The steps described in this article assume familiarity with kubernetes. The required images are available in the Dockerhub registry under the organization FydeInc.
Prerequisites:
Running kubernetes cluster or local minikube installation
User Directory connector token
Directory Provider authorization token. See CloudGen Access User Directory Connector for more information.
Helm chart
The helm chart is available at Artifactory and covers the Barracuda CloudGen Access Directory Connector.
Check the Artifactory link or ‘values.yaml’ file for all the configuration parameters.
Deployment
Create a ‘custom-values.yaml’ file with the desired values. The minimum required configurations for a successful deployment are:
‘authToken.existingSecret.*’ or ‘authToken.newSecret.value’
‘authToken.type’
‘enrollmentToken.existingSecret.*’ or ‘enrollmentToken.newSecret.value’
Add the helm repo and install the chart:
helm repo add barracuda-cloudgen-access https://barracuda-cloudgen-access.github.io/helm-charts
helm install my-release barracuda-cloudgen-access/cga-directory-connector --namespace my-namespace --set-file custom-values.yaml
Optionally, instead of using “helm install”, export the yaml files and deploy using your preferred method:
helm template barracuda-cloudgen-access/cga-directory-connector --set-file custom-values.yaml
Example
Extended example for Google Workspaces directory with Prometheus service monitors:
nameOverride: cga-directory-connector-my-deploy
serviceMonitor: true
priorityClassName: high-priority
authToken:
type: google
existingSecret:
name: cga-directory-connector-secret
key: auth-token
enrollmentToken:
existingSecret:
name: cga-directory-connector-secret
key: enrollment-token
logLevel: info
customEnv:
- name: FYDE_GROUPS_INCLUDED
value: "Engineering"
- name: FYDE_ONLY_MATCHED_GROUPS
value: “true”
resources:
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 100m
memory: 128Mi