...
Rename the obtained metadata (XML) file from the customer to “kfuse.xml” exactly.
OR
If the customer provided you with a url to the metadata file, then do a curl on the url and save its output to the “kfuse.xml” file name exactly. Save this directly in the customer’s terminal.
Code Block curl {metadata xml file url} > kfuse.xmlIn the customer’s cluster and appropriate namespace, run this command
Code Block kubectl create secret generic kfuse-xml --from-file=kfuse.xml
...
B. In the environment values.yaml file -
Enable the
kfuse-samlflag to true in the “global“ section of the environment file.Set the
dnsNametag to the customer’s kloudfuse domain name.
| Code Block |
|---|
global:
dnsName: <your kloudfuse domain name>
kfuse-saml:
enabled: true |
Set the flag
saml-provider-nameto the customer’s SAML provider name in kfuse-auth config.Set the flag
existingSecret: "kfuse-auth-saml"in the config section of oauth2-proxy inkfuse-authsection.For example, for Okta as the SAML provider -
| Code Block |
|---|
kfuse-auth:
oauth2-proxy:
config:
saml-provider-name: "Okta" |
Ensure that flag “existingSecret” exists and is non-empty.
...
|
...
|
...
existingSecret: "kfuse-auth-saml" |
Now, do the general upgrade using the environment’s file.
...
Exec into kfuse-configdb shell . using command -
Code Block k exec -it kfuse-configdb-0 -- bash
psql into the postgres using command -
Code Block psql -U postgresIt will ask for password for postgres. Provide that.
Check all tables and if
samldbexist database exists using the command-Code Block \l
Delete and create the table
samldbCode Block dropDROP databaseDATABASE samldb; CREATE createdbDATABASE samldb;