What's on this page

Configuring a license secret with BEL's lifecycle automation

BEL’s lifecycle automation for Linkerd requires a license, and by default, a buoyant-license secret will be created during installation. However, you may choose to create a Kubernetes secret yourself. This guide demonstrates how to provide a license using your own Kubernetes secret.

Prerequisites

The BUOYANT_LICENSE environment variable set

Step 1: Install the BEL lifecycle automation operator

Create a license secret in the linkerd-buoyant namespace:

kubectl create namespace linkerd-buoyant
kubectl create secret generic --namespace linkerd-buoyant buoyant-license \
  --from-literal=license=$BUOYANT_LICENSE

Next, we can install the BEL lifecycle automation operator itself:

helm install linkerd-buoyant \
  --create-namespace \
  --namespace linkerd-buoyant \
  --set buoyantCloudEnabled=false \
  --set licenseSecret=buoyant-license \
  linkerd-buoyant/linkerd-buoyant

Step 2: Configure the lifecycle operator with a license secret

Create a license secret in the linkerd namespace:

kubectl create secret generic --namespace linkerd buoyant-license \
  --from-literal=license=$BUOYANT_LICENSE

Configure a ControlPlane resource with the licenseSecret value. Note that the example below is an abberviated configuration, see the installation docs for a complete ControlPlane resource.

apiVersion: linkerd.buoyant.io/v1alpha1
kind: ControlPlane
metadata:
  name: linkerd-control-plane
spec:
  components:
    linkerd:
      controlPlaneConfig:
        licenseSecret: buoyant-license

Learning more

For more information about using BEL’s lifecycle automation, see the Lifecycle automation reference page.