I am trying to concatenate variable in helmchart to develop connection strings.
connection string:
ConnectionStrings:TheSourceContext="Server=10.xx.xx.xx,1433;Database=Test;User Id=Test; Password=pass123;"
I am passing user id &password as secret but it is not working. it is not building up the requried strings.
- name: DBUSERD
valueFrom:
secretKeyRef:
key: dbuser
name: api-catalogue
- name: DBPASSD
valueFrom:
secretKeyRef:
key: dbpass
name: api-catalogue
- name: ConnectionStrings__TheSourceContext
value: {{ .Values.const.DBSVR }}{{ .Values.app.connectionStringsServer }},{{.Values.app.connectionStringsPort }}{{ .Values.const.DB }}{{ .Values.app.connectionStringsDB }}{{ .Values.const.DBUSR }}$(DBUSERD){{ .Values.const.DBPASS }}($DBPASSD)*
How to correct above variable so that it will work?
Related
Somehow I cannot load environment variables and I have the following error when the pod starts:
Error: Could not find or load main class
Caused by: java.lang.ClassNotFoundException:
The structure of my Helm chart:
I have the following configuration in the configmap.yaml Helm template:
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Values.nameOverride }}-config
data:
application.yaml: {{ tpl (.Files.Get "files/application.yaml") . | quote }}
appdynamicscontrollerconfig.yaml: {{ tpl (.Files.Get "files/appdynamics-controller-config.yaml") . | quote }}
javaconfigmap.yaml: {{ tpl (.Files.Get "files/java-config-map.yaml") . | quote }}
The deployment.yaml Helm template:
containers:
- name: {{ .Values.nameOverride }}
env:
- name: APPLICATION
valueFrom:
configMapKeyRef:
name: {{ .Values.nameOverride }}-config
key: application.yaml
- name: APPDYNAMICS_CONTROLLER_CONFIG
valueFrom:
configMapKeyRef:
name: {{ .Values.nameOverride }}-config
key: appdynamicscontrollerconfig.yaml
- name: JAVA_OPTS
valueFrom:
configMapKeyRef:
name: {{ .Values.nameOverride }}-config
key: javaconfigmap.yaml
volumes:
- configMap:
defaultMode: 420
name: {{ .Values.nameOverride }}-config
items:
- key: application.yaml
path: application.yaml
- key: appdynamicscontrollerconfig.yaml
path: appdynamics-controller-config.yaml
- key: javaconfigmap.yaml
path: java-config-map.yaml
name: {{ .Values.nameOverride }}-config
volumeMounts:
- mountPath: /cs/app/config
name: {{ .Values.nameOverride }}-config
readOnly: true
Am I referencing incorrectly to the files which contain the environment variable?
Probably yes, but I couldn't find a documentation for it.
In my helm chart, I have a few files that need credentials to be inputted
For example
<Resource
name="jdbc/test"
auth="Container"
driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver"
url="jdbc:sqlserver://{{ .Values.DB.host }}:{{ .Values.DB.port }};selectMethod=direct;DatabaseName={{ .Values.DB.name }};User={{ Values.DB.username }};Password={{ .Values.DB.password }}"
/>
I created a secret
Name: databaseinfo
Data:
username
password
I then create environment variables to retrieve those secrets in my deployment.yaml:
env:
- name: DBPassword
valueFrom:
secretKeyRef:
key: password
name: databaseinfo
- name: DBUser
valueFrom:
secretKeyRef:
key: username
name: databaseinfo
In my values.yaml or this other file, I need to be able to reference to this secret/environment variable. I tried the following but it does not work:
values.yaml
DB:
username: $env.DBUser
password: $env.DBPassword
you can't pass variables from any template to values.yaml with helm. Just from values.yaml to the templates.
The answer you are seeking was posted by mehowthe :
deployment.yaml =
env:
{{- range .Values.env }}
- name: {{ .name }}
value: {{ .value }}
{{- end }}
values.yaml =
env:
- name: "DBUser"
value: ""
- name: "DBPassword"
value: ""
then
helm install chart_name --name release_name --set env.DBUser="FOO" --set env.DBPassword="BAR"
I have some environment variables that I'm using in a helm installation and want to hide the password using a k8s secret.
values.yaml
env:
USER_EMAIL: "test#test.com"
USER_PASSWORD: "p8ssword"
I want to add the password via a kubernetes secret mysecrets, created using
# file: mysecrets.yaml
apiVersion: v1
kind: Secret
metadata:
name: mysecrets
type: Opaque
data:
test_user_password: cGFzc3dvcmQ=
and then add this to values.yaml
- name: TEST_USER_PASSWORD
valueFrom:
secretKeyRef:
name: mysecrets
key: test_user_password
I then use the following in the deployment
env:
{{- range $key, $value := $.Values.env }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
Is it possible to mix formats for environment variables in values.yaml i.e.,
env:
USER_EMAIL: "test#test.com"
- name: USER_PASSWORD
valueFrom:
secretKeyRef:
name: mysecrets
key: test_user_password
Or is there a way of referring to the secret in line in the original format?
Plan 1 :
One of the simplest implementation methods
You can directly use the yaml file injection method, put the env part here as it is, so you can write the kv form value and the ref form value in the values in the required format.
As follows:
values.yaml
env:
- name: "USER_EMAIL"
value: "test#test.com"
- name: "USER_PASSWORD"
valueFrom:
secretKeyRef:
name: mysecrets
key: test_user_password
deployment.yaml
containers:
- name: {{ .Chart.Name }}
env:
{{ toYaml .Values.env | nindent xxx }}
{{- end }}
(ps: xxx --> actual indent)
Plan 2:
Distinguish the scene by judging the type.
