Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This article explains about how to set environment variables and secrets when using Hivemq operator. Also explains How to use them in Enterprise security extensionprovides a comprehensive guide on setting up secrets with the combination of environmental variables when utilizing the HiveMQ operator. It also demonstrates how to use these secrets in the Enterprise Security Extension (ESE) for managing usernames and passwords.

Additionally, it highlights the option of using secrets exclusively for sensitive data such as Hivemq licenses or any other confidential information, based on your specific use case.

\uD83D\uDCD8 Instructions

  1. Create a secret file name as db-secret.yaml (note username and password values are converted to base64)

...

  1. . For example

...

  1. echo -n 'admin' | base64. . ====> “YWRtaW4=”

    Code Block
    apiVersion: v1
    kind: Secret
    metadata:
      name: ese-secret
    type: Opaque
    data:
      dbusername: YWRtaW4=
      dbpassword: MWYyZDFlMmU2N2Rm
  2. Create a secret using the following command

    Code Block
    kubectl apply -f db-secret.yaml
  3. You can verify if the secret is created using the following command

    Code Block
    kubectl get secret
  4. Use created secret in Hivemq operator’s values.yaml. Please refer following example.

    Code Block
    hivemq:
      ...
      env:
      - name: DB_USERNAME
        valueFrom:
          secretKeyRef:
            name: ese-secret
            key: dbusername
      - name: DB_PASSWORD
        valueFrom:
          secretKeyRef:
            name: ese-secret
            key: dbpassword

...

  1. To ensure consistency in your configuration, please utilize the same environment variables in your Security extension (ESE) configuration

...

  1. . Afterwards, create a configMap

...

  1. using the same file.

...

  1. Furthermore, make sure to use the identical configMap name in

...

  1. the values.yaml file for HiveMQ.

    Code Block
    ...    
        <realms>
            <!-- a postgresql db-->
            <sql-realm>
                <name>postgres-backend</name>
                <enabled>true</enabled>
                <configuration>
                    <db-type>POSTGRES</db-type>
                    <db-name>ese</db-name>
                    <db-host>localhost</db-host>
                    <db-port>5432</db-port>
                    <db-username>${ENV:DB_USERNAME}</db-username>
                    <db-password>${ENV:DB_PASSWORD}</db-password>
                </configuration>
            </sql-realm>
        </realms>
    ...
  2. Deploy Hivemq using values.

...

  1. yaml and that’s it.

    Code Block
    helm upgrade --install -v <values.yaml> hivemq-test hivemq/hivemq-operator

Filter by label (Content by label)
showLabelsfalse
max5
spacescom.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@957
sortmodified
showSpacefalse
reversetrue
typepage
cqllabel in ( "kubernetes" , "hivemq-operator" , "ese" , "secret" , "Security" , "environment-variables" ) and type = "page" and space = "KB"
labelskb-how-to-article