Configure Feature Flags
Local login
After SSO is configured and validated, local login can be disabled through a feature flag. This is configured by editing the settings configmap and updating the config.json with the following entries under features section:
{
"tenants": {
"default": {}
},
"features": {
"DISABLE_LOCAL_LOGIN_IF_SSO_ENABLED": true
}
}
Alternatively, you can edit the Helm charts to enable the same feature flags by editing the values.yaml file and populate the templates/settings-config.tpl file:
values.yaml file:
features:
DISABLE_LOCAL_LOGIN_IF_SSO_ENABLED: true
templates/settings-config.tpl file:
features:
"DISABLE_LOCAL_LOGIN_IF_SSO_ENABLED": {{ .tenants.features.DISABLE_LOCAL_LOGIN_IF_SSO_ENABLED }}
Secondary ingress URL
When you set the secondary ingress URL, it opens a second ingress gateway to report status and discovery. By default, only one ingress is used. To configure a secondary ingress you must edit the values.yaml file to set the following:
global:
enable_secondary_ingress: true
tenants:
features:
SECONDARY_INGRESS_URL: < URL >
where < URL > is the secondary ingress URL.
Postgres connections limit
You can limit the connection lifetime, as well as the number of idle and open connections to the database by setting them in values.yaml:
tenants:
features:
.
.
.
# Maximum connection lifetime. Leave blank to use default
# DATABASE_CONNECTION_MAX_LIFETIME: <value>
# Maximum number of idle connections to the database. Leave blank to use default
DATABASE_MAX_IDLE_CONNECTIONS: < value >
# Maximum number of open connections to the database. Leave blank to use default
DATABASE_MAX_OPEN_CONNECTIONS: <value >
Where value is a positive integer. If not set, the default of 2 maximum idle connections and an unlimited number of open connections are used.