Navigation

Create Credentials for the Kubernetes Operator¶

For the Kubernetes Operator to create or update objects in your Cloud Manager or Ops Manager Project, you need to store your username and Public API Key as a Kubernetes secret. Creating a secret stores authentication credentials so only Kubernetes can access them.

Multiple secrets can exist in the same namespace. Each user should have their own secret.

To create your Kubernetes secret:

  1. Make sure you have your Ops Manager username and Public API Key.

    If you do not have your Public API Key, you need to generate a new Public API Key.

  2. Invoke the following Kubernetes command to create your secret:

    kubectl -n <metadata.namespace> \
      create secret generic <myCredentials> \
      --from-literal="user=<first.last@example.com>" \
      --from-literal="publicApiKey=<my-public-api-key>"
    

    Note

    The -n flag limits the namespace to which this secret applies. All MongoDB Kubernetes resources must be in the same namespace with the secrets and ConfigMaps. The Kubernetes Operator does not use either the secrets or ConfigMaps.

  3. Invoke the following Kubernetes command to verify your secret:

    kubectl describe secrets/<myCredentials> -n <metadata.namespace>
    

    This command returns a secret description in the shell:

    Name:         <myCredentials>
    Namespace:    <metadata.namespace>
    Labels:       <none>
    Annotations:  <none>
    
    Type:  Opaque
    
    Data
    ====
    publicApiKey:  31 bytes
    user:          22 bytes