If you want to configure your Kubernetes installation to use CA certificates, use a ConfigMap.
A ConfigMap containing the required certificates can be mounted and referenced in your crane configuration.
While BlazeMeter provides auto-generated command and configuration for easy installation of Docker and Kubernetes agents, we recommend using the manual installation approach when configurating a Kubernetes installation to use CA certificates.
Create a ConfigMap
The easiest way to create a ConfigMap for the purpose of using CA certificates in BlazeMeter is to create it from the certificate file:
$ kubectl create configmap <cm-name> --from-file=<cert-filename>
Tip: An example of creating ConfigMaps from files can be seen in this Kubernetes documentation.
In addition to the usual environment variables REQUEST_CA_BUNDLE and AWS_CA_BUNDLE, this approach requires another environment variable called KUBERNETES_CA_BUNDLE_MOUNT. The value of this environment variable takes the form of
<env var>=<cm-name>[=<subpath>]:<env var>=<cm-name>[=<subpath>]
where:
<env var>
is the name of the environment variable you want to pass from crane to other components (REQUEST_CA_BUNDLE or AWS_CA_BUNDLE)<cm-name>
is the name of the ConfigMap mounted as volume in crane deployment[=<subpath>]
is the optional subpath of the certificate file.
Your environment variable configuration might look like this:
REQUESTS_CA_BUNDLE=/some/where.crt
AWS_CA_BUNDLE=/some/where-else.crt
KUBERNETES_CA_BUNDLE_MOUNT=REQUESTS_CA_BUNDLE=ConfigMapName=where.crt:AWS_CA_BUNDLE=ConfigMapName=where-else.crt
Note that REQUEST_CA_BUNDLE and AWS_CA_BUNDLE reference the file in the pod where the ConfigMap is mounted, and KUBERNETES_CA_BUNDLE_MOUNT may need to reference both the ConfigMap name and the subpath for both _CA_BUNDLE environment variables. If the subpath is missing, it will mount the whole ConfigMap as directory at the path in the value of respective env variable.
Use ConfigMap in Your Deployment
To use a ConfigMap in your deployment, it should be referenced as a volume and then that volume is mounted.
Follow these steps:
- Follow the same process for manually installing a Kubernetes agent.
-
Add your ConfigMap name under the
volumes
section of the Pod specification. See an example in this Kubernetes Documentation. - Add your ConfigMap data to a specific path in the volume. See an example in this Kubernetes Documentation.
- Once you have made the edits above, you can return to the Kubernetes installation steps to finish your installation.
0 Comments