Versions Compared

Old Version 4

changes.mady.by.user Abhishek Chaturvedi (Unlicensed)

Saved on

compared with

New Version 5

changes.mady.by.user Harold Lim

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

You can use Kloudfuse UI through your google account authentication. To enable Google OAuth2, you need to register a new application with Google.

Create Google OAuth2 Keys

  1. Go to the Credentials page.

  2. Click Create credentials > OAuth client ID.

  3. Select the Web application application type.

  4. Enter Name (e.g. Kloudfuse)

  5. Enter URL of the kloudfuse installation in the Authorized JavaScript Origins. Example: kloudfuse.yourcompany.com

  6. Click Create

  7. Copy the Client ID and Client Secret from the ‘OAuth Client’ modal

Enable Google Auth in Kloudfuse

...

  1. Create a new secret (say, kfuse-credentials) secret in kfuse namespace of your kloudfuse installation in the following format:

    Code Block
    apiVersion: v1
data:
  GoogleApiKey: <API KEY>
  GoogleClientId: <Client ID>
  GoogleDomain: <Google Domain>
  JwtSigningKey: "and0c2lnbmluZ2tleQ=="
  admin-user: <admin user>
  admin-password: <admin password>
kind: Secret
metadata:
  name: kfuse-credentials
type: Opaque

    1. Replace/add Client ID, Client Secret and google domain - you will need to do base64 encode the Client ID, Client Secret and the google domain. You can also use the admin-user and admin-password fields in the kfuse-credentials secret to change the admin user and password from their default values. These values need to be base64 encoded.

    2. Code Block
      kubectl apply -f kfuse-credentials.yaml -n kfuse

  2. In the custom_values.yaml file that you used for kfuse helm chart installation, add the following lines:

    Code Block
      auth:
    config:
      AUTH_TYPE: "google"
      AUTH_COOKIE_MAX_AGE_IN_SECONDS: 259200
    auth:
      existingAdminSecret: "kfuse-credentials"
      existingSecret: "kfuse-credentials"

...

If you only want to change the default admin password and not configure the google auth, set the

Code Block
AUTH_TYPE: "password"

You will need to do

...

  1. Install using the helm command with the custom_values.yaml .

  2. For the config to take effect

...

  1. , Restart the auth service using:

    Code Block
    kubectl rollout restart deployment auth

  2. You should now see a Google login button (if AUTH_TYPE is set to “google”) on the login page.