Deploy/Upgrade Memphis utilizing predefined secrets

Memphis allows users to utilize predefined Kubernetes secrets containing credentials that remain unchanged during upgrades or other operations. Several variables must be stored in the Kubernetes secret and created before the initial deployment.

Step 1: Create a new secret file for Memphis related credentials:

kubectl create secret generic external-creds -n memphis \
--from-literal=ROOT_PASSWORD=supersecret \
--from-literal=CONNECTION_TOKEN=supersecret \
--from-literal=JWT_SECRET=cHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiT \
--from-literal=REFRESH_JWT_SECRET=cHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiT \
--from-literal=ENCRYPTION_SECRET_KEY=cHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiT \
--from-literal=REFRESH_JWT_SECRET_REST_GW=cHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiT \
--from-literal=JWT_SECRET_REST_GW=cHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiTcHaNgEiT

{% hint style="info" %} Memphis advises creating randomly generated credentials with the following restrictions:

JWT_SECRET - comprising a minimum of 128 characters.
ENCRYPTION_SECRET_KEY - comprising of exactly 32 characters.
ROOT_PASSWORD - comprising a maximum of 72 characters. {% endhint %}

Step 2: Create an additional secret file for Memphis-metadata:

kubectl create secret generic memphis-metadata -n memphis \
--from-literal=password=cHaNgEiT \
--from-literal=repmgr-password=cHaNgEiT \
--from-literal=admin-password=cHaNgEiT

Step 3: Deploy Memphis using previously created secrets

helm install memphis memphis/memphis \
--set memphis.creds.secretConfig.name="external-creds",\
memphis.creds.secretConfig.existingSecret="true",\
metadata.postgresql.existingSecret="memphis-metadata",\
metadata.pgpool.existingSecret="memphis-metadata" \
--create-namespace --namespace memphis --wait

Upgrade with pre-defined secret files

Step 0: Obtain user-supplied values.

helm get values memphis --namespace memphis

Step 1: Delete the statefulset with cascade=orphan option

kubectl delete statefulset memphis --cascade=orphan -n memphis

Step 2: Run helm upgrade with all the values you need + updateStrategy=OnDelete

helm repo add memphis https://k8s.memphis.dev/charts/ --force-update &&\
helm upgrade --install memphis \
--set memphis.creds.secretConfig.name="external-creds",\
memphis.creds.secretConfig.existingSecret="true",\
metadata.postgresql.existingSecret="memphis-metadata",\
metadata.pgpool.existingSecret="memphis-metadata" \
memphis/memphis --create-namespace --namespace memphis --wait

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

deploy-upgrade-memphis-utilizing-predefined-secrets.md

deploy-upgrade-memphis-utilizing-predefined-secrets.md

Deploy/Upgrade Memphis utilizing predefined secrets

Step 1: Create a new secret file for Memphis related credentials:

Step 2: Create an additional secret file for Memphis-metadata:

Step 3: Deploy Memphis using previously created secrets

Upgrade with pre-defined secret files

Step 0: Obtain user-supplied values.

Step 1: Delete the statefulset with cascade=orphan option

Step 2: Run helm upgrade with all the values you need + updateStrategy=OnDelete

Step 4: Upgrade brokers. Delete one by one and validate each to return to the online state.

Files

deploy-upgrade-memphis-utilizing-predefined-secrets.md

Latest commit

History

deploy-upgrade-memphis-utilizing-predefined-secrets.md

File metadata and controls

Deploy/Upgrade Memphis utilizing predefined secrets

Step 1: Create a new secret file for Memphis related credentials:

Step 2: Create an additional secret file for Memphis-metadata:

Step 3: Deploy Memphis using previously created secrets

Upgrade with pre-defined secret files

Step 0: Obtain user-supplied values.

Step 1: Delete the statefulset with cascade=orphan option

Step 2: Run helm upgrade with all the values you need + updateStrategy=OnDelete

Step 4: Upgrade brokers. Delete one by one and validate each to return to the online state.