...
| Code Block |
|---|
remoteWrite:
- authorization:
credentials:
<AUTH_TOKEN>
key: kf-authauthToken
name: kf-authorizationauth-credentialsingest
url: https://<customer>.kloudfuse.io/ingester/write
|
...
| Code Block |
|---|
apiVersion: v1 kind: Secret metadata: name: kfuse-auth-ingest type: Opaque data: authToken: <AUTH_TOKEN_ENCODED> |
...
Multiple Authorization Keys
| Panel | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
New feature available in Release 2.7.2 |
You can configure multiple authorization tokens inside the secret. These tokens can contain any string value, and can be used as a human-readable identifier to reference the auth token.
Here, line 8 specifies the second key, authkey2.
| Code Block |
|---|
apiVersion: v1
kind: Secret
metadata:
name: kfuse-auth-ingest
type: Opaque
data:
authkey1: <AUTH_TOKEN_ENCODED>
authkey2: <AUTH_TOKEN_ENCODED2> |
Remember to update the custom-values.yaml file to include following in the ingester config section:
...
to enable ingestion authentication:
| Code Block |
|---|
global:
authConfig:
enabled: true |
Configuration of Additional Labels based on Auth Token
From Kloudfuse 2.7.2 onwards, additional labels can be configured to be attached to MELT data based on the auth token used by the incoming payload.
To configure these labels, add the following in the custom-values.yaml (replace accordingly). Take note that the same keys are used in the secret and the ingester config.
| Code Block |
|---|
ingester:
config:
authKeyAdditionalLabels:
authkey1:
- name: label1
value: val1
- name: label2
value: val2
authkey2:
- name: label1
value: val3
- name: label4
value: val4 |
Restart the ingester post the auth-token changes
| Code Block |
|---|
kubectl -n kfuse rollout restart sts ingester |