https://datahubproject.io logo
Join Slack
Powered by
Hi guys, its possible to install with help just a ...
# all-things-deployment
f
Hi guys, its possible to install with help just a part of datahub, like de frontend or gsm (not all the components)?
for more context, i need to change this file https://github.com/acryldata/datahub-helm/blob/master/charts/datahub/subcharts/datahub-gms/values.yaml and adding this lines, for changing the datahub default password
Copy code
extraVolumes:
    - name: user-props
      secret:
        secretName: datahub-pass-secret
  extraVolumeMounts:
    - name: user-props
      mountPath: /datahub-frontend/conf/user.props
      subPath: token
      readOnly: true
s
You want to re-deploy? Because for successfully running DataHub we need all componenets. Which components are you thinking of leaving out?
f
well de gms, i mean, i need to update the values.yaml so i need to re deploy the gms-service, or to install from local the datahub
right?>
s
You are using helm to deploy to google GKE, right? You can edit the values yaml and do helm deploy. It will only update what is required
f
but when i do helm install datahub datahub/datahub is not from the local environment, and if i use -f values.yaml is not the yaml from datahub-gms
s
What do you mean it is not yaml from datahub-gms? You know that there is going to be a single values yaml file when you are deploying helm chart, right? Similar to this one https://github.com/acryldata/datahub-helm/blob/master/charts/datahub/values.yaml
e
@few-air-56117 the values.yaml that you input into the main helm contains the datahub-gms subchart inside it. i.e. if you edit whatever is under 
datahub-gms:
it will get propagated into the datahub-gms subchart. So you can set (for instance),
Copy code
datahub-gms:  
  ...
  extraVolumes:
    - name: user-props
      secret:
        secretName: datahub-pass-secret
  extraVolumeMounts:
    - name: user-props
      mountPath: /datahub-frontend/conf/user.props
      subPath: token
      readOnly: true
f
got it, i instaled datahub with -f values.yaml, and the value from conf.user.pros is changed
but the password its still datahub
s
You need to restart frontend. You can kill the running frontend pod. Sometimes when the secrets are updated the pods are not updated until new pod is created
f
i tried
Copy code
kubectl -n default delete po YOUR_POD_NAME ( gms pod)
but its the same result
i use
Copy code
kubectl -n default exec -it datahub-datahub-gms-<number>  -- bash
to go inside the pod and i find the datahub-frontend/conf/user.props and its have the new values
so , the file is modified but the passworld is not reset with the new one
and i have onther question. why is datahub-gms subchar and not datahub-frontend if the files is in frontend?
Copy code
datahub-gms:  
  ...
  extraVolumes:
    - name: user-props
      secret:
        secretName: datahub-pass-secret
  extraVolumeMounts:
    - name: user-props
      mountPath: /datahub-frontend/conf/user.props
      subPath: token
      readOnly: true
s
I was wrong. This should be in frontend https://datahubproject.io/docs/how/auth/jaas/ not gms
f
now make sens :))
yep, it works
thx a lot guys
❤️
now i will try to do OIDC integraton for the non admin users
n
Hi I stumbled upon the same problem. I try to create the secret by using this command
Copy code
kubectl create secret generic datahub-pass-secret --from-file=user.props
but resulting an error:
Copy code
Error: failed to start container "datahub-frontend": Error response from daemon: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: rootfs_linux.go:76: mounting "/var/lib/kubelet/pods/0e859469-c55d-4c7e-b746-bba1d4d021ef/volume-subpaths/user-props/datahub-frontend/0" to rootfs at "/datahub-frontend/conf/user.props" caused: mount through procfd: not a directory: unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type
do you know why?
f
hi @nice-memory-81320 try this one
Copy code
kubectl create secret generic  datahub-pass-secret --from-literal=token=datahub:<your_pass>
also, this is the values.yaml
Copy code
datahub-frontend:
  extraVolumes:
      - name: user-props
        secret:
          secretName: datahub-pass-secret
          
  extraVolumeMounts:
      - name: user-props
        mountPath: /datahub-frontend/conf/user.props
        subPath: token
        readOnly: true
and the install command
Copy code
helm install datahub datahub/datahub -f values.yaml
@square-activity-64562 how can i add multiple users in user.pros[ i tried this but dosen work
Copy code
kubectl create secret generic  datahub-pass-secret --from-literal=token=datahub:<password1>
token=dragos:<password2>
s
Can you try something like
Copy code
kubectl create secret generic  datahub-pass-secret --from-literal=token=datahub:password\ntoken=aseem:aseemPassword
actually no
that won't work
Let me check
f
sure
s
Can you try something like this, mount this and let me know if this works
Copy code
> cat user.props
datahub:datahub
aseem:aseem
> cat user.props | base64                                                                                         
ZGF0YWh1YjpkYXRhaHViCmFzZWVtOmFzZWVtCg==
> kubectl create secret generic  datahub-pass-secret --from-literal=token=ZGF0YWh1YjpkYXRhaHViCmFzZWVtOmFzZWVtCg==
f
sure
nop, invalid credentials
probably because its base64?
s
Did you restart frontend after updating the secret?
f
i used helm install
so yea, i uninstalled the datahub , created the secret and install datahub
s
And if you go to frontend pod and check the content of the file user.props what is the content?
f
ZGF0YWh1Yjp0ZXN0ZHJhZ29zCmRyYWdvczp0ZXN0ZHJhZ28=E0111 123730.124719  83765 v3.go:79] EOF
:)))
s
If you check
Copy code
kubectl edit secret datahub-pass-secret
something like this
Copy code
apiVersion: v1
data:
  token: ZGF0YWh1YjpkYXRhaHViCmFzZWVtOmFzZWVtCg==
kind: Secret
metadata:
  creationTimestamp: "2022-01-11T10:34:16Z"
  name: datahub-pass-secret
  namespace: default
  resourceVersion: "5103849"
  selfLink: /api/v1/namespaces/default/secrets/datahub-pass-secret
  uid: a3c0882e-c4ea-4003-b005-975083d0c4c7
type: Opaque
should show up. Is the token correct in here?
This should be the exact value passed in
Copy code
kubectl create secret generic  datahub-pass-secret --from-literal=token=ZGF0YWh1YjpkYXRhaHViCmFzZWVtOmFzZWVtCg==
f
hmm, thi sis the token in secret WkdGMFlXaDFZanAwWlhOMFpISmhaMjl6Q21SeVlXZHZjenAwWlhOMFpISmhaMjg9
and this was the command
kubectl create secret generic datahub-pass-secret --from-literal=token=ZGF0YWh1Yjp0ZXN0ZHJhZ29zCmRyYWdvczp0ZXN0ZHJhZ28=
s
It got double encoded base64
f
yea
s
Can you try this
Copy code
kubectl create secret generic datahub-pass-secret --from-file=token=user.props
Notice there is 
token=
before the file name
After this the correct base64 encoded secret should be in 
datahub-pass-secret
f
yep , its work from file
but i see something intresting
ia have 2 users,datahub and dragos
i can login with dragos but i see only datahub on users meniu
s
you should go through this

https://www.youtube.com/watch?v=8Osw6p9vDYY&amp;ab_channel=DataHub

f
sure, i will watch, thx 😃
for OIDC integration, we can set docker env also from values.yaml right
3 Views
Open in Slack
PreviousNext
Powered by