Configuring sloctl
This guide will walk you through configuring sloctl, enabling seamless access to your reliability metrics and simplifying SLO management across your infrastructure.
Using sloctl for SLO management requires authentication.
Authentication prerequisites
Prepare a Client ID and Client secret pair for use in sloctl. For this:
-
In the Nobl9 Web, go to Settings > Access keys.
-
Click Create access key.
Secure your client secretThe client secret is only displayed at this step. Ensure it's available for authentication.
-
Download a generated file with credentials and save it at:
~/.config/nobl9/on Linux and macOS%UserProfile%\.config\nobl9\on Windows
The generated config.toml file contains your details necessary for sloctl authentication:
defaultContext = "default"
[Contexts]
[Contexts.default]
clientId = "YOUR_CLIENT_ID"
clientSecret = "YOUR_CLIENT_SECRET"
project = "default"
| Field | Description |
|---|---|
defaultContext | The default context to use if none is specified when running sloctl commands |
clientId | The client ID for API authorization with your sloctl access key |
clientSecret | The client secret for API authorization with your sloctl access key |
project | The default project to use if none is specified when running sloctl commands |
With your authentication prerequisites in place,
you can now authenticate sloctl either directly on your local system or using a Docker container.
Authenticating sloctl
- Run
sloctl config add-context, providing:- Context name, for example,
production,sandbox,default, or any other that fits your needs - The client ID and client secret generated for your
sloctlaccess key - Your required default project's name identifier
- Context name, for example,
- To verify successful authentication, run
sloctl get slos. You will receive one of these responses:
| Response | Reason |
|---|---|
No resources found in default project | Authentication succeeded. No SLOs exist |
| List of SLOs | Authentication succeeded. SLOs exist |
| Error 401 | Authentication failed. To troubleshoot, verify the following: config.toml is located in the configuration directory |
Customizing timeout and prompt
You can set your custom timeout and prompt threshold per context
to be applied with the sloctl apply and sloctl delete commands.
For this, specify the required values in the config.toml file for your context, as follows:
[Contexts.production]
clientId = "your-value"
clientSecret = "your-value"
project = "customer-facing-applications"
organization = "flower-market"
timeout = "1m" # Maximum value = 1 minute. If set to >1m, it defaults to 1m.
filesPromptThreshold = "30" # Custom threshold for applying multiple files.
filesPromptEnabled = "false" # Enable/disable prompt for applying multiple files.
Docker authentication for sloctl
Nobl9's sloctl image is published on Docker Hub.
You can leverage it to integrate Nobl9 in the CI/CD pipelines.
Follow these steps to use the sloctl image:
- Pull the latest
sloctldocker image. For this, run:docker pull nobl9/sloctl:latest - Test if the image is pulled successfully. Run:
docker run nobl9/sloctl:latest --help
If the command executes without errors and displays the help documentation, it confirms that the Docker image was pulled correctly and is functioning as expected.
Using the sloctl image for SLO and other Nobl9 resource management requires authentication.
You can authenticate in either of the following ways:
- Pass your
config.tomlfile - Pass your credentials with environment variables
- Pass config.toml
- Pass with environment variables
Before authenticating with config.toml, make sure you have it locally. When using Docker, you can store this file in any location on your system.
To pass your configuration to the Docker container:
- Move
config.tomlto a directory of your choice. - Set the
N9_AUTHenvironment variable to the absolute path of the directory where yourconfig.tomlis located:
export N9_AUTH='/absolute/path/to/directory'
To test your authentication configuration with Docker:
- Run the Docker container with the
-vflag. - This flag bind mounts your configuration directory into the container.
- Syntax:
docker run -v /local/config/path:/container/config/path nobl9/sloctl:latest [command].
Example:
docker run -v ~/.config/nobl9:/root/.config/nobl9 nobl9/sloctl:latest get slos
sloctl is expecting to find your config file at /home/appuser/.config/nobl9 from within the container.
You can pass your sloctl configuration with the environment variables, instead of using the config.toml file.
The following variables are available:
| Variable name | Description | Required/Optional |
|---|---|---|
SLOCTL_CLIENT_ID | Set your Nobl9 client ID | Required |
SLOCTL_CLIENT_SECRET | Set your Nobl9 client secret | Required |
SLOCTL_CONTEXT | Set your sloctl context | Optional |
SLOCTL_PROJECT | Set your Nobl9 project | Optional |
SLOCTL_TIMEOUT | Set custom timeout for applying resources. Max. value = 1 minute | Optional |
SLOCTL_FILES_PROMPT_THRESHOLD | Set custom prompt threshold for applying multiple resources (numeric value) | Optional |
SLOCTL_FILES_PROMPT_ENABLED | Set sloctl prompt message for applying multiple resources (boolean) | Optional |
Learn more about applying resources with sloctl.
To apply your required variable values, run the following Docker command:
docker run
-e SLOCTL_CLIENT_ID=$SLOCTL_CLIENT_ID \ # mandatory, your Client ID
-e SLOCTL_CLIENT_SECRET=$SLOCTL_CLIENT_SECRET \ # mandatory, your Client Secret
-e SLOCTL_CONTEXT=$SLOCTL_CONTEXT \ # optional
-e SLOCTL_PROJECT=$SLOCTL_PROJECT \ # optional
-e SLOCTL_FILES_PROMPT_THRESHOLD=30 \ # optional
-e SLOCTL_FILES_PROMPT_ENABLED=true \ # optional
nobl9/sloctl:latest apply -f '**'
sloctl is the entrypoint for the Docker container, so it's the default command that runs when the sloctl container starts.
When using Docker with sloctl:
- Provide arguments or subcommands directly (e.g.,
docker run nobl9/sloctl:latest --help) - Run any
sloctlcommand following this pattern:
docker run -v $N9_AUTH:/home/appuser/.config/nobl9 nobl9/sloctl:latest <sloctl command>