Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

This article explains about how to set environment variables and secrets when using Hivemq operator. Also explains How to use them in Enterprise security extension.

\uD83D\uDCD8 Instructions

  1. Create secret file name as db-secret.yaml (note username and password values are converted to base64)
    for example: echo -n 'admin' | base64. . ====> “YWRtaW4=”

    apiVersion: v1
    kind: Secret
    metadata:
      name: ese-secret
    type: Opaque
    data:
      dbusername: YWRtaW4=
      dbpassword: MWYyZDFlMmU2N2Rm
  2. kubectl apply -f db-secret.yaml
  3. You can verify if secret is created using following command

    1. kubectl get secret
  4. Use created secret in Hivemq operator’s values.yaml

    hivemq:
      ...
      env:
      - name: DB_USERNAME
        valueFrom:
          secretKeyRef:
            name: ese-secret
            key: dbusername
      - name: DB_PASSWORD
        valueFrom:
          secretKeyRef:
            name: ese-secret
            key: dbpassword
  5. Use same env variables in your ESE configuration and then create configMap of the same file. Also use same configMap name in your Hivemq’s values.yaml

    ...    
        <realms>
            <!-- a postgresql db-->
            <sql-realm>
                <name>postgres-backend</name>
                <enabled>true</enabled>
                <configuration>
                    <db-type>POSTGRES</db-type>
                    <db-name>ese</db-name>
                    <db-host>localhost</db-host>
                    <db-port>5432</db-port>
                    <db-username>${ENV:DB_USERNAME}</db-username>
                    <db-password>${ENV:DB_PASSWORD}</db-password>
                </configuration>
            </sql-realm>
        </realms>
    ...
  6. Deploy Hivemq using values.yaml and that’s it.

  • No labels