One of the problems I faced is that the tool doesn’t follow the configuration guidelines from the 12-factor app methodology.
That is to say, we have to put the credentials in the YAML configuration rather than in environment variable :-(
As for Kubernetes, it doesn’t allow us to mix Secret values within ConfigMap.
To solve that issue, we have 3 components:
ConfigMapwhich will have the configuration as a template
initContainerthat will merge the two
The secret comes from the ECK Operator ; we can get it with
kubectl get secrets quickstart-es-elastic-user -o yaml :
apiVersion: v1 kind: Secret data: elastic: YU80bnc4NzZWMXBWMThOZThqOFlnOE1r
In the case of k8s-events-reporting the ConfigMap looks like this:
The important piece is the last line,
<=% %> is the erb syntax to call ruby code, and ENV is a hash to acces the environment variables.
- Because I ♥ Ruby !
- Because the erb command line comes with the ruby docker official image (there is no need for a custom Dockerfile and therefore no maintenance)
Last but not least, here is the
Deployment with the initContainer
config that will craft the config file from both the
Secret passed as an environment variable and the
ConfigMap template. The
event-exporter container can later use that file.