Set global database secret

The REAADB contains the field '.spec.globalConfigurations' to set the global database secret.

Set global database secret

One of the fields available for globalConfigurations is databaseSecretName which can point to a secret containing the database password. To set the database secret name and sync the data to all participating clusters, follow the steps below.

To edit other global configruations, see global configuration

1. On an existing participating cluster, generate a YAML file containing the database secret with the database password.

This example shoes a secret named my-db-secret with the password my-password encoded in base 64.

apiVersion: v1
data:
  password: bXktcGFzcw
kind: Secret
metadata:
  name: my-db-secret
type: Opaque

1. Apply the secret file from the previous step, substituting your own value for <db-secret-file>.

   kubectl apply -f <db-secret-file>
   

2. Patch the REAADB custom resource to specify the database secret, substituting your own values for <reaadb-name> and <secret-name>.

   kubectl patch reaadb <reaadb-name> --type merge --patch \
   '{"spec": {"globalConfigurations": {"databaseSecretName": "secret-name"}}}'
   

3. Check the REAADB status for an active status and Valid spec status.

   kubectl get reaadb <reaadb-name>
   
   NAME             STATUS   SPEC STATUS   GLOBAL CONFIGURATIONS REDB   LINKED REDBS
   example-aadb-1   active   Valid
   

4. On each other participating cluster, check the secret status.

   ``sh kubectl get reaadb -o=jsonpath='{.status.secretsStatus}'

   
   The output should show the status as `Invalid`.
   
   ```sh
   [{"name":"my-db-secret","status":"Invalid"}]
   

5. Sync the secret on each participating cluster.

   kubectl apply -f <db-secret-file>
   

6. Repeat the previous two steps on every participating cluster.