I have a secret where CoucbaseCluster username and password are stored. I am trying to expose them as environment variables to server pods. However, when I ssh into the pod I don’t see them as environment variables.
How do I bring secret values as environment variables for CouchbaseCluster pod?
Please see one of my CouchbaseCluster server nodes definition:
- name: analytics-us-west1
- name: COUCHBASE_USERNAME
- name: COUCHBASE_PASSWORD
What version of the Operator are you using? When did you add the configuration (before or after creating the cluster)?
we are using (1.2.0 operator): couchbase/operator:1.2.0.
I added the configuration before creating the cluster.
And the Couchbase server is: couchbase/server:enterprise-6.0.2
Just to be clear, when I went into the pod (shell) - i don’t see the environment variable.
kubectl exec -it -n my-namespace my-pod – sh
env | grep COUCHBASE_USERNAME
Please do note that other pod spec items are working:
like annotations, resources (limits and requests) and volumemounts.
only the secrets are not coming as environment variables
basically am trying to integrate Datadog with Couchbase (it works with annotations and hard coded username and passwords). And the way to send password (sensitive data/secret) is via environment variables.
So, trying to finish the integration - any help is greatly appreciated. thank you.
Please do let me know if you have any questions
From the spec looks like there is only “envFrom” option, not “env” option. https://docs.couchbase.com/operator/1.2/couchbase-cluster-config.html
I will give it a try.
btw, can you please confirm if “env” option is not supported in 1.2 operator (6.0.2 cluster)? If not supported, where can I see the corresponding error? helm upgrade (we use helm 3 to install cluster and operator) - didn’t complain.
- name: ENV1
hmm, envFrom option didn’t do that trick as well
The V1 release of the Operator was… somewhat non-intuitive
env does exist, but as couchbaseEnv, for example:
- size: 1
- name: EXPLICIT_VAR
- name: IMPLICIT_VAR
And results in…
$ kubectl exec -ti cb-example-0000 -- env | grep EXPLI
$ kubectl exec -ti cb-example-0000 -- env | grep IMPL
I’ve righted the wrongs of the past in V2, upgrade if you can, it’s a much nicer experience! That said if you can’t follow my guidance above and it will work.
For completeness, envFrom works like this:
- prefix: TEST_
And results in:
$ kubectl exec -ti cb-example-0000 -- env | grep TEST
thank you, Simon
Both approaches worked. Appreciate details - it made it pretty clear to follow and fix my yaml file easily.
Probably documentation needs to be updated:
- For couchbaseEnv: having an example with secret (or, updating spec with secret) - first glance gave me impression that probably its not supported.
- Having the correct indentation in spec (spaces) as yaml is crazy about this!!
And yes, we are planning to migrate to 2.0 soon (in couple of months)
You are right, the documentation could be better for these fields, I shall raise an issue and have it addressed as soon as possible! In general we avoid documenting Kubernetes types because they could change under us, but I can and will link to the official specifications where we reference native types in our custom resources.
Anyway, glad to have helped and good luck!
just in case if anyone stumbles across this post to complete Couchbase and Datadog integration:
The above approach does work to add environment variables for the Coucbase server pod.
But w.r.t Datadog integration - the Couchbase auth in datadog annotations (in Couchbase server pod) (like COUCHBASE_USERNAME, COUCHBASE_PASSWORD) these environment variables should be exposed in Datadog agent and annotated in Couchbase server pod.