Hi Grafana community,
I’m working on integrating Google Cloud Storage (GCS) as the persistent storage backend for Tempo, but I’m encountering some issues with authentication. Here’s my current configuration in values.yaml
# tempo.yaml
distributor:
receivers:
otlp:
protocols:
grpc:
ingester:
trace_idle_period: 10s
max_block_bytes: 1_000_000
max_block_duration: 1m
compactor:
compaction:
compaction_window: 1h
max_compaction_objects: 1000000
block_retention: 1h
compacted_block_retention: 10m
flush_size_bytes: 5242880
storage:
trace:
backend: gcs
gcs:
bucket_name: tempo-storage-bucket
endpoint: https://storage.googleapis.com/storage/v1/
credentials_file: "/mnt/secrets/gcp-credentials/gcp-sa.json"
volumeMounts:
- name: gcp-credentials
mountPath: "/mnt/secrets/gcp-credentials"
readOnly: true
volumes:
- name: gcp-credentials
secret:
secretName: gcs-credentials
below command i’m using to deploy the chart
helm upgrade --install grafana-tempo grafana/tempo -f tempo.yaml -n monitoring
I’ve already created a service account in Google Cloud and downloaded the JSON key file. I then created a Kubernetes secret with the key file. However, I’m not sure how to properly configure the credentials_file and project_id fields in the values.yaml to authenticate with GCS.
Could someone please guide me on how to correctly configure the authentication for GCS in Tempo using the provided service account JSON key file?
Thanks,
Harshwardhan Kakra