Secret References
AppCat creates secrets containing passwords, URLs, hostnames, and everything you need to connect to your services from application code.
To ensure maximum compatibility between the various service providers, we ensure that the secrets are as consistent as possible within a given service type. Due to differences between service providers it might be possible that the access secrets aren’t 100% interchangeable.
PostgreSQL
The example secrets on this page contains the plaintext values for the given keys.
apiVersion: v1
kind: Secret
metadata:
name: postgres-creds
stringData:
POSTGRESQL_DB: postgres (1)
POSTGRESQL_HOST: my-postgres-example.my-cloud.com (2)
POSTGRESQL_PASSWORD: my-secret (3)
POSTGRESQL_PORT: 21699 (4)
POSTGRESQL_URL: postgres://postgres:my-secret@my-postgres-example.my-cloud.com:21699/postgresql?sslmode=require (5)
POSTGRESQL_USER: postgres (6)
ca.crt: base64encoded(data) (7)
tls.crt: base64encoded(data) (8)
tls.key: base64encoded(data) (9)| 1 | Database name |
| 2 | Host to connect to |
| 3 | Password |
| 4 | Port |
| 5 | URL containing all necessary information to connect to the instance |
| 6 | Username |
| 7 | ca.crt to use when using sslmode=verify-full |
| 8 | tls.crt to use when connecting to instance |
| 9 | tls.key to use when connecting to instance |
| Not all fields apply to all providers |
MySQL
The example secrets on this page contains the plaintext values for the given keys.
apiVersion: v1
kind: Secret
metadata:
name: mysql-creds
stringData:
MYSQL_DB: defaultdb (1)
MYSQL_HOST: my-mysql.my-cloud.com (2)
MYSQL_PASSWORD: my-secret (3)
MYSQL_PORT: 21699 (4)
MYSQL_URL: mysql://superuser:my-secret@my-mysql.my-cloud.com:21699/defaultdb?ssl-mode=REQUIRED (5)
MYSQL_USER: superuser (6)
ca.crt: | (7)
-----BEGIN CERTIFICATE-----
HexValues
-----END CERTIFICATE-----| 1 | Database name |
| 2 | Host to connect to |
| 3 | Password |
| 4 | Port |
| 5 | URL containing all necessary information to connect to the instance |
| 6 | Username |
| 7 | ca.crt to use when using ssl-mode=VERIFY-CA |
| Not all fields apply to all providers |
MariaDB
The example secrets on this page contains the plaintext values for the given keys.
apiVersion: v1
kind: Secret
metadata:
name: mariadb-creds
stringData:
MARIADB_HOST: my-mariadb.my-cloud.com (1)
MARIADB_PASSWORD: my-secret (2)
MARIADB_PORT: 3306 (3)
MARIADB_URL: mysql://superuser:my-secret@my-mariadb.my-cloud.com:3306?ssl-mode=VERIFY-CA (4)
MARIADB_USERNAME: superuser (5)
ca.crt: | (6)
-----BEGIN CERTIFICATE-----
HexValues
-----END CERTIFICATE-----| 1 | Host to connect to |
| 2 | Password |
| 3 | Port |
| 4 | URL containing all necessary information to connect to the instance |
| 5 | Username |
| 6 | ca.crt to use when using ssl-mode=VERIFY-CA |
| Not all fields apply to all providers |
Redis
The example secrets on this page contains the plaintext values for the given keys.
apiVersion: v1
kind: Secret
metadata:
name: redis-creds
stringData:
REDIS_HOST: my-redis-example.my-cloud.com (1)
REDIS_PASSWORD: my-secret (2)
REDIS_PORT: 21700 (3)
REDIS_URL: rediss://default:my-secret@my-redis-example.my-cloud.com:21700 (4)
REDIS_USERNAME: default (5)
ca.crt: base64encoded(data) (6)
tls.crt: base64encoded(data) (7)
tls.key: base64encoded(data) (8)| 1 | Host to connect to |
| 2 | Password |
| 3 | Port to use |
| 4 | URL containing all necessary information to connect to the instance |
| 5 | Username |
| 6 | CA certificate to use when TLS is enabled |
| 7 | Certificate to use when TLS is enabled |
| 8 | Key to use when TLS is enabled |
| Not all fields apply to all providers |
OpenSearch
The example secrets on this page contains the plaintext values for the given keys.
apiVersion: v1
kind: Secret
metadata:
name: opensearch-creds
stringData:
OPENSEARCH_DASHBOARD_URI: https://my-example-opensearch.my-cloud.com:443 (1)
OPENSEARCH_HOST: my-example-opensearch.my-cloud.com (2)
OPENSEARCH_PORT: 21699 (3)
OPENSEARCH_PASSWORD: my-secret (4)
OPENSEARCH_URI: https://superuser:my-secret@my-example-opensearch.my-cloud.com:21699 (5)
OPENSEARCH_USER: superuser (6)| 1 | Dashboard URL |
| 2 | Hostname |
| 3 | Port |
| 4 | Password |
| 5 | API URL |
| 6 | User |
| Not all fields apply to all providers |
Kafka
The example secrets on this page contains the plaintext values for the given keys.
apiVersion: v1
kind: Secret
metadata:
name: kafka-creds
stringData:
KAFKA_HOST: my-kafka.my-cloud.com (1)
KAFKA_NODES: 127.0.0.1:21701 127.0.0.2:21701 127.0.0.3:21701 (2)
KAFKA_PORT: 21701 (3)
KAFKA_URI: my-kafka.my-cloud.com:21701 (4)
ca.crt: | (5)
-----BEGIN CERTIFICATE-----
HexValues
-----END CERTIFICATE-----
service.cert: | (6)
-----BEGIN CERTIFICATE-----
HexValues
-----END CERTIFICATE-----
service.key: | (7)
-----BEGIN CERTIFICATE-----
HexValues
-----END CERTIFICATE-----| 1 | Hostname for the Kafka instance |
| 2 | List of Kafka Node IPs |
| 3 | Port the Kafka instance listens on |
| 4 | Full URI including port number |
| 5 | Certificate Authority to verify the Kafka instance certificate |
| 6 | Client certificate to authenticate to the instance |
| 7 | Client key to authenticate to the instance |
| Not all fields apply to all providers |
Keycloak
The example secrets on this page contains the plaintext values for the given keys.
apiVersion: v1
kind: Secret
metadata:
name: keycloak-creds
stringData:
KEYCLOAK_HOST: "example.keycloak.com" (1)
KEYCLOAK_PASSWORD: "my-password" (2)
KEYCLOAK_USERNAME: "admin" (3)| 1 | Kubernetes internal hostname |
| 2 | Password of admin user |
| 3 | Username |
| Not all fields apply to all providers |
Nextcloud
The example secrets on this page contains the plaintext values for the given keys.
apiVersion: v1
kind: Secret
metadata:
name: nextcloud-creds
stringData:
NEXTCLOUD_HOST: "example.nextcloud.com" (1)
NEXTCLOUD_PASSWORD: "my-password" (2)
NEXTCLOUD_USERNAME: "admin" (3)| 1 | Kubernetes internal hostname |
| 2 | Password of admin user |
| 3 | Username |
| Not all fields apply to all providers |