You can use Kloudfuse UI through your google account authentication. To enable Google OAuth2, you need to register a new application with Google.
Create Google OAuth2 Keys
Go to the Credentials page.
Click Create credentials > OAuth client ID.
Select the Web application application type.
Enter Name (e.g. Kloudfuse)
Enter URL of the kloudfuse installation in the Authorized JavaScript Origins. Example: kloudfuse.yourcompany.com
Click Create
Copy the Client ID and Client Secret from the ‘OAuth Client’ modal
Enable Google Auth in Kloudfuse
Create a new secret (say, kfuse-credentials) secret in kfuse namespace of your kloudfuse installation in the following format:
apiVersion: v1 data: GoogleApiKey: <API KEY> GoogleClientId: <Client ID> GoogleDomain: <Google Domain> JwtSigningKey: "and0c2lnbmluZ2tleQ==" admin-user: <admin user> admin-password: <admin password> kind: Secret metadata: name: kfuse-credentials type: Opaque
Replace/add Client ID, Client Secret and google domain - you will need to do base64 encode the Client ID, Client Secret and the google domain. You can also use the admin-user and admin-password fields in the kfuse-credentials secret to change the admin user and password from their default values. These values need to be base64 encoded.
kubectl apply -f kfuse-credentials.yaml -n kfuse
In the
custom_values.yamlfile that you used for kfuse helm chart installation, add the following lines:auth: config: AUTH_TYPE: "google" AUTH_COOKIE_MAX_AGE_IN_SECONDS: 259200 auth: existingAdminSecret: "kfuse-credentials" existingSecret: "kfuse-credentials"Install using the helm command with the
custom_values.yaml.For the config to take effect, Restart the auth service using:
kubectl rollout restart deployment auth
You should now see a Google login button (if AUTH_TYPE is set to “google”) on the login page.