MockIDP is used for testing and development so that you can run Pachyderm and experiment with permissions locally without having to set up an external identity provider.
Do not use mockIDP for clusters that will be deployed into production. If you do upgrade a cluster with mockIDP enabled, you must revoke the default mockIDP admin user by running the following command:
pachctl auth revoke --user kilgore@kilgore.trout
Before You Start #
- You must have Enterprise enabled on your cluster
How to Install Pachyderm with MockIDP Activated #
Run the following command with your Enterprise License Key provided to enable MockIDP:
helm install pach pachyderm/pachyderm \ --set deployTarget=LOCAL \ --set proxy.enabled=true \ --set proxy.service.type=LoadBalancer \ --set pachd.enterpriseLicenseKey=<yourkey> \ --set proxy.host=localhost \ --set oidc.issuerURI=http://pachd:30658/dex \ --set oidc.userAccessibleOauthIssuerHost=http://localhost/dex
Connect:
pachctl connect grpc://localhost:80
Log in via the browser at
localhost
or via the CLI:pachctl auth login
- user:
admin
- password:
password
- user:
Verify that you are logged in:
pachctl auth whoami
You are "user:kilgore@kilgore.trout" session expires: 21 Sep 23 18:07 UTC
List your projects to view your permissions/access level:
pachctl list projects
ACTIVE PROJECT ACCESS_LEVEL CREATED DESCRIPTION default [clusterAdmin projectWriter] 3 days ago - * batch-inference-1 [clusterAdmin projectOwner] About an hour ago -
You can now test and develop locally with MockIDP and Console enabled.
Troubleshooting #
Error: No Authentication Providers are Configured #
If you are seeing the error no authentication providers are configured
, it’s likely that you activated enterprise via pachCTL instead of having your license details in your values.yaml
file.