Curls, clouds and code

Hi, my name is Corstian, and this is my blog where I get to publish my writings on topics such as psychology, philosophy, software development and any other thing I deem worthy to write about.

Expose a secret as file in Traefik via Helm to configure ACME DNS

Published on the
software development

As I have only been working with Kubernetes for a few days, most things just like Helm are pretty new to me, and as such I get lost a lot. One of the things I had to find out the hard is the way a Helm chart and it’s associated configuration options are resolved.

I won’t go into the details, but instead provide a link to the “Chart Template Guide” provided by Helm. Diving into this, as well as the offending template I managed to solve my problems.

The problem I was trying to solve had to do with configuring an ACME DNS resolver on TransIP. The validation process itself happens via a library called Lego, and the specific resolver for TransIP requires providing a key file.

The thing is, the Traefik Helm chart contains a “volumes” section, even though it does not exactly work like the volume configuration as known from Kubernetes itself. Instead I had to dig through the chart template to figure out how it worked. In the end it’s fairly simple;

volumes:
- name: name-of-your-secret
  type: secret
  mountPath: /etc/subdir-youd-like-to-use

This way you can access the elements of your secret within the /etc/subdir-youd-like-to-use directory. I had two elements: user and key, and as such those would be the text files in that aforementioned folder.


Share this post:


Subscribe for more goodness!

👉 Do you like what I'm writing? Sign up to receive new content straight into your mailbox!