Trino docs - Getting started

charm
,
1

Trino K8s Operator

The Charmed Trino K8s Operator delivers automated management on Trino data virtualization software on top of a Kubernetes cluster. Trino is a distributed SQL query engine designed to query large data sets distributed over one or more heterogeneous data sources.

Usage

Note: This operator requires the use of juju >= 3.1. More information on setting up your environment can be found here.

# deploy Trino operator:
juju deploy trino-k8s

By default the Trino K8s operator requires a TLS relation, details found below.

tls-certificates

The tls-certificates interface is used with the tls-certificates-operator charm.

Note: The TLS settings here are for self-signed-certificates which are not recommended for production clusters, the tls-certificates-operator charm offers a variety of configurations, read more on the TLS charm here.

To enable TLS:

# deploy the TLS charm:
juju deploy tls-certificates-operator --channel=edge

# add necessary configurations for TLS:
juju config tls-certificates-operator generate-self-signed-certificates="true" ca-common-name="trino-server"

# provide Google credentials (optional):
juju config trino-k8s google-client-id=<id> google-client-secret=<secret>

# relate with the Trino charm:
juju relate tls-certificates-operator trino-k8s

Note: currently only Google Oauth authentication and password authentication are supported. For information on how to set this up on Google see here.

To disable TLS:

# remove relation:
juju remove-relation trino-k8s tls-certificates-operator

Ingress

The Trino operator exposes its ports using the Nginx Ingress Integrator operator. You must first make sure to have an Nginx Ingress Controller deployed. To enable TLS connections, you must have a TLS certificate stored as a k8s secret (default name is “trino-tls”). A self-signed certificate for development purposes can be created as follows:

# Generate private key
openssl genrsa -out server.key 2048

# Generate a certificate signing request
openssl req -new -key server.key -out server.csr -subj "/CN=trino-k8s"

# Create self-signed certificate
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt -extfile <(printf "subjectAltName=DNS:trino-k8s")

# Create a k8s secret
kubectl create secret tls trino-tls --cert=server.crt --key=server.key

This operator can then be deployed and connected to the Trino operator using the Juju command line as follows:

# Deploy ingress controller.
microk8s enable ingress:default-ssl-certificate=trino-k8s/trino-tls

juju deploy nginx-ingress-integrator --channel edge --revision 71
juju relate trino-k8s nginx-ingress-integrator

Once deployed, the hostname will default to the name of the application (trino-k8s), and can be configured using the external-hostname configuration on the Trino operator.

Note: for HTTPS on port 8443 (default) the Trino operator must have a certificates relation.

Contributing

Please see the Juju SDK documentation for more information about developing and improving charms and Contributing for developer guidance.

License

The Charmed Trino K8s Operator is free software, distributed under the Apache Software License, version 2.0. See License for more details.

2