scylladb for user authentication configuration is relatively simple, the following is a description of the configuration docker-compose
Preparing the Environment
- docker-compose documents
version: "3"
services:
scylladb:
image: scylladb/scylla
command: --authenticator=PasswordAuthenticator
ports:
- "9042:9042"
scylladb2:
image: scylladb/scylla
command: --seeds=scylladb --authenticator=PasswordAuthenticator
ports:
- "9043:9042"
scylladb3:
image: scylladb/scylla
command: --seeds=scylladb --authenticator=PasswordAuthenticator
ports:
- "9044:9042"
jaeger:
image: jaegertracing/all-in-one:1.13
environment:
- COLLECTOR_ZIPKIN_HTTP_PORT=9411
- CASSANDRA_SERVERS=scylladb,scylladb2,scylladb3
- SPAN_STORAGE_TYPE=cassandra
- CASSANDRA_USERNAME=cassandra
- CASSANDRA_PASSWORD=cassandra
ports:
- "9411:9411"
- "5775:5775/udp"
- "6831:6831/udp"
- "6832:6832/udp"
- "16686:16686"
- Described
above is a backend storage configured as an example jaeger jaeger, mainly related to the authentication is --authenticator = PasswordAuthenticator
Start && test
- start up
docker-comppose up -d
- connection
cqlsh -u cassandra -p cassandra
- Simple operation
use system_auth;
select * from system_auth.roles;
effect
role | can_login | is_superuser | member_of | salted_hash
-----------+-----------+--------------+-----------+------------------------------------------------------------------------------------------------------------
cassandra | True | True | null | $6$yTLXoV.PE1VUxebi$30sNkUxHiuwxKtHj.9AQToZwFZnxXZxzV9J82avqePpG1x8hnNuBAH0JbfMYxKuDsaM6I.2U9SUDv66/ATuYd.
(1 rows)
Explanation
scylladb also contains a complete rbac based access control mechanism, it is still very good
Reference material
https://docs.scylladb.com/operating-scylla/security/rbac_usecase/
https://docs.scylladb.com/operating-scylla/security/authentication/