I'm running a Java application and in order to start the application it needs some Java environment variables. Below is the way how the variables are passed to the pod.
I created the value (Password) for -Dzookeeper.ssl.keyStore.password as a Kubernetes Secret and then passed as "valueFrom: secretKeyRef:" (As below) But when I exec into the pod and execute 'env' command, I cannot see -Dzookeeper.ssl.keyStore.password environment variable.
containers:
- name: java_app
image: some_image_here
env:
- name: JAVA_TOOL_OPTIONS
value: >-
-Dspring.profiles.active=some_profile_here
-Dlogging.config=some_stuff_here
.....
.....
- name: -Dzookeeper.ssl.keyStore.password
valueFrom:
secretKeyRef:
name: password
key: PASSWORD
But when I describe the Pod, it shows as below
-Dzookeeper.ssl.keyStore.password: <set to the key 'PASSWORD' in secret 'password'> Optional: false
And eventually Pod crashes since -Dzookeeper.ssl.keyStore.password is missing
You need to create an env variable for the Secret itself which can then be referenced in the subsequent env variable JAVA_TOOL_OPTIONS
containers:
- name: java_app
image: some_image_here
env:
- name: ZOOKEEPER_KEYSTORE_PASS
valueFrom:
secretKeyRef:
name: password
key: PASSWORD
- name: JAVA_TOOL_OPTIONS
value: >-
-Dspring.profiles.active=some_profile_here
-Dlogging.config=some_stuff_here
-Dzookeeper.ssl.keyStore.password=$(ZOOKEEPER_KEYSTORE_PASS)
.....
.....
Note that order matters in the env list. An environment variable is not considered "defined" if it is specified further down the list.
See the docs for more details