Configure secret references for the configurations defined in micro-gw.conf file in Kubernetes— WSO2 Micro Gateway
micro-gw.conf is the runtime configuration file located in <MGW-RUNTIME-HOME>/conf/ directory[1].
Today, we are going to discuss on how to configure secret references for the configurations defined in micro-gw.conf file.
Implementation
Let’s assume we want to fetch the configuration of “httpPort” under the “[listenerConfig]”.
[listenerConfig]
...
httpPort = 9090
...
Initially, we need to create a Kubernetes secret for this…
i. Create a file(secret.yaml) with the below content(data attributes needs to be base64 encoded, here we have encoded 8000).
apiVersion: v1
kind: Secret
metadata:
name: test-secret
data:
port: ODAwMA==
ii. Create the secret.
kubectl apply -f file-path/secret.yaml
Secondly, we need to declare this as an environment variable in deployment-config.toml file as below.
[kubernetes]
[kubernetes.kubernetesDeployment]
enable = true
...
env = '{ "listenerConfig_httpPort": {secretKeyRef: {key: "port",name: "test-secret"}} }'
Here, we need to create the variable name by appending the micro-gw.conf configuration hierarchy(Since the “httpPort” config is under the “listenerConfig”, the variable name can be obtained by appending both with “_”). Other than that, we need to use the same key(port) and the name(test-secret) of the secret we created.
Then we need to generate the Kubernetes artifacts by building the project.
micro-gw build k8s_project --deployment-config deployment.toml
Below is the generated k8 artifact (k8s_project.yaml) content with the environment variable,
...
spec:
containers:
- env:
- name: "listenerConfig_httpPort"
valueFrom:
secretKeyRef:
key: "port"
name: "test-secret"
- name: "CONFIG_FILE"
value: "/home/ballerina/conf/ballerina.conf"
...
👏 It’s almost done ✅.
We can start the Kubernetes cluster now.
CHEERS!
Happy Integration!