Deploy/Upgrade Memphis utilizing predefined secrets
Memphis allows users to utilize predefined Kubernetes secrets containing credentials that remain unchanged during upgrades or other operations. Several variables must be stored in the Kubernetes secret and created before the initial deployment.
Step 1: Create a new secret file for Memphis related credentials:
kubectl create secret generic external-creds -n memphis \
--from-literal=ROOT_PASSWORD=supersecret \
--from-literal=CONNECTION_TOKEN=supersecret \
--from-literal=JWT_SECRET=cHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiT \
--from-literal=REFRESH_JWT_SECRET=cHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiT \
--from-literal=ENCRYPTION_SECRET_KEY=cHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiT \
--from-literal=REFRESH_JWT_SECRET_REST_GW=cHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiT \
--from-literal=JWT_SECRET_REST_GW=cHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiT
Step 2: Create an additional secret file for Memphis-metadata:
kubectl create secret generic memphis-metadata -n memphis \
--from-literal=password=cHaNgEiT \
--from-literal=repmgr-password=cHaNgEiT \
--from-literal=admin-password=cHaNgEiT
Step 3: Deploy Memphis using previously created secrets
helm install memphis memphis/memphis \
--set memphis.creds.secretConfig.name="external-creds",\
memphis.creds.secretConfig.existingSecret="true",\
metadata.postgresql.existingSecret="memphis-metadata",\
metadata.pgpool.existingSecret="memphis-metadata" \
--create-namespace --namespace memphis --wait
Upgrade with pre-defined secret files
Step 0: Obtain user-supplied values.
helm get values memphis --namespace memphis
Step 1: Delete the statefulset with cascade=orphan option
kubectl delete statefulset memphis --cascade=orphan -n memphis
Step 2: Run helm upgrade with all the values you need + updateStrategy=OnDelete
helm repo add memphis https://k8s.memphis.dev/charts/ --force-update &&\
helm upgrade --install memphis \
--set memphis.creds.secretConfig.name="external-creds",\
memphis.creds.secretConfig.existingSecret="true",\
metadata.postgresql.existingSecret="memphis-metadata",\
metadata.pgpool.existingSecret="memphis-metadata" \
memphis/memphis --create-namespace --namespace memphis --wait
Step 4: Upgrade brokers. Delete one by one and validate each to return to the online state.
Last updated
Was this helpful?