Image Pull Secret

Upon onboarding with hopr, two customer-specific items are provided. One of which is access to the hopr Container Repository

The container repository access comes in the form of a Docker configuration file, as that format is used for both direct access via Docker pull and a Kubernetes image pull secret.

The config.json format is shown below, and contains plaintext user and password information. As such, IT IS EXTREMELY IMPORTANT THAT THIS FILE BE PROTECTED!

{
  "auths": {
    "repo.hoprapi.com": {
      "username": "nick",
      "password": "hoprXTRA12345",
      "email": "dev@hopr.co",
      "auth": "bmljazpob3ByWFRSQTEyMzQ1"
    }
  }
}

‍

The auth field is a Base64 representation of basic authentication, as shown below.

echo -n "nick:hoprXTRA12345" | base64

The config.json file can be Base64 encoded and inserted into the hopr-test.yaml file in the hopr-registrycreds section.

---
apiVersion: v1
kind: Secret
metadata:
  name: hopr-registrycreds
  namespace: hopr-test
type: kubernetes.io/dockerconfigjson
data:
  .dockerconfigjson: ewogICJhdXRocyI6IHsKICAgICJjaGlwcy5ob3ByLmV4b2ZmaWMuaW8iOiB7CiAgICAgICJ1c2VybmFtZSI6ICJqb24iLAogICAgICAicGFzc3dvcmQiOiAiSGFyYm9yMTIzNDUiLAogICAgICAiZW1haWwiOiAiam9uYXRoYW4uZ29yZG9uQGVpdHIudGVjaCIsCiAgICAgICJhdXRoIjogImFtOXVPa2hoY21KdmNqRXlNelExIgogICAgfQogIH0KfQo=

Hopr License

Upon onboarding with Hopr, two customer-specific items are provided. One of these items is a license for enabled products, options, and time period.

The Hopr license is provided in both file (hopr.lic) and Base64 form. The onboarding communication should look similar to what is shown below:

Key: 46O0IJNIM9VPQk4Be7hO72S4mUCdI9B6JmjbD0m4Vv0=
License with expiry 2022-10-08T23:59:59.999999 created at: hopr.lic

WwIWOuohjcSlXFjaG+TcCOuk7AXxlM8xaM3r5eTubnnVN+bY2m2DB87CieiTEhhtZ6lKszmoP0GDiwYOVtlpsx1KiuTn1Q16ZODBgWzXFiOpQVNSgQrO938LKzORaoPxTLEk

The key and Base64 encoded file, shown as the last line above, are entered as string data into the hopr-test.yaml file in the hopr-license section.

---
apiVersion: v1
kind: Secret
metadata:
  name: hopr-license
  namespace: hopr-test
type: Opaque
stringData:
  HOPR_KEY: "46O0IJNIM9VPQk4Be7hO72S4mUCdI9B6JmjbD0m4Vv0="
  HOPR_LICENSE: "WwIWOuohjcSlXFjaG+TcCOuk7AXxlM8xaM3r5eTubnnVN+bY2m2DB87CieiTEhhtZ6lKszmoP0GDiwYOVtlpsx1KiuTn1Q16ZODBgWzXFiOpQVNSgQrO938LKzORaoPxTLEk"

‍

MAID Volume

The Machine Alias Identifier (MAID) feature of XTRA requires persistent storage in order to ensure that the workload identity follows the pod if it migrates to another node or otherwise restarts. The storage requirements are very low, so 1 Mebibit (or the minimum your storage class can provide, if larger) should be plenty.

---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: hopr-maid-storage
  namespace: hopr-p2p
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 1Mi

‍