OpenMetadata Configuration
What is OpenMetadata?
OpenMetadata is a data catalog and governance platform.
In practical terms, it is where you register all of your organization's data assets — ClickHouse tables, Kafka topics, Superset dashboards, Airflow pipelines — and get a unified view of who created them, what they mean, who uses them, and how they relate to each other.
In TDP Kubernetes, OpenMetadata addresses the following need: with so many components (Trino, ClickHouse, Kafka, Airflow, Superset), it becomes difficult to know where a specific piece of data lives, what it means, and whether it is still trustworthy.
OpenMetadata is the central point for discovery and documentation.
See OpenMetadata — Concepts for a complete overview of the tool, its architecture and how it works.
Deployed components
| Component | Description |
|---|---|
| OpenMetadata Server | Catalog API and web interface |
| MySQL (internal default) | OpenMetadata metadata database |
| OpenSearch/Elasticsearch | Search backend for finding data assets |
| Datasources job (optional) | Automatically registers TDP services after installation |
The datasource registration job
A specific feature of the tdp-openmetadata chart is the datasources integration job (datasourcesIntegration.enabled=true).
It runs automatically after installation and registers the TDP services you enabled (ClickHouse, Trino, Superset, Airflow, Kafka) in OpenMetadata.
This way, you do not need to register each service manually through the UI.
Details at Integrations — OpenMetadata.
This page summarizes the configuration of the tdp-openmetadata chart: installation via OCI registry, main parameters, and the optional datasource registration job that runs after installation or upgrade. LDAP authentication and pipeline execution mode are detailed in the security and integration pages.
Overview
| Property | Value |
|---|---|
| Chart | tdp-openmetadata |
| OpenMetadata Version | 1.12.4 |
| Chart Version | 3.0.0 |
| Registry (OCI) | oci://registry.tecnisys.com.br/tdp/charts/tdp-openmetadata |
Installation (OCI)
helm install <release> oci://registry.tecnisys.com.br/tdp/charts/tdp-openmetadata -n <namespace> --create-namespace
Main parameters
| Parameter | Description | Default value |
|---|---|---|
openmetadata.enabled | Enable the deploy | true |
openmetadata.image.tag | Server image tag | 1.9.11 |
openmetadata.ingress.enabled | Enable Ingress | false |
openmetadata.config.database.dbScheme | Metadata database scheme | mysql |
openmetadata.config.database.host | Metadata database host | mysql |
openmetadata.config.elasticsearch.searchType | Search backend | opensearch |
openmetadata.config.elasticsearch.host | Search backend host | opensearch |
externalServices.postgresql.* | Reference to external PostgreSQL (hooks / admin password) | "" |
datasourcesIntegration.enabled | Post-install/upgrade job that registers external services | false |
Other keys: see the output of helm show values for the package version you are using.
Datasource integration
After install or upgrade, a Job can register services in OpenMetadata when datasourcesIntegration.enabled=true:
- ClickHouse (Database Service)
- Trino (Database Service)
- Superset (Dashboard Service)
- Airflow (Pipeline Service)
- Kafka (Messaging Service)
Prerequisites: OpenMetadata and the target services deployed and reachable; credentials in the values file and/or in Kubernetes Secrets.
YAML details and examples are available at Integrations — OpenMetadata.
Access
kubectl -n <namespace> port-forward service/<release> 8585:8585
Troubleshooting
kubectl -n <namespace> get jobs
kubectl -n <namespace> logs job/<release>-register-datasources
Common failures: OpenMetadata not yet ready, authentication error, missing Secret, or unreachable target service.
Uninstallation
helm uninstall <release> -n <namespace>
LDAP authentication
The tdp-openmetadata package supports LDAP authentication, allowing corporate directories to be used for login in OpenMetadata.
To enable it, set ldap.enabled: true, include the values-tdp-ldap.yaml overlay, and create the Kubernetes Secret with the bind password.
Details for DNs, attributes, roles, truststore, and example configuration are available in Security — OpenMetadata.
Pipeline execution
OpenMetadata can execute ingestion pipelines in two modes: k8s (default), using Kubernetes Jobs, or airflow, using REST integration with the Airflow service.
The behavior is controlled by pipelineServiceClientConfig.type. Per-mode parameters and Airflow requirements are documented in Integrations — OpenMetadata.