DataOps Kubernetes Runner Additional Configuration
Populating the DataOps vault
By default, the chart will generate a secret with an empty {} vault.yml and a
random salt when this secret is not specified. Learn more about the
DataOps vault in our concepts section.
Optionally you can create a secret that holds the vault.yml and vault.salt
files and specify the secret name in your dataops-values.yml file.
Create your vault files:
echo {} | sudo tee vault.yml > /dev/null
echo $RANDOM | md5sum | head -c 20 | sudo tee vault.salt > /dev/null
Create the secret in your cluster:
kubectl create secret generic dataops-vault --from-file=./vault.yml --from-file=./vault.salt
Then specify the secret in your dataops-values.yml under the key vaultSecret
vaultSecret: "dataops-vault"
You can also pass vault content directly through your dataops-values.yml file
by specifying the vault key as shown below.
# Customize vault.yml content
vault:
CLIENT_SECRET: "ExampleSecret"
AWS:
ACCESS_KEY: "ExampleKey"
SECRET_ACCESS_KEY: "ExampleSecretKey"
Using a custom service account
If you would like to use your own Kubernetes service account instead of letting
the chart creates one, alter your dataops-values.yml file with the following:
rbac:
create: false
serviceAccountName: <service_account> # Replace with the name of the service account you have created
Customizing the container registry
You can customize the DataOps Runner image through the image key in your
values file. At the same time, you need to change the source of the runner
helper image:
image:
registry: registry.example.com
image: "dataops-runner"
tag: "5-stable"
runners:
config: |
[[runners]]
[runners.kubernetes]
helper_image = "registry.example.com/gitlab/gitlab-runner-helper:latest"
Kubernetes PriorityClass
You can set a Kubernetes PriorityClass on pipeline jobs running in your cluster.
priorityClassName: "runner-priority-class"
runners:
config: |
[[runners]]
[runners.kubernetes]
priority_class_name = "job-priority-class"