Merge pull request #270 from levoai/CU-86b2c28gf_Enforce-org-id-based…

…-auth-in-all-endpoints-in-Collector-and-Satellite_Raviteja-Gannarapu Updating k8s satellite installation for authn
levoai · Oct 11, 2024 · d0a6012 · d0a6012
2 parents 341a0c1 + f434bd9
commit d0a6012
Showing 1 changed file with 17 additions and 17 deletions.
diff --git a/docs/install-satellite/satellite-kubernetes.mdx b/docs/install-satellite/satellite-kubernetes.mdx
@@ -182,23 +182,12 @@ Add below config to `values.yml` file to enable authentication for satellite API
 Refer to [Accessing Organization IDs](/integrations/common-tasks.md#accessing-organization-ids) for fetching the Organization ID.
 
 ```yaml
-levoai-collector:
-  config:
-    data:
-      extensions:
-        levoauth:
-          org_id: <your-org-id>
-      receivers:
-        otlp:
-          protocols:
-            grpc:
-              auth:
-                authenticator: levoauth
-            http:
-              auth:
-                authenticator: levoauth
-      service:
-        extensions: [health_check, memory_ballast, levoauth]
+global:
+  levoai_config_override:
+    onprem-api:
+      org-id: <your-org-id>
+haproxy:
+  satelliteAuthnEnabled: false
 ```
 
 Install satellite using this `values.yml`.
@@ -210,6 +199,16 @@ helm upgrade --install -n levoai --create-namespace \
   levoai-satellite levoai/levoai-satellite
 ```
 
+Otherwise, you can pass the `org-id` and `authnEnabled` as arguments to the helm command.
+
+```bash
+helm upgrade --install -n levoai --create-namespace \
+  --set global.levoai_config_override.onprem-api.refresh-token=$LEVOAI_AUTH_KEY \
+  --set global.levoai_config_override.onprem-api.org-id=<your-org-id> \
+  --set haproxy.authnEnabled=true \
+  levoai-satellite levoai/levoai-satellite
+```
+
 ### 7. Optionally, access Satellite through a CNAME and HTTPS
 Add below config to `values.yml` file to add an ingress route for Satellite APIs so that it can be accessed through a CNAME and HTTPS.
 
@@ -232,6 +231,7 @@ haproxy:
 
 Please reach out to [email protected] if you're using a custom ingress controller.
 
+
 Please proceed to [install Traffic Capture Sensors](/install-traffic-capture-sensors).
 
 ---------------------------------------------------------