Tenant configuration
Chef 360 Platform uses a multi-tenant software architecture. A tenant is a group of users that share common access to a software application’s instance. In Chef 360 Platform, a tenant is represented by a unique domain name and unique identity store.
This configuration section describes how to set the default tenant for your installation.
Tenant configuration
In the Tenant Configuration section, configure Chef 360 Platform with the name of the tenant and the unique domain name attached to the tenant.
Warning
Field | Description |
---|---|
Name | This is a friendly name for the primary tenant. The tenant name must be unique and is typically the name of the company/organization. |
Top Level Domain (TLD) | This sets the top-level domain (TLD) name the tenant will use, for example chef.io . |
Subdomain | This is the subdomain unique to this tenant. This is the subdomain users/nodes use to access chef-360. |
Fully Qualified Domain Name | (readonly) subdomain + TLD This will be Chef 360 Platform is deployed from. |
Note
Enable tenant APIs
A token is required to create or manage tenant APIs through the internal and public gateways.
Warning
To enable the tenant APIs, add a token to the API/UI settings.
To add the token, follow these steps:
In the Replicated UI configuration screen during the Chef 360 Platform installation, enable Advanced Configuration.
In the API/UI Settings, enter the token in the Install Admin Token field.
- The token must be at least 16 characters long.
- It can include alphanumeric characters, underscores
_
, and hyphens-
.
To enable the token for the public gateway, select the Enable Install Admin Token for Public Gateway checkbox. Without this, you won’t be able to access tenant APIs through the public gateway.
API headers
Use the following headers when calling the tenant APIs:
API-Key
: Set this toINSTALL-ADMIN-TOKEN
.API-Secret
: Use the token value configured in the Replicated UI.
Example
This example uses curl to call the tenant APIs with an API token.
curl --location 'http://<HOST>:<PORT>/platform/system/v1/internal/tenants' \
--header 'API-Key: INSTALL-ADMIN-TOKEN' \
--header 'API-Secret: <INSTALL_ADMIN_TOKEN>'
Replace <INSTALL_ADMIN_TOKEN>
with the API token entered in the Install Admin Token field.
Note
Service-Id
, Service-Role-Id
, Service-Role-Name
and Service-Role-Level
.Organizational unit
This is the default organization unit.
Field | Description |
---|---|
Name | This is a friendly name for the primary organizational unit. The name must be unique. |
Description | (optional) A description of the organizational unit. Typically this describes the internal users or scope/intent of the organizational unit. |
Warning
SMTP configuration
An active SMTP server is required to use Chef 360 Platform. It’s used during the installation process to send the administrative account a one-time password that’s used to set the password.
SMTP Server Type add-on
If add-ons are enabled you are presented with the option to use Mailpit instead of an external mail server. Mailpit isn’t intended for use outside of evaluation or testing purposes. For additional information on Mailpit, refer to the following page: Mailpit.
Mailpit NodePort add-on
advanced
The Kubernetes NodePort that the Mailpit web UI will use. For additional information on Kubernetes NodePorts, refer to the Kubernetes networking guide.
SMTP Server Name
This is the name of the SMTP integration registered to the tenant.
SMTP Host
This is the hostname, DNS entry, or IP Address of the SMTP server.
SMTP Port
The port number the SMTP server is listening on.
SMTP Retries Enabled
If enabled, Chef 360 Platform attempts to deliver email multiple times (upon a failure).
Number of Retries
The number of retries Chef 360 Platform should attempt.
Note
SMTP Check TLS
Enable if Chef 360 Platform requires a valid TLS certificate.
Note
Administrator
The Tenant Administrator is the user who is provisioned during installation. Upon creation, a One-Time Password (OTP) is emailed to this user for activation.
First Name
The first name of the tenant administrator.
Last Name
The last name of the tenant administrator.
Email Address
The email address of the tenant administrator. Upon creation, a One-Time Password (OTP) is emailed to this user for activation.