:
    image: docker.io/janusgraph/janusgraph:latest
    restart: "on-failure"
    container_name: janusgraph-server-1
    environment:
      JANUS_PROPS_TEMPLATE: cql
      janusgraph.storage.hostname: 192.168.1.44
      janusgraph.storage.port: 9042
      janusgraph.storage.username: cassandra
      janusgraph.storage.password: cassandra
      janusgraph.query.batch.enabled: true
      janusgraph.query.batch.limited: false
      janusgraph.index.search.elasticsearch.interface: REST_CLIENT
      gremlinserver.evaluationTimeout: 180000
      gremlinserver.authentication.authenticator: org.apache.tinkerpop.gremlin.server.auth.SimpleAuthenticator
      gremlinserver.authentication.config: {"credentialsDb": "/etc/opt/janusgraph/janusgraph-credentials-server.properties"} # <--- Source of problem
    ports:
      - "8182:8182"
    networks:
      - web
    healthcheck:
      test: ["CMD", "bin/gremlin.sh", "-e", "scripts/remote-connect.groovy"]
      interval: 10s
      timeout: 30s
      retries: 3
    volumes:
      - /home/user/janusgraph-credentials-server.properties:/etc/opt/janusgraph/janusgraph-credentials-server.properties:ro

Solution

Due to gremlin server expecting a map, but docker being unable to pass it to the server in the format that is expected.

I think you simply have a slight misunderstanding of the YAML format here. YAML is basically a nested map of maps.

Now, if your YAML looks like this:

a:
  b:
    c: test

a:
  b:
    c: test

a:
  b:
    c: test

a:
  b:
    c: test

then you can change the value of c via the JanusGraph Docker container by passing the environment variable

gremlinserver.a.b.c=newvalue

gremlinserver.a.b.c=newvalue

gremlinserver.a.b.c=newvalue

gremlinserver.a.b.c=newvalue

Jump to solution

Docker yaml authentication settings (gremlinserver.authentication) question

Similar Threads

Similar Threads

Similar Threads