We are happy to announce that some of the widely used Bitnami-packaged Data Services Helm charts now support Service Binding Specification for Kubernetes. With this move, our goal is to improve the lives of platform teams and developers by removing the complexities around data services configuration and the secrets retrieval processes.
With Tanzu Application Platform 1.5 being a Service Bindings-compatible platform, users are now empowered to exploit the Service Bindings support of select Bitnami-packaged data services Helm charts.
Service Bindings for Kubernetes
The exposure of secrets while connecting Kubernetes application workloads with external services such as REST APIs, databases, event buses, etc. is typically done through a tedious manual process. Service providers often suggest their own unique ways to access their secrets, and application developers consume the secrets in a way specific to each workload. Because of this, larger development teams invariably end up losing velocity while building complex enterprise applications. In an effort to mitigate this issue, each enterprise development team typically builds and follows an internal workload-to-service linkage pattern.
Service Bindings are intended to solve this problem with a Kubernetes-wide specification for communicating service configurations and secrets to workloads in an automated and consistent way. They create a widely applicable mechanism without excluding other strategies for systems into which it does not fit easily.
A Kubernetes-wide specification can enable all key stakeholders within an application development and consumption ecosystem to work towards a clearly defined abstraction at the edge of their expertise, and reliably depend on other parties to complete the chain. In other words, with Service Bindings for Kubernetes specifications
- Application developers can present their secrets consistently and predictably within a container.
- Platforms can retrieve secrets from service providers and expose them to application developers consistently and predictably.
- Service providers can be assured that platforms collect their secrets and expose them to consumers consistently and predictably.
Automating data services configuration and secrets retrieval processes
As of today, here is the list of all Bitnami Helm charts supporting Service Bindings.
- PostgreSQL – version 12.2.0 or later
- Redis – version 17.8.0 or later
- MySQL – version 9.5.0 or later
- MongoDB – version 13.7.0 or later
- MariaDB – version 11.5.0 or later
- RabbitMQ – version 11.10.0 or later
- Apache Kafka – version 20.1.0 or later
By supporting Service Bindings with these Bitnami Helm charts, data services can now be provisioned through our Helm charts to platforms that are compatible with Service Bindings. Additionally, the associated data services configuration and secrets retrieval processes are automated; thus, easing the workload of application developers and platform engineers.
For example, the Spring project has a Spring Cloud Bindings library that allows developers to easily work with their secrets. Applications using Spring Cloud Bindings can therefore automatically discover Service Bindings-provisioned secrets and the appropriate configurations from Kubernetes workloads.
Enabling Service Bindings for Bitnami Helm charts in VMware Tanzu Application Platform
Tanzu Application Platform 1.5 being a Service Bindings-compatible platform is fully capable of exploiting the Service Bindings support of the above-mentioned Bitnami-packaged data services Helm charts.
If you are a user of Tanzu Application Platform and are looking to know how you can use Bitnami Helm charts with Tanzu Application Platform, you can find a live example in this repository.
The below example shows how you can provision a database and automatically link your application to that data source, with just three simple commands.
NAMESPACE=default $ helm install emoji bitnami/postgresql --set global.postgresql.auth.postgresPassword=password --set global.postgresql.auth.database=emoji --set serviceBindings.enabled=true -n $NAMESPACE $ tanzu service class-claim create psql-1 \ --class postgresql-unmanaged \ --parameter storageGB=2 $ tanzu apps workload create emoji -n <NAMESPACE> \ -f https://raw.githubusercontent.com/tsalm-pivotal/emoji-inclusion/main/ config/workload.yaml \ --service-ref db=services.apps.tanzu.vmware.com/v1alpha1:ClassClaim:psql-1
Given that the selected data services assets put together had an average of more than 40 million chart pulls per month, we expect the Service Bindings support to have a huge impact on the community.
Avail production-ready Bitnami images from VMware Application Catalog
The Service Bindings-supported Bitnami Helm charts along with other popular Bitnami-packaged open source images are available in VMware Application Catalog, an enterprise-grade version of Bitnami Application Catalog, which augments Bitnami capabilities and delivers them to enterprises. If you are interested in learning more about VMware Application Catalog and how it is different from Bitnami Application Catalog, sign up for our live webinar on May 2, 2023.