How to add authorization to the ClusterLogDestination resource?
To add authorization parameters to the ClusterLogDestination resource, you need to:
- change the connection protocol to Loki to HTTPS
- add the auth section, in which:
For example:
-
ClusterLogDestination resource without authorization:
apiVersion: deckhouse.io/v1alpha1 kind: ClusterLogDestination metadata: name: loki spec: type: Loki loki: endpoint: "http://loki.d8-monitoring:3100"
-
Get the
log-shipper-token
token from thed8-log-shipper
namespace:kubectl -n d8-log-shipper get secret log-shipper-token -o jsonpath='{.data.token}' | base64 -d
-
ClusterLogDestination resource with authorization:
apiVersion: deckhouse.io/v1alpha1 kind: ClusterLogDestination metadata: name: loki spec: type: Loki loki: endpoint: "https://loki.d8-monitoring:3100" auth: strategy: "Bearer" token: <log-shipper-token> tls: verifyHostname: false verifyCertificate: false