...
| Section | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
|
Core
Configuration Changes for the AUTHENTICATION Service
| Anchor | ||||
|---|---|---|---|---|
|
Configuration Changes for the AUTHENTICATION Service
Access to '/manage/**' Endpoints
The /manage/** endpoints provided by the AUTHENTICATION Service are now available via a separate port that is protected from external access. Especially for customers using the Tenant Management services, the configuration of the AUTHENTICATION Service has to be adjusted and an ancillary Kubernetes Service has to be adjusted created as follows in order to request the /manage endpoints as usual:.
Adjust the 'authentication-prod.yml' file:
...
Run the command:
Code Block language powershell kubectl -n yuuvis edit deploy authentication
Adjust the configuration:
Deprecated Configuration New Configuration Code Block language yml livenessProbe: failureThreshold: 3 httpGet: path: /manage/info port: 8080 scheme: HTTP ... readinessProbe: failureThreshold: 3 httpGet: path: /manage/info port: 8080 scheme: HTTPCode Block language yml livenessProbe: failureThreshold: 3 httpGet: path: /manage/info port: 9091 scheme: HTTP ... readinessProbe: failureThreshold: 3 httpGet: path: /manage/info port: 9091 scheme: HTTP
Restart the AUTHENTICATION service.
| Anchor | ||||
|---|---|---|---|---|
|
Cross-Tenant Service Accounts
In order to allow for the configuration and usage of Cross-Tenant Service Accounts, an ancillary Kubernetes Service has to be created as follows.
Create a file
authentication-internal.ymlwith the following content:Code Block language yml kind: Service apiVersion: v1 metadata: name: authentication-internal spec: selector: app: authentication type: ClusterIP ports: - protocol: TCP port: 80 targetPort: 8081Run the command:
Code Block language powershell kubectl -n yuuvis apply -f authentication-internal.yml
| Note | ||
|---|---|---|
| ||
The AUTHENTICATION service manages the cross-tenant requests of service accounts via the separate port |