my scenario:
- i have a working lakefs, minio, pos...
# helpt
T. P.
11/16/2020, 4:40 PMmy scenario:
• i have a working lakefs, minio, postgres under eks
• lakefs, minio and postgres all run in their own namespace
• for development, i have directly specified connection strings etc. for testing purposes
• we use fluxcd (helm operator) for all of our HelmRelease (link showing how to inject values into chart: https://docs.fluxcd.io/projects/helm-operator/en/latest/helmrelease-guide/values/)
• i have reviewed lakefs helm chart source
• i see that you can specify environment variables e.g. LAKEFS_DATABASE_CONNECTION_STRING
• in the HelmRelease source code (at the bottom), i need to be able to inject values of XXXXXXXXXX, YYYYYYYYYY and ZZZZZZZZZZ with values which are in secrets from other namespaces
• for that, an example from fluxcd HelmRelease:
• spec:
• valuesFrom:
• - secretKeyRef:
• name: default-values
• namespace: my-ns
• key: values.yaml
• optional: true
full source code of my HelmRelease:
---
apiVersion: v1
kind: Namespace
metadata:
labels:
name: lakefs
name: lakefs
---
apiVersion: helm.fluxcd.io/v1
kind: HelmRelease
metadata:
name: lakefs
namespace: lakefs
spec:
releaseName: lakefs
chart:
repository: https://charts.lakefs.io
name: lakefs
version: 0.3.8
values:
ingress:
annotations:
kubernetes.io/ingress.class: nginx
enabled: "true"
hosts:
- host: lakefs-nginx.local
paths:
- /
lakefsConfig: |
blockstore:
s3:
credentials:
access_key_id: XXXXXXXXXX
access_secret_key: XXXXXXXXXX
force_path_style: true
endpoint: http://minio.minio.svc
region: us-east-2
type: s3
gateways:
s3:
domain_name: minio.minio
region: us-east-2
replicaCount: 3
secrets:
authEncryptSecretKey: YYYYYYYYYY
databaseConnectionString: postgres://postgres:ZZZZZZZZZZ@postgresql.postgresql:5432/postgres?sslmode=disable
y
Yoni Augarten
11/16/2020, 4:53 PMHey @T. P., thanks for the detailed explanation. Let's take this in private (I will later update here in the channel with our results).