DataOps Kubernetes Runner Additional Configuration
Populating the DataOps vault
By default, the chart will generate a secret with an empty {} vault.yml and a
random salt when this secret is not specified. Learn more about the
DataOps vault in our concepts section.
Optionally you can create a secret that holds the vault.yml and vault.salt
files and specify the secret name in your dataops-values.yml file.
Create your vault files:
echo {} | sudo tee vault.yml > /dev/null
echo $RANDOM | md5sum | head -c 20 | sudo tee vault.salt > /dev/null
Create the secret in your cluster:
kubectl create secret generic dataops-vault --from-file=./vault.yml --from-file=./vault.salt
Then specify the secret in your dataops-values.yml under the key vaultSecret
vaultSecret: "dataops-vault"
You can also pass vault content directly through your dataops-values.yml file
by specifying the vault key as shown below.
# Customize vault.yml content
vault:
CLIENT_SECRET: "ExampleSecret"
AWS:
ACCESS_KEY: "ExampleKey"
SECRET_ACCESS_KEY: "ExampleSecretKey"
Using a custom service account
If you would like to use your own Kubernetes service account instead of letting
the chart create one, alter your dataops-values.yml file with the following:
rbac:
create: false
serviceAccountName: <service_account> # Replace with the name of the service account you have created
Customizing the container registry
You can customize the DataOps Runner image through the image key in your
values file. A the same time we need to change the source of the runner
helper image:
image:
registry: registry.example.com
image: "dataops-runner"
tag: "5-stable"
runners:
config: |
[[runners]]
[runners.kubernetes]
helper_image = "registry.example.com/gitlab/gitlab-runner-helper:latest"
Kubernetes PriorityClass
You can set a Kubernetes PriorityClass on pipeline jobs running in your cluster.
priorityClassName: "runner-priority-class"
runners:
config: |
[[runners]]
[runners.kubernetes]
priority_class_name = "job-priority-class"