HiveMQ requires a valid license file placed in the /opt/hivemq/license directory within the HiveMQ container to operate properly. You can specify this license file using HiveMQ Operator in three different ways: as a raw value in the values.yaml file, as a configMap in the values.yaml file, or as a Secret in the values.yaml file. This article will guide you through the process of using a Kubernetes Secret.
\uD83D\uDCD8 Instructions
If you don't have the
values.yamlfile for the HiveMQ Operator yet, you can retrieve it from the HiveMQ Helm repository and save it to a file namedvalues.yamlusing the following command:helm show values 'hivemq/hivemq-operator' > values.yaml
Edit the
values.yamlfile to configure the mapping of the HiveMQ licenseSecretto mount it into the HiveMQ container directory/opt/hivemq/license. Find thehivemqsection in thevalues.yamlfile and add the following lines:hivemq: ... secrets: # Secrets to mount to the HiveMQ pods. These can be mounted to existing directories without shadowing the folder contents as well. - name: hivemq-license path: /opt/hivemq/license ...Create a Kubernetes
Secretwith the namehivemq-licenseusing thekubectlcommand. Make sure to place the license file, in this case,hivemq-2023.lic, in the same namespace where the HiveMQ Operator is running (replace'hivemq-namespace'with your actual namespace):kubectl create secret generic 'hivemq-license' \ --from-file 'hivemq-license.lic' \ --namespace 'hivemq-namespace'
Now, you can install HiveMQ with the specified license. Use the following
helm upgradecommand, providing a release name (e.g.,'hivemq-release'), the Helm chart ('hivemq/hivemq-operator'), the target namespace ('hivemq'), and thevalues.yamlfile you edited earlier:helm upgrade 'hivemq-release' \ --install 'hivemq/hivemq-operator' \ --namespace 'hivemq' \ --values 'values.yaml'
HiveMQ will be installed with the license file from the Kubernetes
Secret, ensuring that it operates with the appropriate licensing.That's it! You've successfully configured HiveMQ to use a license file from a Kubernetes
Secretusing HiveMQ Operator.
\uD83D\uDCCB Related articles
-
Inject license via Hashicorp Vault Agent Annotations | HiveMQ Platform Operator (new) —
Vault Agent Sidecar Injector service leverages the sidecar container pattern and Kubernetes mutating admission webhook to intercept pods that define specific annotations and inject a Vault Agent container to manage these secrets.
This is beneficial because:
Applications remain Vault unaware as the secrets are stored on the file-system in their container.
-
Inject license via Hashicorp Vault Agent Init Container | HiveMQ Platform Operator (new) —
Vault Agent provides a number of different helper features, specifically addressing the following challenges:
Automatic authentication
-
Inject license via Hashicorp Vault Agent | HiveMQ Operator (legacy) —
In this knowledge base article, we set up Hashicorp Vault and injector service with the Hashicorp Vault Helm chart and store a HiveMQ License as a secret. Then we will deploy the HiveMQ broker cluster with the hivemq-operator Helm chart to demonstrate how the Hashicorp Vault injector service retrieves, decodes and writes the secret to /opt/hivemq/license/hivmq.lic file on the pod for the HiveMQ application to use.
-
Set the HiveMQ License File from a Kubernetes Secret —
HiveMQ requires a valid license file placed in the
/opt/hivemq/licensedirectory within the HiveMQ container to operate properly. You can specify this license file using HiveMQ Operator in three different ways: as a raw value in thevalues.yamlfile, as a configMap in thevalues.yamlfile, or as a Secret in thevalues.yamlfile. This article will guide you through the process of using a KubernetesSecret. -
Retrieving HiveMQ licence information —
Question
How can I access information about the loaded HiveMQ license?
Answer