Using Environment Variables

Using Environment Variables in Bindplane

Environment variables enable secure credential management in Bindplane by leveraging the OpenTelemetry Collector's environment variable substitution capabilities. This approach ensures sensitive values remain outside of the platform's storage.

Overview

Bindplane supports environment variable references in collector configurations through the standard ${ENV_VAR} syntax. During deployment, these references are automatically resolved to their corresponding values in the collector agent's runtime environment.

NOTE

Environment variable values remain exclusively within your deployment environment and are not persisted in Bindplane's database.

NOTE

Proper configuration of environment variables on agent hosts is essential. Misconfigured variable names or values may lead to deployment failures or pipeline execution errors.

Implementation Guide

Step 1: Configuration Setup

Create or modify collector configurations in the Bindplane UI by incorporating environment variable references for sensitive values.

Bindplane docs - Using Environment Variables - image 1

Step 2: Environment Configuration

Configure the required environment variables on all systems hosting OpenTelemetry collectors.

For Linux systems:

# This will set the Environment Variables for the scope of your shell session.
# To persist them, you will need to add them to your .bashrc or .zshrc files.
export DB_HOST=db.example.com
export DB_USER=collector_user
export DB_PASSWORD=your-secure-password
export DB_NAME=metrics_db

For Windows systems:

# To set scoped environment variables to the powershell session
$env:DB_HOST="db.example.com"
$env:DB_USER="collector_user"
$env:DB_PASSWORD="your-secure-password"
$env:DB_NAME="metrics_db"

# To set machine scoped environment variables permanently
[Environment]::SetEnvironmentVariable('DB_HOST', 'db.example.com', 'Machine')
[Environment]::SetEnvironmentVariable('DB_USER', 'collector_user', 'Machine')
[Environment]::SetEnvironmentVariable('DB_PASSWORD', 'your-secure-password', 'Machine')
[Environment]::SetEnvironmentVariable('DB_NAME', 'metrics_db', 'Machine')

# To set the Environment Variable via the Registry, you can use the following:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\observiq-otel-collector" /v Environment /t REG_MULTI_SZ /d "DB_HOST="db.example.com" /f

For additional information about Windows Environment Variables in PowerShell, consult the Microsoft PowerShell documentation.

Step 3: Deployment and Validation

Deploy the configuration through Bindplane and validate collector functionality with the configured environment variables.

Implementation Best Practices

Naming Conventions: Implement clear, descriptive environment variable names (e.g., DB_MYSQL_PASSWORD rather than PASSWORD)
Documentation: Maintain comprehensive documentation of required environment variables for each collector configuration
Access Control: Implement appropriate permissions to restrict environment variable access to authorized collector service accounts
Deployment Automation: Incorporate environment variable configuration into deployment automation or service definitions
Security Integration: Consider integrating with enterprise secrets management solutions for automated environment variable population

PreviousSecrets Management NextEnvelope Encryption

Last updated 10 months ago

Was this helpful?