https://datahubproject.io logo
Join Slack
Powered by
I got this error `kubelet Error: secret "datahub-e...
# all-things-deployment
q
I got this error 
kubelet Error: secret "datahub-encryption-secrets" not found
e
We ran into a similar issue here https://datahubspace.slack.com/archives/C029A3M079U/p1645687038536389 could you try running helm upgrade again and see if the secrets are auto created?
q
this error message from 
datahub-datahub-gms-c55c74d8c-6djph        0/1   CreateContainerConfigError  0     19h
so I execute the following command 
kubectl create secret generic datahub-encryption-secrets --from-literal=encryption_key_secret=datahub
fix it
NEO4J_HOST: prerequisites-neo4j-community:7474 NEO4J_URI: bolt://prerequisites-neo4j-community NEO4J_USERNAME: neo4j NEO4J_PASSWORD: <set to the key ‘neo4j-password’ in secret ‘neo4j-secrets’> Optional: false UI_INGESTION_ENABLED: true SECRET_SERVICE_ENCRYPTION_KEY: <set to the key ‘encryption_key_secret’ in secret ‘datahub-encryption-secrets’> Optional: false UI_INGESTION_DEFAULT_CLI_VERSION: 0.8.26.6
e
right, but ideally our helm chart
should’ve auto created that secret
seems like it doesn’t always work
q
Copy code
kubectl create secret generic mysql-secrets --from-literal=mysql-root-password=datahub
kubectl create secret generic neo4j-secrets --from-literal=neo4j-password=datahub
It looks like there is no synchronous update
e
That is intentional since we want folks to set password to something they know
But for these internal secrets, we want it to auto set it to a random string
q
datahub: gms: port: “8080” nodePort: “30001" mae_consumer: port: “9091” nodePort: “30002" appVersion: “1.0” encryptionKey: secretRef: “datahub-encryption-secrets” secretKey: “encryption_key_secret” # Set to false if you’d like to provide your own secret. provisionSecret: true
provisionSecret: true
this should be false
datahub-helm/charts/datahub/values.yaml
e
It doesn’t provision if the secret already exists
10 Views
Open in Slack
PreviousNext
Powered by