HiveMQ license as a Kubernetes Secret

How to use Kubernetes Secret to specify HiveMQ license with HiveMQ Operator.
HiveMQ requires a license as a file in /opt/hivemq/license directory. There are 3 ways to add the license with HiveMQ Operator:

1. as a raw value in the values.yaml file,

2. as a configMap in the values.yaml file,

3. as a secret in the values.yaml file.

This article explains how to use Kubernetes Secret to specify a HiveMQ license with HiveMQ Operator.

\uD83D\uDCD8 Instructions

1. Edit the values.yaml file to specify that the license file is contained in hivemq-license secret, which will be mounted to the directory /opt/hivemq/license

   hivemq:
   ...
     secrets: 
     # Secrets to mount to the HiveMQ pods. These can be mounted to existing directories without shadowing the folder contents as well.
     - name: hivemq-license
       path: /opt/hivemq/license
   ...

2. If there is no namespace for the HiveMQ, then create one and switch the kubectl context to it

   kubectl create ns hivemq
   kubectl ns hivemq

3. Create the secret with nave hivemq-license in the namespace hivemq from the license file hivemq-2023.lic

   kubectl create secret generic hivemq-license \
     --from-file hivemq-license.lic \
     --namespace hivemq

4. Install HiveMQ with the release name hivemq-mine from the Helm chart hivemq-operator to the namespace hivemq and use parameter values from the file values.yaml

   helm upgrade hivemq-mine \
     --install hivemq/hivemq-operator \
     --namespace hivemq\
     --values values.yaml

\uD83D\uDCCB Related articles

• Page:
  Inject license via Hashicorp Vault Agent Annotations | HiveMQ Platform Operator (new) (HiveMQ Knowledge Base - Self Managed Offering) —

  Vault Agent Sidecar Injector service leverages the sidecar container pattern and Kubernetes mutating admission webhook to intercept pods that define specific annotations and inject a Vault Agent container to manage these secrets.

  This is beneficial because:

  • Applications remain Vault unaware as the secrets are stored on the file-system in their container.

  • helm
  • kb-how-to-article
  • kubernetes
  • vault
  • k8s
  • license
• Page:
  Inject license via Hashicorp Vault Agent Init Container | HiveMQ Platform Operator (new) (HiveMQ Knowledge Base - Self Managed Offering) —

  Vault Agent provides a number of different helper features, specifically addressing the following challenges:

  • Automatic authentication

  • helm
  • kb-how-to-article
  • kubernetes
  • vault
  • k8s
  • license
• Page:
  Inject license via Hashicorp Vault Agent | HiveMQ Operator (legacy) (HiveMQ Knowledge Base - Self Managed Offering) —

  In this knowledge base article, we set up Hashicorp Vault and injector service with the Hashicorp Vault Helm chart and store a HiveMQ License as a secret. Then we will deploy the HiveMQ broker cluster with the hivemq-operator Helm chart to demonstrate how the Hashicorp Vault injector service retrieves, decodes and writes the secret to /opt/hivemq/license/hivmq.lic file on the pod for the HiveMQ application to use.

  • kb-how-to-article
  • kubernetes
  • vault
  • k8s
  • license
• Page:
  Set the HiveMQ License File from a Kubernetes Secret (HiveMQ Knowledge Base - Self Managed Offering) —

  HiveMQ requires a valid license file placed in the /opt/hivemq/license directory within the HiveMQ container to operate properly. You can specify this license file using HiveMQ Operator in three different ways: as a raw value in the values.yaml file, as a configMap in the values.yaml file, or as a Secret in the values.yaml file. This article will guide you through the process of using a Kubernetes Secret.

  • kb-how-to-article
  • hivemq-operator
  • kubernetes
  • secret
  • license
• Page:
  Retrieving HiveMQ licence information (HiveMQ Knowledge Base - Self Managed Offering) —

  Question

  How can I access information about the loaded HiveMQ license?

  Answer

  • customer
  • faq
  • license