This article explains about how to set environment variables and secrets when using Hivemq operator. Also explains How to use them in Enterprise security extension.
\uD83D\uDCD8 Instructions
Create secret file name as
db-secret.yaml
(note username and password values are converted to base64)
for example:echo -n 'admin' | base64.
. ====> “YWRtaW4=”apiVersion: v1 kind: Secret metadata: name: ese-secret type: Opaque data: dbusername: YWRtaW4= dbpassword: MWYyZDFlMmU2N2Rm
kubectl apply -f db-secret.yaml
You can verify if secret is created using following command
kubectl get secret
Use created secret in Hivemq operator’s values.yaml
hivemq: ... env: - name: DB_USERNAME valueFrom: secretKeyRef: name: ese-secret key: dbusername - name: DB_PASSWORD valueFrom: secretKeyRef: name: ese-secret key: dbpassword
Use same env variables in your ESE configuration and then create configMap of the same file. Also use same configMap name in your Hivemq’s values.yaml
... <realms> <!-- a postgresql db--> <sql-realm> <name>postgres-backend</name> <enabled>true</enabled> <configuration> <db-type>POSTGRES</db-type> <db-name>ese</db-name> <db-host>localhost</db-host> <db-port>5432</db-port> <db-username>${ENV:DB_USERNAME}</db-username> <db-password>${ENV:DB_PASSWORD}</db-password> </configuration> </sql-realm> </realms> ...
Deploy Hivemq using values.yaml and that’s it.