如何在Grafana掌舵图中配置自定义LDAP? [英] How to configure custom LDAP in Grafana helm chart?

问题描述

我是Kubernetes和Helm的新手，试图自定义稳定的/grafana Helm图表(

I'm a newbie at Kubernetes and Helm, trying to customise stable/grafana Helm chart (https://github.com/helm/charts/tree/master/stable/grafana) with my own LDAP. What's the difference between auth.ldap part of grafana.ini and ldap section of chart's values.yaml file? How can I configure LDAP host address and credentials?

推荐答案

在Grafana上启用LDAP配置.您需要更新两个部分.

To enable LDAP configuration on Grafana. You need to update both parts.

在values.yaml中， grafana.ini 和 ldap 有两个部分.要启用LDAP，您需要更新两个部分.检查以下内容:

In values.yaml, there are two sections of grafana.ini and ldap. To enable LDAP you need to update both sections. Check below:

第一个 grafana.ini

grafana.ini:
  paths:
    data: /var/lib/grafana/data
    logs: /var/log/grafana
    plugins: /var/lib/grafana/plugins
    provisioning: /etc/grafana/provisioning
  analytics:
    check_for_updates: true
  log:
    mode: console
  grafana_net:
    url: https://grafana.net
## LDAP Authentication can be enabled with the following values on grafana.ini
## NOTE: Grafana will fail to start if the value for ldap.toml is invalid
   auth.ldap:
     enabled: true
     allow_sign_up: true
     config_file: /etc/grafana/ldap.toml

在grafana.ini部分中，首先将auth.ldap设置为true，然后将配置文件指定为ldap.toml

Here in grafana.ini part, first enable the auth.ldap to true and specify the configuration file as ldap.toml

第二， ldap

## Grafana's LDAP configuration
## Templated by the template in _helpers.tpl
## NOTE: To enable the grafana.ini must be configured with auth.ldap.enabled
ldap:
  enabled: true
  # `existingSecret` is a reference to an existing secret containing the ldap configuration
  # for Grafana in a key `ldap-toml`.
  existingSecret: ""
  # `config` is the content of `ldap.toml` that will be stored in the created secret
   config: |-
     verbose_logging = true

     [[servers]]
     host = "my-ldap-server"
     port = 636
     use_ssl = true
     start_tls = false
     ssl_skip_verify = false
     bind_dn = "uid=%s,ou=users,dc=myorg,dc=com"

在这一部分中，舵使用第一步中指定的LDAP配置准备ldap.toml文件.

In this part, the helm prepares the ldap.toml file using the LDAP configuration, that is specified in the first step.

从而根据配置更新LDAP主机，端口，bind_dn.

Thus update the LDAP host, port, bind_dn as per configurations.

这篇关于如何在Grafana掌舵图中配置自定义LDAP?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！