Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to reference kubernetes secrets in helm chart?

Tags:

kubernetes

kubernetes-secrets

kubernetes-helm

I want to make some deployments in kubernetes using helm charts. Here is a sample override-values yaml that I use:

imageRepository: ""

ocbb:
    imagePullPolicy: IfNotPresent
    TZ: UTC
    logDir: /oms_logs
    tnsAdmin: /oms/ora_k8
    LOG_LEVEL: 3
    wallet:
        client: 
        server: 
        root:
    db:
        deployment:
            imageName: init_db
            imageTag:
        host: 192.168.88.80
        port:
        service:
        alias:
        schemauser: pincloud
        schemapass:
        schematablespace: pincloud
        indextablespace: pincloudx
        nls_lang: AMERICAN_AMERICA.AL32UTF8
        charset: AL32UTF8
        pipelineschemauser: ifwcloud
        pipelineschemapass:
        pipelineschematablespace: ifwcloud
        pipelineindextablespace: ifwcloudx
        pipelinealias:
        queuename:

In this file I have to set some values involving credentials, for example schemapass, pipelineschemapass... Documentation states I have to generate kubernetes secrets to do this and add this key to my yaml file with the same path hierarchy.

I generated some kubernetes secrets, for example:

kubectl create secret generic schemapass --from-literal=password='pincloud'

Now I don't know how to reference this newly generated secret in my yaml file. Any tip about how to set schemapass field in yaml chart to reference kubernetes secret?

like image 419
Tians Avatar asked Oct 18 '19 08:10

Tians

People also ask

How do you store Kubernetes secrets?

When you create a Secret with kubectl create -f secret. yaml , Kubernetes stores it in etcd. The Secrets are stored in clear in etcd unless you define an encryption provider. When you define the provider, before the Secret is stored in etcd and after the values are submitted to the API, the Secrets are encrypted.

1 Answers

You cannot use Kubernetes secret in your values.yaml. In values.yaml you only specify the input parameters for the Helm Chart, so it could be the secret name, but not the secret itself (or anything that it resolved).

If you want to use the secret in your container, then you can insert it as an environment variable:

env:
- name: SECRET_VALUE_ENV
  valueFrom:
    secretKeyRef:
      name: schemapass
      key: password

You can check more in the Hazelcast Enterprise Helm Chart. We do exactly that. You specify the secret name in values.yaml and then the secret is injected into the container using environment variable.

like image 97
Rafał Leszko Avatar answered Oct 20 '22 13:10

Rafał Leszko
Sign in to Comment

Related questions

Kafka not able to connect with zookeeper with error "Timed out waiting for connection while in state: CONNECTING"
How can I create a simple client app with the Kubernetes Go library?
Prevent inter-namespace communication in Kubernetes
Why ingress "servicePort" can be "port" and "targetPort" of service?
How to access pods without services in Kubernetes
How to get namespace from current-context set in .kube/config
How to kubectl wait for crd creation?
OpenShift V3 vs. OpenShift V2 [closed]
Hadoop on Kubernetes vs Standard Hadoop
How to change a Kubernetes hostpath-provisioner mount path?
helmfile sync vs helmfile apply
Why minikube needs a VM
Delete key from configmap in Kubernetes
EKS : could not find any suitable subnets for creating the ELB
helm list all installed charts
How to create Kubernetes load balancer on aws
Kubernetes - processing an unlimited number of work-items
nslookup: can't resolve kubernetes.default
Kubernetes: kubectl top nodes/pods not working
How can I view pods with kubectl and filter based on having a status of ImagePullBackOff?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!