Quick one, how would I follow <this> if I've previ...
# all-things-deploymentf
fancy-fireman-15263
11/08/2021, 5:15 PMQuick one, how would I follow this if I've previously used the public helm chart?
fancy-fireman-15263
11/08/2021, 5:17 PMHow do I pass these to
values.yamldatahub-frontend:
...
extraEnvs:
- name: AUTH_OIDC_ENABLED
value: "true"
- name: AUTH_OIDC_CLIENT_ID
value: your-client-id
- name: AUTH_OIDC_CLIENT_SECRET
value: your-client-secret
- name: AUTH_OIDC_DISCOVERY_URI
value: your-provider-discovery-url
- name: AUTH_OIDC_BASE_URL
value: your-datahub-url
fancy-fireman-15263
11/08/2021, 5:29 PMIs the easiest way to do this fork the public helm chart?
b
big-carpet-38439
11/08/2021, 5:57 PMWe typically use "extraEnvs" as you have shown above^^
big-carpet-38439
11/08/2021, 5:58 PMIn our values.yaml:
big-carpet-38439
11/08/2021, 5:59 PM Copy code
datahub-frontend:
enabled: true
image:
tag: "head"
extraEnvs:
- name: AUTH_OIDC_ENABLED
value: "true"
- name: AUTH_OIDC_CLIENT_ID
value: <client id>
- name: AUTH_OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: oidc-secret
key: oidc-secret
- name: AUTH_OIDC_DISCOVERY_URI
value: <discovery uri>
- name: AUTH_OIDC_BASE_URL
value: <base url>
- name: AUTH_OIDC_SCOPE
value: <scope>
- name: AUTH_OIDC_USER_NAME_CLAIM
value: <claim>f
fancy-fireman-15263
11/08/2021, 6:04 PMSo I'd fork the helm chart and update? I can't patch in-flight?
fancy-fireman-15263
11/08/2021, 6:05 PMpresumably should pass secrets separately as env variables?
e
early-lamp-41924
11/08/2021, 6:05 PMAll the subcharts have ability to add extra without having to fork the helm charts
early-lamp-41924
11/08/2021, 6:06 PMThe one ^ John posted above is set in the values.yaml file you use to override
early-lamp-41924
11/08/2021, 6:06 PMSo for secrets see the example above, you simply set the secret name and key that you will refer to to get the secret value.
early-lamp-41924
11/08/2021, 6:07 PMBefore running the helm chart you need to manually create k8s secret by using this command
Copy code
kubectl create secret generic oidc-secret --from-literal=oidc-secret=<<secret-value>> --namespace <<namespace>>early-lamp-41924
11/08/2021, 6:08 PMIf you deployed before without explicitly setting values.yaml
early-lamp-41924
11/08/2021, 6:09 PMyou can create your own values.yaml and input it during helm upgrade by running the following
Copy code
helm upgrade --install -f path-to-your-values.yaml datahub datahub/datahubearly-lamp-41924
11/08/2021, 6:10 PMYour input values.yaml will overlay on the default values.yaml defined within the chart
early-lamp-41924
11/08/2021, 6:10 PMSo by adding extraEnvs in your input values.yaml, it will be applied in the final rendered charts
f
fancy-fireman-15263
11/08/2021, 6:16 PM๐
fancy-fireman-15263
11/08/2021, 6:31 PMGot this error for the yaml:
Copy code
Error: failed to parse values.yaml: error converting YAML to JSON: yaml: line 3: mapping values are not allowed in this contextfancy-fireman-15263
11/08/2021, 6:33 PMIt doesn't like the extraEnvs, thought it might be the ... but then I get:
Copy code
Error: failed to parse values.yaml: error converting YAML to JSON: yaml: line 4: did not find expected keye
early-lamp-41924
11/08/2021, 6:51 PMcan you share your values.yaml file? feel free to obfuscate actual values
f
fancy-fireman-15263
11/08/2021, 8:14 PM Copy code
datahub-frontend:
...
extraEnvs:
- name: AUTH_OIDC_ENABLED
value: "TRUE"
- name: AUTH_OIDC_CLIENT_ID
value: XXXX
- name: AUTH_OIDC_CLIENT_SECRET
value: XXXX
- name: AUTH_OIDC_DISCOVERY_URI
value: <https://accounts.google.com/.well-known/openid-configuration>
- name: AUTH_OIDC_BASE_URL
value: <http://localhost:9002>fancy-fireman-15263
11/08/2021, 8:17 PMLooking at it now reckon I should have copied the rest of it as well eh? ๐
fancy-fireman-15263
11/08/2021, 8:34 PMGetting the same issue for the same line though:
