Hi all! Looking for some clarification with respec...
# deployment-kubernetes
Hi all! Looking for some clarification with respect to using the Helm chart, an external Postgres instance, and Kubernetes secrets. I have read through this, and understand that there needs to be (either generated by the Helm chart or not) a secret for the Postgres password. I have been generating the secret using the Helm chart, but now I don't want to do that. I believe that means I set:
Copy code
generatePostgresqlPasswordSecret: false
So, do I still need to set these? Because the secret only stores the password. I don't want to set these here, I want all of this to be pulled from Kubernetes secrets.
Copy code
  enabled: false
  postgresqlHost: "postgresqlHost"
  postgresqlUsername: "postgresqlUsername"
  postgresqlPassword: "postgresqlPassword"
  postgresqlDatabase: "postgresqlDatabase"
    port: 5432
If I don't set these, I don't see how the pieces that need to talk to Postgres would be able to. Is there any way to point to postgres without writing this all in the Helm chart?
So it looks like the
configmap uses the
values here
Would defining my own dagster.yaml help? Where I can name expected env vars for the postgres creds, like so: https://docs.dagster.io/deployment/dagster-instance#postgresrunstorage
Hmm I'm guessing that won't help since the Helm chart simply passes along the values in the postgres section to the various storage controllers
@max I hope it is okay to at-mention you here since I see you replying in the support channel (if that isn't okay, please lmk and I'll refrain from doing so in the future): any chance my question makes sense and y'all have run into this before? If not, that's okay, I'm near a workaround anyway 🙂
i'm not expert in the helm chart but @rex @johann will probably know the right answer here
Hey @raaid, unfortunately we don’t provide support for this out of the box. As you’ve seen, we only provide configuration to optionally source the postgresql password from a Kubernetes secret, but the other configuration (host, username, database, service) has to be specified in the values.yaml.
you can use env variables though right?
In the Helm chart’s
, only the postgres password is sourced from env variable (which is in turn sourced by the kubernetes secret). The other configuration is directly templated from the
Dang okay that's what I was circling, thank you for the confirmation. That's all good, I've got a workaround one level up using Pulumi and Helm haha. Thanks for the responses, love using this tool and appreciate this Slack space a whole lot 🙂
🎉 1