This article explains about how to set environment variables and secrets secrets with the combination of environmental variables when using Hivemq operator. Also explains How to use them in Enterprise security extension for Username and Password.
Also you can also use just secrets for hivemq-licenses or any other sensitive data based on your usecase.
\uD83D\uDCD8 Instructions
Create secret file name as
db-secret.yaml(note username and password values are converted to base64)
for example:echo -n 'admin' | base64.. ====> “YWRtaW4=”Code Block apiVersion: v1 kind: Secret metadata: name: ese-secret type: Opaque data: dbusername: YWRtaW4= dbpassword: MWYyZDFlMmU2N2Rm
Code Block kubectl apply -f db-secret.yaml
You can verify if secret is created using following command
Code Block kubectl get secret
Use created secret in Hivemq operator’s values.yaml
Code Block hivemq: ... env: - name: DB_USERNAME valueFrom: secretKeyRef: name: ese-secret key: dbusername - name: DB_PASSWORD valueFrom: secretKeyRef: name: ese-secret key: dbpasswordUse same env variables in your ESE configuration and then create configMap of the same file. Also use same configMap name in your Hivemq’s values.yaml
Code Block ... <realms> <!-- a postgresql db--> <sql-realm> <name>postgres-backend</name> <enabled>true</enabled> <configuration> <db-type>POSTGRES</db-type> <db-name>ese</db-name> <db-host>localhost</db-host> <db-port>5432</db-port> <db-username>${ENV:DB_USERNAME}</db-username> <db-password>${ENV:DB_PASSWORD}</db-password> </configuration> </sql-realm> </realms> ...Deploy Hivemq using values.yaml and that’s it.