Curls, clouds and code

A blog by Corstian BoermanCorstian Boerman (self portrait)

Expose a secret as file in Traefik via Helm to configure ACME DNS

Corstian Boerman
Corstian Boerman
Reading time: a minute

As I have only been working with Kubernetes for a few days, most things just like Helm are pretty new to me, and as such I get lost a lot. One of the things I had to find out the hard is the way a Helm chart and it's associated configuration options are resolved.

I won't go into the details, but instead provide a link to the "Chart Template Guide" provided by Helm. Diving into this, as well as the offending template I managed to solve my problems.

The problem I was trying to solve had to do with configuring an ACME DNS resolver on TransIP. The validation process itself happens via a library called Lego, and the specific resolver for TransIP requires providing a key file.

The thing is, the Traefik Helm chart contains a "volumes" section, even though it does not exactly work like the volume configuration as known from Kubernetes itself. Instead I had to dig through the chart template to figure out how it worked. In the end it's fairly simple;

volumes:
- name: name-of-your-secret
  type: secret
  mountPath: /etc/subdir-youd-like-to-use

This way you can access the elements of your secret within the /etc/subdir-youd-like-to-use directory. I had two elements: user and key, and as such those would be the text files in that aforementioned folder.


Hey there, I hope you enjoyed this post of mine. If you did, consider sharing this with that one friend who'd also appreciate this. Comments are gone for the time being, but if you feel like discussing something more in-depth, send me a message on Twitter, or just email me.

- Corstian