Contents x
    Operator Bootstrap
    • 15 Mar 2024
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    • PDF
    Contents

    Operator Bootstrap

    • Updated on 15 Mar 2024
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Greymatter comes packaged with four distinct operator manifests to help you get things started quickly. These can be found in greymatter-core/generated-manifests. The Operator segments options between runtime and bootstrap. Bootstrap options are those required at install time. They are set using a ConfigMap named bootstrap found within the Operator installation bundle.

    Open the manifest relevant to your environment. Locate the ConfigMap named bootstrap. This is a listing of environment variables the operator uses to start up and fetch the Greymatter core configuration.

    Remember to use the SSH path for SSH key authentication and the HTTP path for HTTP authentication.

    Here is the list of all available options configurable through the bootstrap configuration.

    Key

    Default

    Description

    CORE_SUBDIR

    /

    The path to a folder in the greymatter core repository where the core CUE configurations are stored.

    GREYMATTER_OPERATOR_NAMESPACE

    gm-operator

    The namespace that the operator runs in.

    We recommend that you do not change this.

    GREYMATTER_GITOPS_REPO

    Required. URL for the greymatter core repository.

    GREYMATTER_GITOPS_TAG

    Requried. The tag to use for the core repository. Mutually exclusive with GREYMATTER_GITOPS_BRANCH.

    GREYMATTER_GITOPS_BRANCH

    Required. The branch to use for the core repository. Mutually exclusive with GREYMATTER_GITOPS_TAG.

    GREYMATTER_GITOPS_SYNC_INTERVAL

    3

    The time in seconds between every Git poll.

    GREYMATTER_GITOPS_AUTH_VAULT_PATH

    The Vault secret path for the greymatter-core-repo secret.

    GREYMATTER_VAULT_ADDRESS

    The address of the remote Vault secret engine. Must include the URL protocol.

    GREYMATTER_VAULT_KV_VERSION

    v2

    The Vault secret engine version. Value must be one of: “v1” or v2”.

    GREYMATTER_VAULT_ENABLE

    false

    Toggle Vault integration for infrastructure secrets.

    GREYMATTER_VAULT_MOUNT_PATH

    /secret

    The Vault secret engine mount path.

    GREYMATTER_VAULT_TLS_INSECURE

    false

    Toggle for controlling whether the operator validates the Vault server’s certificate.

    GREYMATTER_VAULT_TLS_SERVER

    The hostname used for SNI.

    GREYMATTER_VAULT_TLS_CA_PATH

    /etc/greymatter-operator/vault/certs/ca.crt

    Path to a PEM-encoded CA certificate bundle to use when verifying the Vault server’s TLS certificate.

    GREYMATTER_VAULT_TLS_CLIENT_CERT_PATH

    /etc/greymatter-operator/vault/certs/server.crt

    Path to the client certificate used for mTLS with the Vault server.

    GREYMATTER_VAULT_TLS_CLIENT_KEY_PATH

    /etc/greymatter-operator/vault/certs/server.key

    Path to the client certificate’s private key used for mTLS with the Vault server.

    GREYMATTER_VAULT_TLS_ENABLE

    false

    If set to true, the operator will connect to the Vault server using TLS.

    GREYMATTER_VAULT_MTLS_ENABLE

    false

    If set to true, the operator will connect to the Vault server using mTLS.

    The operator must be restarted after changing its bootstrap configuration.

    Was this article helpful?
    What's Next
    Greymatter is a Service Connectivity Platform for Connected, Secure & Scalable Multicloud and Mobile Private Network Solutions.
    Products
    Greymatter.io
    Connect With Us
    Copyright © Greymatter.io Inc. All Rights Reserved