@@ -25,15 +25,11 @@ Before you deploy your pipeline, you must set the authentication secrets for the
25
25
source and target databases. Each secret has a corresponding property name that
26
26
you can pass to the
27
27
[ ` redis-di set-secret ` ] ({{< relref "/integrate/redis-data-integration/reference/cli/redis-di-set-secret" >}})
28
- command to set the property's value. You can then refer to these properties
28
+ command (VM deployment) or
29
+ [ ` kubectl create secret generic ` ] ( https://kubernetes.io/docs/reference/kubectl/generated/kubectl_create/kubectl_create_secret_generic/ )
30
+ (K8s deployment) to set the property's value. You can then refer to these properties
29
31
in ` config.yaml ` using the syntax "` ${PROPERTY_NAME} ` "
30
32
(the sample [ config.yaml file] ( #the-configyaml-file ) shows these properties in use).
31
- For example, you would use the
32
- following command line to set the source database username to ` myUserName ` :
33
-
34
- ``` bash
35
- redis-di set-secret SOURCE_DB_USERNAME myUserName
36
- ```
37
33
38
34
The table below shows the property name for each secret. Note that the
39
35
username and password are required for the source and target, but the other
@@ -54,6 +50,88 @@ secrets are only relevant to TLS/mTLS connections.
54
50
| ` TARGET_DB_CERT ` | (For mTLS only) Target database public key |
55
51
| ` TARGET_DB_KEY_PASSWORD ` | (For mTLS only) Target database private key password |
56
52
53
+ ### Set secrets for VM deployment
54
+
55
+ Use
56
+ [ ` redis-di set-secret ` ] ({{< relref "/integrate/redis-data-integration/reference/cli/redis-di-set-secret" >}})
57
+ to set secrets for a VM deployment. For example, you would use the
58
+ following command line to set the source database username to ` myUserName ` :
59
+
60
+ ``` bash
61
+ redis-di set-secret SOURCE_DB_USERNAME myUserName
62
+ ```
63
+
64
+ ### Set secrets for K8s/Helm deployment
65
+
66
+ Use
67
+ [ ` kubectl create secret generic ` ] ( https://kubernetes.io/docs/reference/kubectl/generated/kubectl_create/kubectl_create_secret_generic/ )
68
+ to set secrets for a K8s/Helm deployment. The general pattern of the commands is
69
+
70
+ ``` bash
71
+ kubectl create secret generic < DB> \
72
+ --namespace=rdi \
73
+ --from-literal=< SECRET-NAME> =< SECRET-VALUE>
74
+ ```
75
+
76
+ Where ` <DB> ` is either ` source-db ` for source secrets or ` target-db ` for target secrets.
77
+ The specific command lines for source secrets are as follows:
78
+
79
+ ``` bash
80
+ # Source username
81
+ kubectl create secret generic source-db \
82
+ --namespace=rdi \
83
+ --from-literal=SOURCE_DB_USERNAME=yourUsername
84
+
85
+ # Source password
86
+ kubectl create secret generic source-db \
87
+ --namespace=rdi \
88
+ --from-literal=SOURCE_DB_PASSWORD=yourPassword
89
+
90
+ # Source trust certificate
91
+ kubectl create secret generic source-db \
92
+ --namespace=rdi \
93
+ --from-literal=SOURCE_DB_CACERT=/etc/certificates/source_db/ca.crt
94
+
95
+ # Source public key
96
+ kubectl create secret generic source-db \
97
+ --namespace=rdi \
98
+ --from-literal=SOURCE_DB_CERT=/etc/certificates/source_db/client.crt
99
+
100
+ # Source private key
101
+ kubectl create secret generic source-db \
102
+ --namespace=rdi \
103
+ --from-literal=SOURCE_DB_KEY=/etc/certificates/source_db/client.key
104
+ ```
105
+
106
+ The corresponding command lines for target secrets are:
107
+
108
+ ``` bash
109
+ # Target username
110
+ kubectl create secret generic target-db \
111
+ --namespace=rdi \
112
+ --from-literal=TARGET_DB_USERNAME=yourUsername
113
+
114
+ # Target password
115
+ kubectl create secret generic target-db \
116
+ --namespace=rdi \
117
+ --from-literal=TARGET_DB_PASSWORD=yourPassword
118
+
119
+ # Target trust certificate
120
+ kubectl create secret generic target-db \
121
+ --namespace=rdi \
122
+ --from-literal=TARGET_DB_CACERT=/etc/certificates/target-db/ca.crt
123
+
124
+ # Target public key
125
+ kubectl create secret generic target-db \
126
+ --namespace=rdi \
127
+ --from-literal=TARGET_DB_CERT=/etc/certificates/target-db/client.crt
128
+
129
+ # Target private key
130
+ kubectl create secret generic target-db \
131
+ --namespace=rdi \
132
+ --from-literal=TARGET_DB_KEY=/etc/certificates/target-db/client.key
133
+ ```
134
+
57
135
## Deploy a pipeline
58
136
59
137
When you have created your configuration, including the [ jobs] ({{< relref "/integrate/redis-data-integration/data-pipelines/data-pipelines#job-files" >}}), use the
0 commit comments