Graylog self-address as master or coordinating node not secure

[PastNullInfinity]

The current way to elect master or slave nodes is poorly implemented.

As it stands, the init-container needs an external dependency with kubectl: https://github.com/KongZ/charts/blob/b26ec70b0544947290594a9b130d73285de43e69/charts/graylog/templates/statefulset.yaml#L74-L79

Which is then used to query the k8s nodes to understand whether the current StatefulSet is living in a master or worker node: https://github.com/KongZ/charts/blob/b26ec70b0544947290594a9b130d73285de43e69/charts/graylog/templates/configmap.yaml#L152-L171

This has two main problems:

1. Introduces a dependency on having a way to download kubectl locally (on-prem deployments or bare-metal ones may not have access to the internet)
2. This breaks the k8s abstraction of making sure that workloads do not need to interface with the Kubernetes API.

I propose to abandon this method, and use a more sensible way to signal each StatefulSet what to do (I'm not too familiar with the product, I'm more than happy to work on a helm-side solution)

[KongZ]

I'm agree that this method is not perfectly optimize since the Graylog itself does not have a mechanism to elect a new master by itself. You have to manual choose the master by set it on configuration file before Graylog is started.

Since the product itself does not support Master selection the init-container here introduced the solution by using only helm without modifying product.

Alternate solution would hard-code pod-0 to Master but in some circumstance which pod-0 lost or could not start, we will lost Master and Graylog will stop working.

Other solutions are welcome. You can freely have a discussion here.

And for the on-prem or no internet access, you can set .Values.graylog.init.kubectlLocation to download a kubectl from other locations.