我正在尝试安装存储在tomcat context.xml中的kubernetes机密中的数据库凭据 我可以按如下所示打印值
回显“ $ {DB_USERNAME}”
XXXX
我有一个秘密的db凭据,如下所示。
apiVersion: v1
kind: Secret
metadata:
name: db-credentials
type: Opaque
data:
username: XXXX
password: XXXX
我已将秘密安装在Deployment.xml中,如下所示
containers:
- name: java
image: XXXXXXXX:v1.1
imagePullPolicy: Always
restartPolicy: OnFailure
env:
- name: DB_USERNAME
valueFrom:
secretKeyRef:
name: db-credentials
key: username
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: db-credentials
key: password
volumeMounts:
- name: shared-data
mountPath: /usr/local/tomcat/log
我的tomcat context.xml如下
<?xml version='1.0' encoding='utf-8'?>
<Context>
<WatchedResource>WEB-INF/web.xml</WatchedResource>
<WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>
<Resource name="jdbc/XXX"
auth="Container"
type="javax.sql.DataSource"
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
username="${DB_USERNAME}"
password="${DB_PASSWORD}"
driverClassName="org.postgresql.Driver"
url="jdbc:postgresql://XXXX:XXXX/XXXX"
maxActive="100"
maxIdle="50"
minIdle="10"
testWhileIdle="true"
maxWait="30000"
maxAge="60000"
removeAbandoned="true"
removeAbandonedTimeout="600" />
</Context>
我得到如下信息
javax.naming.NamingException: FATAL: password authentication failed for user "${DB_USERNAME}"
at org.apache.naming.NamingContext.lookup(NamingContext.java:858)
答案 0 :(得分:0)
在/ otp / tomcat / bin中创建文件setenv.sh
添加以下几行
export JAVA_OPTS="$JAVA_OPTS -DDB_USERNAME=${DB_USERNAME}"
export JAVA_OPTS="$JAVA_OPTS -DDB_PASSWORD=${DB_PASSWORD}"
重新启动tomcat将解决问题。