Hello everyone, We have deployed Datahub v0.8.41 using Kubernetes and we would like to customize the default datahub user login credentials. We found the information related linked here. However, we were wondering if there is any documentation about how to proceed with it in Kubernetes. Thank you in advance!

I have the same question too.

you can follow steps mention here https://datahubproject.io/docs/authentication/guides/add-users/#changing-the-default-datahub-user:~:text=You%27ll%20need%20to%20create,run%20something%20like%20this.

Thanks for the answer @bumpy-needle-3184. Do I need to update the

extraVolumeMounts

section in

chart/datahub-frontend/values.yaml

and then deploy again? I tried before to update

user.props

using

kubectl cp

but it didn't work

yes

Hi again Navin, thanks for your time. However, I'm facing some difficulties with your suggestion. I encountered the following error while updating the

values.yaml

cannot patch "datahub-datahub-frontend" with kind Deployment: Deployment.apps "datahub-datahub-frontend" is invalid: spec.template.spec.containers[0].volumeMounts[0].name: Not found: "pass"

And here is the edition I made in the file:

extraVolumes: []
  # - name: extras
  #   emptyDir: {}

extraVolumeMounts:
   - name: pass
     mountPath: /datahub-frontend/conf/user.props
     readOnly: true

Thank you in advance!

the error says you need to define volume with name "paas" first which you can then mount in mountPath. i see there is no volume defined under "extraVolumes"

Thanks for the tip, Navin. Now, I'm a bit lost about the secret, do you mean to create a kubectl secret? I tried to replace the

user.props

manually by the command

kubectl cp

but it didn't works. I'm sorry for all the questions but this is kinda new for me 😅

@bumpy-needle-3184 I tried the steps here. Now my new password worked, but the old datahub/datahub also still worked. How can we get rid of the old username/password combo? Below is what I have done. 1. Create a yaml values file with below content

datahub-frontend:
  extraVolumes:
    - name: datahub-users
      secret:
        defaultMode: 0444
        secretName: datahub-users-secret
  extraVolumeMounts:
    - name: datahub-users
      mountPath: /etc/datahub/plugins/frontend/auth/user.props
      subPath: user.props

2. Run helm upgrade on an existing release.

helm upgrade datahub datahub/datahub --values <path to the values.yaml file above>

3. Confirmed that the secret is stored correctly. Redacted the actual password and its hash.

$ kubectl get secret datahub-users-secret -o jsonpath='{.data}'
{"user.props":"XXXXX"}

$ echo 'XXXXX' | base64 --decode
datahub:XXXXX

Thanks @able-evening-90828 for sharing detailed steps

Thank you @bumpy-needle-3184! I can confirm that it worked well. I was also able to change the default username to something else other than

datahub

. Afterwards, only my new username/password combo worked. However, when I logged in using the new username, the settings page still shows the username for the DataHub user to be

datahub

, which is confusing. I expected to see the username I chose.

Thank you both @bumpy-needle-3184 and @able-evening-90828, I tested on my side too and it worked.

i think default username is hard-coded to be 'datahub'. @square-activity-64562 could you confirm on this ?

The user list has nothing to do with the login user name for JaaS based authentication (user.props). The user list shows metadata for users who are ingested. In case you ingested sample data that must have added the datahub user. You can delete it by urn

Thank you @square-activity-64562, I didn't ingest any users. So it must be bootstrapped automatically somewhere. Any pointers for where this bootstrapping takes place?