Configuration properties can be passed to the Data Flow Server using Kubernetes ConfigMap and Secrets.

An example configuration could look like the following where we configure Rabbit MQ, MySQL and Redis as well as basic security settings for the server:

apiVersion: v1
kind: ConfigMap
metadata:
  name: scdf-server
  labels:
    app: scdf-server
data:
  application.yaml: |-
    security:
      basic:
        enabled: true
        realm: Spring Cloud Data Flow
    spring:
      cloud:
        dataflow:
          security:
            authentication:
              file:
                enabled: true
                users:
                  admin: admin, ROLE_MANAGE, ROLE_VIEW
                  user: password, ROLE_VIEW, ROLE_CREATE
        deployer:
          kubernetes:
            environmentVariables: 'SPRING_RABBITMQ_HOST=${RABBITMQ_SERVICE_HOST},SPRING_RABBITMQ_PORT=${RABBITMQ_SERVICE_PORT},SPRING_REDIS_HOST=${REDIS_SERVICE_HOST},SPRING_REDIS_PORT=${REDIS_SERVICE_PORT}'
      datasource:
        url: jdbc:mysql://${MYSQL_SERVICE_HOST}:${MYSQL_SERVICE_PORT}/mysql
        username: root
        password: ${mysql-root-password}
        driverClassName: org.mariadb.jdbc.Driver
        testOnBorrow: true
        validationQuery: "SELECT 1"
      redis:
        host: ${REDIS_SERVICE_HOST}
        port: ${REDIS_SERVICE_PORT}

We assume here that Rabbit MQ is deployed using rabbitmq as the service name. For MySQL we assume the service name is mysql and for Redis we assume it is redis. Kubernetes will publish these services' host and port values as environment variables that we can use when configuring the apps we deploy.

We prefer to provide the MySQL connection password in a Secrets file:

apiVersion: v1
kind: Secret
metadata:
  name: mysql
  labels:
    app: mysql
data:
  mysql-root-password: eW91cnBhc3N3b3Jk

The password is provided as a base64 encoded value.