Page Comparison

...

Enable Google Auth in Kloudfuse

1. Edit the authCreate a new secret (say, kfuse-credentials) secret in kfuse namespace of your kloudfuse installation .in the following format:

   Code Block
   apiVersion: v1 data: GoogleApiKey: <API KEY> GoogleClientId: <Client ID> GoogleDomain: <Google Domain> JwtSigningKey: "and0c2lnbmluZ2tleQ==" admin-user: <admin user> admin-password: <admin password> kind: Secret metadata: name: kfuse-credentials type: Opaque

   1. Replace/add Client ID, Client Secret and google domain - you will need to do base64 encode the Client ID, Client Secret and the google domain.

   2. Code Block
      kubectl edit secret auth-credentials -n kfuse

   Set the authentication type (AUTH_TYPE) in auth config map to “google”

   1. Code Block kubectl edit configmap auth

      You can also use the admin-user and admin-password fields in the kfuse-credentials secret to change the admin user and password from their default values. These values need to be base64 encoded.

   2. Code Block
      kubectl apply -f kfuse-credentials.yaml -n kfuse

      You can also edit

2. In the values.yaml

   from your original installation of kfuse to add

   file that you used for kfuse helm chart installation, add the following lines:

   1. Code Block
      auth: config: AUTH_TYPE: "google" AUTH_COOKIE_MAX_AGE_IN_SECONDS: 259200 auth: existingAdminSecret: "kfuse-credentials" existingSecret: "kfuse-credentials"

   2. If you only want to change the default admin password and not configure the google auth, set the

      Code Block
      AUTH_TYPE: "password"

   3. You will need to do

      Code Block
      helm upgrade --install kfuse -f <values.yaml> -f <gcp/aws>.yaml

3. For the config to take effect

4. Restart the auth service using:

5. Code Block
   kubectl rollout restart deployment auth

6. You should now see a Google login button (if AUTH_TYPE is set to “google”) on the login page.