User: Jose.druker@genesys.com/ArbitraryUIDs GAuth

From Genesys Documentation
Jump to: navigation, search

Content of Configure Genesys Authentication in the Auth PE Guide

Add Java KeyStore support (optional)[ | edit source]

Complete the steps in this section to set up a Java KeyStore (JKS) if you need to configure Genesys Authentication to use JSON Web Token authentication....

Configure a secret to access JFrog[ | edit source]

If you haven't done so already, create a secret for accessing the JFrog registry: 

oc create secret docker-registry <credential-name> --docker-server=<docker repo> --docker-username=<username> --docker-password=<password> --docker-email=<emailid>

Now map the secret to the default service account: 

oc secrets link default <credential-name> --for=pull

Override Helm chart values[ | edit source]

You can specify parameters for the deployment by overriding Helm chart values in the values_gauth.yaml file. See the Parameters table for a full list of overridable values.

For more information about how to override Helm chart values, see Overriding Helm chart values.

Parameters
Parameter Description Required Default
image.registry Docker image registry name.
postgres.deploy false
postgres.secret.name_override
postgres.secret.create false
...

Configure Kubernetes[ | edit source]

The sections below provide more information about configuring Kubernetes.

ConfigMaps[ | edit source]

Genesys Authentication includes separate ConfigMaps for PostgreSQL and Redis configuration.

PostgreSQL - configmap-pg.yaml 

{{- if or .Values.postgres.configmap.create .Values.postgres.deploy }}
apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ include "configmap.postgres" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels:
    {{- include "gauth.labels" . | nindent 4 }}
    gauth: postgres
data:
  db: {{ required "Missing required parameter 'postgres.password'" .Values.postgres.db |quote}}
  host: {{ default ( include "name.postgres" . ) .Values.postgres.host |quote}}
  port: {{ default ( include "port.postgres.service" . ) .Values.postgres.port |quote }}
  {{- end }}

Redis - configmap-redis.yaml 

{{ if or .Values.redis.configmap.create .Values.redis.deploy }}
apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ include "configmap.redis" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels:
    {{- include "gauth.labels" . | nindent 4 }}
    gauth: redis
data:
  cluster_nodes: {{ default ( include "service.redis" . ) .Values.redis.cluster_nodes | quote}}
  {{end}}

Secrets[ | edit source]

The following Genesys Authentication services artifacts are stored as Kubernetes secrets:

  • Administrator user credentials for the Authentication API and Environment API services.
  • OAuth 20 client IDs and client secrets for the Authentication API and Environment API services.
  • PostgreSQL database credentials for the Environment API service.
  • PostgreSQL database credentials for the Authentication API service.
  • Java keystore password for Authentication API service.
  • Credentials for access to a password-protected Redis (Access Key) for the Authentication API service.

Configure security[ | edit source]

Content coming soon
Retrieved from "https://all.docs.genesys.com/User:Jose.druker@genesys.com/ArbitraryUIDs_GAuth (2024-07-27 16:43:49)"