Authenticating to GCP when using chunks storage (BigTable and GCS) #3306
Description
Hello everyone.
I am testing various ways of storing Cortex data on GCP. Managed to get it working with blocks storage and GCS. Now trying to move to chunks storage with BigTable and GCS, but it seems either the authentication parameters are not documented or maybe they are missing? The only parameter that seems to be related to GCP credentials / authentication is service_account in blocks_storage_config, but that's irrelevant when using chunks storage, am I thinking right?
Anyway tried blindly putting it in storage.gcs block, but that - as expected - returned a parsing error.
The config that works fine with blocks storage and GCS:
auth_enabled: false
server:
http_listen_port: 9009
grpc_server_max_recv_msg_size: 104857600
grpc_server_max_send_msg_size: 104857600
grpc_server_max_concurrent_streams: 1000
distributor:
shard_by_all_labels: true
pool:
health_check_ingesters: true
ingester_client:
grpc_client_config:
max_recv_msg_size: 104857600
max_send_msg_size: 104857600
grpc_compression: gzip
ingester:
spread_flushes: true
chunk_age_jitter: 0
walconfig:
wal_enabled: true
recover_from_wal: true
wal_dir: /tmp/cortex/wal
lifecycler:
interface_names: [ens192]
join_after: 0
min_ready_duration: 0s
final_sleep: 0s
num_tokens: 512
tokens_file_path: /tmp/cortex/wal/tokens
ring:
kvstore:
store: inmemory
replication_factor: 1
storage:
engine: blocks
frontend_worker:
match_max_concurrent: true
blocks_storage:
backend: gcs
gcs:
bucket_name: "redacted"
service_account: |-
{
redacted
}
compactor:
data_dir: /tmp/cortex/compactor
sharding_ring:
kvstore:
store: inmemory
ruler:
enable_api: true
enable_sharding: false
storage:
type: local
local:
directory: /tmp/cortex/rules
The config I believe should work fine with chunks storage (GCS and BigTable) only if there were some credentials provided. With the current state it falls back to default credentials and fails to connect.
auth_enabled: false
server:
http_listen_port: 9009
grpc_server_max_recv_msg_size: 104857600
grpc_server_max_send_msg_size: 104857600
grpc_server_max_concurrent_streams: 1000
log_level: debug
distributor:
shard_by_all_labels: true
pool:
health_check_ingesters: true
ingester_client:
grpc_client_config:
max_recv_msg_size: 104857600
max_send_msg_size: 104857600
grpc_compression: gzip
ingester:
spread_flushes: true
chunk_age_jitter: 0
walconfig:
wal_enabled: true
recover_from_wal: true
wal_dir: /tmp/cortex/wal
lifecycler:
interface_names: [ens192]
join_after: 0
min_ready_duration: 0s
final_sleep: 0s
num_tokens: 512
tokens_file_path: /tmp/cortex/wal/tokens
ring:
kvstore:
store: inmemory
replication_factor: 1
storage:
engine: chunks
bigtable:
project: "redacted"
instance: "redacted"
gcs:
bucket_name: "redacted"
frontend_worker:
match_max_concurrent: true
compactor:
data_dir: /tmp/cortex/compactor
sharding_ring:
kvstore:
store: inmemory
ruler:
enable_api: true
enable_sharding: false
storage:
type: local
local:
directory: /tmp/cortex/rules
schema:
configs:
- from: "2019-02-13"
schema: v9
chunks:
period: 1w
prefix: dev_chunks_
index:
period: 1w
prefix: dev_index_
object_store: gcs
store: gcp-columnkey
Any hints? Thanks!