Copy code
# Values to start up datahub after starting up the datahub-prerequisites chart with "prerequisites" release name
# Copy this chart and change configuration as needed.
datahub-gms:
enabled: true
image:
repository: linkedin/datahub-gms
tag: "v0.8.16"
datahub-frontend:
enabled: true
image:
repository: linkedin/datahub-frontend-react
tag: "v0.8.16"
# Set up ingress to expose react front-end
ingress:
enabled: true
extraEnvs:
- name: AUTH_OIDC_ENABLED
value: "TRUE"
- name: AUTH_OIDC_CLIENT_ID
value: 123
- name: AUTH_OIDC_CLIENT_SECRET
value: 123
- name: AUTH_OIDC_DISCOVERY_URI
value: <https://accounts.google.com/.well-known/openid-configuration>
- name: AUTH_OIDC_BASE_URL
value: <http://localhost:9002>
datahub-mae-consumer:
image:
repository: linkedin/datahub-mae-consumer
tag: "v0.8.16"
datahub-mce-consumer:
image:
repository: linkedin/datahub-mce-consumer
tag: "v0.8.16"
datahub-ingestion-cron:
enabled: false
image:
repository: linkedin/datahub-ingestion
tag: "v0.8.16"
elasticsearchSetupJob:
enabled: true
image:
repository: linkedin/datahub-elasticsearch-setup
tag: "v0.8.16"
kafkaSetupJob:
enabled: true
image:
repository: linkedin/datahub-kafka-setup
tag: "v0.8.16"
mysqlSetupJob:
enabled: true
image:
repository: acryldata/datahub-mysql-setup
tag: "v0.8.16"
datahubUpgrade:
enabled: true
image:
repository: acryldata/datahub-upgrade
tag: "v0.8.16"
noCodeDataMigration:
sqlDbType: "MYSQL"
global:
graph_service_impl: neo4j
datahub_analytics_enabled: true
datahub_standalone_consumers_enabled: false
elasticsearch:
host: "elasticsearch-master"
port: "9200"
kafka:
bootstrap:
server: "prerequisites-kafka:9092"
zookeeper:
server: "prerequisites-zookeeper:2181"
## For AWS MSK set this to a number larger than 1
# partitions: 3
# replicationFactor: 3
schemaregistry:
url: "<http://prerequisites-cp-schema-registry:8081>"
# type: AWS_GLUE
# glue:
# region: us-east-1
# registry: datahub
neo4j:
host: "prerequisites-neo4j-community:7474"
uri: "<bolt://prerequisites-neo4j-community>"
username: "neo4j"
password:
secretRef: neo4j-secrets
secretKey: neo4j-password
sql:
datasource:
host: "prerequisites-mysql:3306"
hostForMysqlClient: "prerequisites-mysql"
port: "3306"
url: "jdbc:<mysql://prerequisites-mysql:3306/datahub?verifyServerCertificate=false&useSSL=true&useUnicode=yes&characterEncoding=UTF-8&enabledTLSProtocols=TLSv1.2>"
driver: "com.mysql.cj.jdbc.Driver"
username: "root"
password:
secretRef: mysql-secrets
secretKey: mysql-root-password
datahub:
gms:
port: "8080"
mae_consumer:
port: "9091"
appVersion: "1.0"fancy-fireman-15263
11/08/2021, 8:35 PMError: failed to parse values.yaml: error converting YAML to JSON: yaml: line 19: did not find expected keyfancy-fireman-15263
11/08/2021, 8:41 PMGot it working with changed indentation:
Copy code
datahub-frontend:
enabled: true
image:
repository: linkedin/datahub-frontend-react
tag: "v0.8.16"
# Set up ingress to expose react front-end
ingress:
enabled: false
extraEnvs:
- name: AUTH_OIDC_ENABLED
value: "TRUE"
- name: AUTH_OIDC_CLIENT_ID
value: 123
- name: AUTH_OIDC_CLIENT_SECRET
value: 123
- name: AUTH_OIDC_DISCOVERY_URI
value: <https://accounts.google.com/.well-known/openid-configuration>
- name: AUTH_OIDC_BASE_URL
value: <http://localhost:9002>e
early-lamp-41924
11/08/2021, 9:10 PMawesome
early-lamp-41924
11/08/2021, 9:10 PMnote you donโt need to copy over the whole values.yaml
early-lamp-41924
11/08/2021, 9:10 PMyou just need values.yaml with
early-lamp-41924
11/08/2021, 9:10 PM Copy code
datahub-frontend:
extraEnvs:
- ...early-lamp-41924
11/08/2021, 9:11 PMsince it will overlay it against the values.yaml in the chart
f
fancy-fireman-15263
11/08/2021, 9:30 PMHaha dw found other issues now ๐
b
big-carpet-38439
11/08/2021, 11:43 PM@fancy-fireman-15263 What are you seeing?
f
fancy-fireman-15263
11/09/2021, 8:32 AMI couldn't test OIDC with localhost for some reason so I'm going to sort the subdomain first (datahub.curve.com) from AWS route 53 to GKE in GCP where I've spun datahub up
b
big-carpet-38439
11/09/2021, 3:16 PMGot it