Skip to main content

DataOps Kubernetes Runner Additional Configuration

Populating the DataOps vault

By default, the chart will generate a secret with an empty {} vault.yml and a random salt when this secret is not specified. Learn more about the DataOps vault in our concepts section.

Optionally you can create a secret that holds the vault.yml and vault.salt files and specify the secret name in your dataops-values.yml file.

Create your vault files:

echo {} | sudo tee vault.yml > /dev/null
echo $RANDOM | md5sum | head -c 20 | sudo tee vault.salt > /dev/null

Create the secret in your cluster:

kubectl create secret generic dataops-vault --from-file=./vault.yml --from-file=./vault.salt

Then specify the secret in your dataops-values.yml under the key vaultSecret

vaultSecret: "dataops-vault"

You can also pass vault content directly through your dataops-values.yml file by specifying the vault key as shown below.

# Customize vault.yml content
CLIENT_SECRET: "ExampleSecret"
ACCESS_KEY: "ExampleKey"
SECRET_ACCESS_KEY: "ExampleSecretKey"

Using a custom service account

If you would like to use your own Kubernetes service account instead of letting the chart creates one, alter your dataops-values.yml file with the following:

create: false
serviceAccountName: <service_account> # Replace with the name of the service account you have created

Customizing the container registry

You can customize the DataOps Runner image through the image key in your values file. At the same time, you need to change the source of the runner helper image:

image: "dataops-runner"
tag: "5-stable"
config: |
helper_image = ""

Kubernetes PriorityClass

You can set a Kubernetes PriorityClass on pipeline jobs running in your cluster.

priorityClassName: "runner-priority-class"

config: |
priority_class_name = "job-priority-class"