Secret References

AppCat creates secrets containing passwords, URLs, hostnames, and everything you need to connect to your services from application code.

To ensure maximum compatibility between the various service providers, we ensure that the secrets are as consistent as possible within a given service type. Due to differences between service providers it might be possible that the access secrets aren’t 100% interchangeable.

PostgreSQL

The example secrets on this page contains the plaintext values for the given keys.

apiVersion: v1
kind: Secret
metadata:
  name: postgres-creds
stringData:
  POSTGRESQL_DB: postgres (1)
  POSTGRESQL_HOST: my-postgres-example.my-cloud.com (2)
  POSTGRESQL_PASSWORD: my-secret (3)
  POSTGRESQL_PORT: 21699 (4)
  POSTGRESQL_URL: postgres://postgres:my-secret@my-postgres-example.my-cloud.com:21699/postgresql?sslmode=require (5)
  POSTGRESQL_USER: postgres (6)
  ca.crt: base64encoded(data) (7)
  tls.crt: base64encoded(data) (8)
  tls.key: base64encoded(data) (9)
1 Database name
2 Host to connect to
3 Password
4 Port
5 URL containing all necessary information to connect to the instance
6 Username
7 ca.crt to use when using sslmode=verify-full
8 tls.crt to use when connecting to instance
9 tls.key to use when connecting to instance
Not all fields apply to all providers

MySQL

The example secrets on this page contains the plaintext values for the given keys.

apiVersion: v1
kind: Secret
metadata:
  name: mysql-creds
stringData:
  MYSQL_DB: defaultdb (1)
  MYSQL_HOST: my-mysql.my-cloud.com (2)
  MYSQL_PASSWORD: my-secret (3)
  MYSQL_PORT: 21699 (4)
  MYSQL_URL: mysql://superuser:my-secret@my-mysql.my-cloud.com:21699/defaultdb?ssl-mode=REQUIRED (5)
  MYSQL_USER: superuser (6)
  ca.crt: | (7)
    -----BEGIN CERTIFICATE-----
    HexValues
    -----END CERTIFICATE-----
1 Database name
2 Host to connect to
3 Password
4 Port
5 URL containing all necessary information to connect to the instance
6 Username
7 ca.crt to use when using ssl-mode=VERIFY-CA
Not all fields apply to all providers

MariaDB

The example secrets on this page contains the plaintext values for the given keys.

apiVersion: v1
kind: Secret
metadata:
  name: mariadb-creds
stringData:
  MARIADB_HOST: my-mariadb.my-cloud.com (1)
  MARIADB_PASSWORD: my-secret (2)
  MARIADB_PORT: 3306 (3)
  MARIADB_URL: mysql://superuser:my-secret@my-mariadb.my-cloud.com:3306?ssl-mode=VERIFY-CA (4)
  MARIADB_USERNAME: superuser (5)
  ca.crt: | (6)
    -----BEGIN CERTIFICATE-----
    HexValues
    -----END CERTIFICATE-----
1 Host to connect to
2 Password
3 Port
4 URL containing all necessary information to connect to the instance
5 Username
6 ca.crt to use when using ssl-mode=VERIFY-CA
Not all fields apply to all providers

Redis

The example secrets on this page contains the plaintext values for the given keys.

apiVersion: v1
kind: Secret
metadata:
  name: redis-creds
stringData:
  REDIS_HOST: my-redis-example.my-cloud.com (1)
  REDIS_PASSWORD: my-secret (2)
  REDIS_PORT: 21700 (3)
  REDIS_URL: rediss://default:my-secret@my-redis-example.my-cloud.com:21700 (4)
  REDIS_USERNAME: default (5)
  ca.crt: base64encoded(data) (6)
  tls.crt: base64encoded(data) (7)
  tls.key: base64encoded(data) (8)
1 Host to connect to
2 Password
3 Port to use
4 URL containing all necessary information to connect to the instance
5 Username
6 CA certificate to use when TLS is enabled
7 Certificate to use when TLS is enabled
8 Key to use when TLS is enabled
Not all fields apply to all providers

OpenSearch

The example secrets on this page contains the plaintext values for the given keys.

apiVersion: v1
kind: Secret
metadata:
  name: opensearch-creds
stringData:
  OPENSEARCH_DASHBOARD_URI: https://my-example-opensearch.my-cloud.com:443 (1)
  OPENSEARCH_HOST: my-example-opensearch.my-cloud.com (2)
  OPENSEARCH_PORT: 21699 (3)
  OPENSEARCH_PASSWORD: my-secret (4)
  OPENSEARCH_URI: https://superuser:my-secret@my-example-opensearch.my-cloud.com:21699 (5)
  OPENSEARCH_USER: superuser (6)
1 Dashboard URL
2 Hostname
3 Port
4 Password
5 API URL
6 User
Not all fields apply to all providers

Kafka

The example secrets on this page contains the plaintext values for the given keys.

apiVersion: v1
kind: Secret
metadata:
  name: kafka-creds
stringData:
  KAFKA_HOST: my-kafka.my-cloud.com (1)
  KAFKA_NODES: 127.0.0.1:21701 127.0.0.2:21701 127.0.0.3:21701 (2)
  KAFKA_PORT: 21701 (3)
  KAFKA_URI: my-kafka.my-cloud.com:21701 (4)
  ca.crt: | (5)
    -----BEGIN CERTIFICATE-----
    HexValues
    -----END CERTIFICATE-----
  service.cert: | (6)
    -----BEGIN CERTIFICATE-----
    HexValues
    -----END CERTIFICATE-----
  service.key: | (7)
    -----BEGIN CERTIFICATE-----
    HexValues
    -----END CERTIFICATE-----
1 Hostname for the Kafka instance
2 List of Kafka Node IPs
3 Port the Kafka instance listens on
4 Full URI including port number
5 Certificate Authority to verify the Kafka instance certificate
6 Client certificate to authenticate to the instance
7 Client key to authenticate to the instance
Not all fields apply to all providers

Keycloak

The example secrets on this page contains the plaintext values for the given keys.

apiVersion: v1
kind: Secret
metadata:
  name: keycloak-creds
stringData:
  KEYCLOAK_HOST: "example.keycloak.com" (1)
  KEYCLOAK_PASSWORD: "my-password" (2)
  KEYCLOAK_USERNAME: "admin" (3)
1 Kubernetes internal hostname
2 Password of admin user
3 Username
Not all fields apply to all providers

Nextcloud

The example secrets on this page contains the plaintext values for the given keys.

apiVersion: v1
kind: Secret
metadata:
  name: nextcloud-creds
stringData:
  NEXTCLOUD_HOST: "example.nextcloud.com" (1)
  NEXTCLOUD_PASSWORD: "my-password" (2)
  NEXTCLOUD_USERNAME: "admin" (3)
1 Kubernetes internal hostname
2 Password of admin user
3 Username
Not all fields apply to all providers