This article explains about how to set environment variables and secrets when using Hivemq operator. Also explains How to use them in Enterprise security extensionprovides a comprehensive guide on setting up secrets with the combination of environmental variables when utilizing the HiveMQ operator. It also demonstrates how to use these secrets in the Enterprise Security Extension (ESE) for managing usernames and passwords.
Additionally, it highlights the option of using secrets exclusively for sensitive data such as Hivemq licenses or any other confidential information, based on your specific use case.
\uD83D\uDCD8 Instructions
Create a secret file name as
db-secret.yaml
(note username and password values are converted to base64)
...
. For example
...
echo -n 'admin' | base64.
. ====> “YWRtaW4=”Code Block apiVersion: v1 kind: Secret metadata: name: ese-secret type: Opaque data: dbusername: YWRtaW4= dbpassword: MWYyZDFlMmU2N2Rm
Create a secret using the following command
Code Block kubectl apply -f db-secret.yaml
You can verify if the secret is created using the following command
Code Block kubectl get secret
Use created secret in Hivemq operator’s values.yaml. Please refer following example.
Code Block hivemq: ... env: - name: DB_USERNAME valueFrom: secretKeyRef: name: ese-secret key: dbusername - name: DB_PASSWORD valueFrom: secretKeyRef: name: ese-secret key: dbpassword
...
To ensure consistency in your configuration, please utilize the same environment variables in your Security extension (ESE) configuration
...
. Afterwards, create a configMap
...
using the same file.
...
Furthermore, make sure to use the identical configMap name in
...
the values.yaml file for HiveMQ.
Code Block ... <realms> <!-- a postgresql db--> <sql-realm> <name>postgres-backend</name> <enabled>true</enabled> <configuration> <db-type>POSTGRES</db-type> <db-name>ese</db-name> <db-host>localhost</db-host> <db-port>5432</db-port> <db-username>${ENV:DB_USERNAME}</db-username> <db-password>${ENV:DB_PASSWORD}</db-password> </configuration> </sql-realm> </realms> ...
Deploy Hivemq using values.
...
yaml and that’s it.
Code Block helm upgrade --install -v <values.yaml> hivemq-test hivemq/hivemq-operator
Related articles
Filter by label (Content by label) | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|