DB container doesn't start for k8s setup - env vars are missing

[david-sykora]

Bug Description

The k8s manifest is missing important ENV variables ALLOW_NOSSL and SPILO_PROVIDER. I found them defined in the docker-compose version.

Possible solution

Add the missing environment variables to the container’s environment section in the deployment-db.yaml manifest.

[FelixMalfait]

Thanks for letting us know. K8s are maintained by the community, a PR would be welcome if you have time! Thanks a lot

[falgunmpatel]

Hey @david-sykora, Are you working on this issue? If not, I may try to address this issue. Thank You.

[falgunmpatel]

Hello @FelixMalfait and @david-sykora, I have recently learned kubernetes and therefore, would appreciate your opinion on this issue.

What should I do?

1. Create "secrets-db.yml" maifest file separately to store secrets in "base64 format" and use them in "deployment-db.yml" manifest file?
2. Just add new environment variables directly to this "deployment-db.yml" manifest file itself?

Thank You

[david-sykora]

I opened a pull request that addresses the problems in this issue #9447

@falgunmpatel Hi! For credentials to DB, I find it more preferable to use secret and reference it with env vars of the deployment manifest. There are many ways to approach the security of storing credentials in k8s, from more complex methods like encryption at rest to simple methods like restricting access to secrets to specific containers and namespaces. For the purposes of this project I would choose to take the simple route of creating a manifest for secret or adding secret directly to the deployment manifest, another option is to add instructions to create a secret using kubectl to the README.md of k8s setup.