As follows:
values.yaml
env:
USER_EMAIL:
type: "kv"
value: "test#test.com"
USER_PASSWORD:
type: "secretRef"
name: mysecrets
key: p8ssword
USER_CONFIG:
type: "configmapRef"
name: myconfigmap
key: mycm
deployment.yaml
containers:
- name: {{ .Chart.Name }}
env:
{{- range $k, $v := .Values.env }}
- name: {{ $k | quote }}
{{- if eq $v.type "kv" }}
value: {{ $v.value | quote }}
{{- else if eq $v.type "secretRef" }}
valueFrom:
secretKeyRef:
name: {{ $v.name | quote }}
key: {{ $v.key | quote }}
{{- else if eq $v.type "configmapRef" }}
valueFrom:
configMapKeyRef:
name: {{ $v.name | quote }}
key: {{ $v.key | quote }}
{{- end }}
{{- end }}
I have a kubernetes yaml deployment file which accepts db username and password as arguments as shown below.
args:
- "-db_host=postgres"
- "-db_port=5432"
- "-db_username=postgres"
- "-db_password=postgres"
To hide the values of db_username and db_password I thought of using kubernetes secret kind. But to achieve that I have to make db_username and db_password as environment variables so that I can use it something like as shown below:
args:
- "-db_host=postgres"
- "-db_port=5432"
env:
- name: db_username
valueFrom:
secretKeyRef:
name: db-secret
key: db-user
- name: db_password
valueFrom:
secretKeyRef:
name: db-secret
key: db-pass
Is there any way we can use secret in args itself so that I don't have to do the 2nd approach.
Once you have an environment variable you can embed its value into the arguments:
env:
- name: MESSAGE
value: "hello world"
command: ["/bin/echo"]
args: ["$(MESSAGE)"]
Or in your case:
args:
- "-db_host=postgres"
- "-db_port=5432"
- "-db_username=$(db_username)"
- "-db_password=$(db_password)"
env:
- name: db_username
valueFrom:
secretKeyRef:
name: db-secret
key: db-user
- name: db_password
valueFrom:
secretKeyRef:
name: db-secret
key: db-pass
The reference can be found here
I have 4 Kubernetes/Helm deployments (web, emailworker, jobworker, sync) which all need to share exactly the same spec.template.spec.containers[].env key. The env keys are quite large and I'd like to avoid copy/pasting it in each deployment, e.g.:
# ...
env:
- name: NODE_ENV
value: "{{ .Values.node_env }}"
- name: BASEURL
value: "{{ .Values.base_url }}"
- name: REDIS_HOST
valueFrom:
secretKeyRef:
name: secret-redis
key: host
- name: KUE_PREFIX
value: "{{ .Values.kue_prefix }}"
- name: DATABASE_NAME
value: "{{ .Values.database_name }}"
- name: DATABASE_HOST
valueFrom:
secretKeyRef:
name: secret-postgres
key: host
- name: DATABASE_USER
valueFrom:
secretKeyRef:
name: secret-postgres
key: username
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: secret-postgres
key: password
- name: AWS_KEY
valueFrom:
secretKeyRef:
name: secret-bucket
key: key
- name: AWS_SECRET
valueFrom:
secretKeyRef:
name: secret-bucket
key: secret
- name: AWS_S3_BUCKET
valueFrom:
secretKeyRef:
name: secret-bucket
key: bucket
- name: AWS_S3_ENDPOINT
value: "{{ .Values.s3_endpoint }}"
- name: INSTAGRAM_CLIENT_ID
valueFrom:
secretKeyRef:
name: secret-instagram
key: clientID
# ...
Is this possible to achieve with either yaml, Helm or Kubernetes?
So I found a solution with Helm named templates: https://github.com/kubernetes/helm/blob/master/docs/chart_template_guide/named_templates.md
I created a file templates/_env.yaml with the following content:
{{ define "env" }}
- name: NODE_ENV
value: "{{ .Values.node_env }}"
- name: BASEURL
value: "{{ .Values.base_url }}"
- name: REDIS_HOST
valueFrom:
secretKeyRef:
name: secret-redis
key: host
- name: KUE_PREFIX
value: "{{ .Values.kue_prefix }}"
- name: DATABASE_NAME
value: "{{ .Values.database_name }}"
- name: DATABASE_HOST
valueFrom:
secretKeyRef:
name: secret-postgres
key: host
- name: DATABASE_USER
valueFrom:
secretKeyRef:
name: secret-postgres
key: username
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: secret-postgres
key: password
- name: AWS_KEY
valueFrom:
secretKeyRef:
name: secret-bucket
key: key
- name: AWS_SECRET
valueFrom:
secretKeyRef:
name: secret-bucket
key: secret
- name: AWS_S3_BUCKET
valueFrom:
secretKeyRef:
name: secret-bucket
key: bucket
- name: AWS_S3_ENDPOINT
value: "{{ .Values.s3_endpoint }}"
- name: INSTAGRAM_CLIENT_ID
valueFrom:
secretKeyRef:
name: secret-instagram
key: clientID
{{ end }}
And here's how I use it in a templates/deployment.yaml files:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: somedeployment
# ...
spec:
template:
# ...
metadata:
name: somedeployment
spec:
# ...
containers:
- name: container-name
image: someimage
# ...
env:
{{- template "env" . }}
Have a look at ConfigMap. That allows configuration to be collected together in one resource and used in multiple deployments.
https://kubernetes.io/docs/tasks/configure-pod-container/configmap/
No need to mess around with any templates.