content/influxdb3/clustered/get-started/setup.md
As you get started with this tutorial, do the following to make sure everything you need is in place.
Follow the Install InfluxDB Clustered guide to install prerequisites and set up your cluster.
The influxctl CLI
lets you manage your {{< product-name omit="Clustered" >}} cluster from a
command line and perform administrative tasks such as managing
databases and tokens.
Create a connection profile and provide your {{< product-name >}} connection credentials.
The influxctl CLI uses connection profiles
to connect to and authenticate with your {{< product-name omit="Clustered" >}} cluster.
Create a file named config.toml at the following location depending on
your operating system.
| Operating system | Default profile configuration file path |
|---|---|
| Linux | ~/.config/influxctl/config.toml |
| macOS | ~/Library/Application Support/influxctl/config.toml |
| Windows | %APPDATA%\influxctl\config.toml |
[!Note] If stored at a non-default location, include the
--configflag with eachinfluxctlcommand and provide the path to your profile configuration file.
Copy and paste the sample configuration profile code into your config.toml:
{{% code-placeholders "PORT|OAUTH_TOKEN_URL|OAUTH_DEVICE_URL|OAUTH_CLIENT_ID" %}}
[[profile]]
name = "default"
product = "clustered"
host = "{{< influxdb/host >}}"
port = "PORT"
[profile.auth.oauth2]
client_id = "OAUTH_CLIENT_ID"
scopes = [""]
token_url = "OAUTH_TOKEN_URL"
device_url = "OAUTH_DEVICE_URL"
{{% /code-placeholders %}}
Replace the following with your {{< product-name >}} credentials:
PORT{{% /code-placeholder-key %}}: the port to use to access your InfluxDB clusterOAUTH_CLIENT_ID{{% /code-placeholder-key %}}: the client URL of your OAuth2 provider
(for example: https://identityprovider/oauth2/v2/token)OAUTH_DEVICE_ID{{% /code-placeholder-key %}}: the device URL of your OAuth2 provider
(for example: https://identityprovider/oauth2/v2/auth/device)For detailed information about influxctl profiles, see
Configure connection profiles.
Use the
influxctl database create command
to create a database. You can use an existing database or create a new one
specifically for this getting started tutorial.
Examples in this getting started tutorial assume a database named get-started.
[!Note]
Authenticate with your cluster
The first time you run an
influxctlCLI command, you are directed to login to your OAuth provider. Once logged in, your OAuth provider issues a short-lived (1 hour) management token for theinfluxctlCLI that grants administrative access to your {{< product-name omit="Clustered" >}} cluster.
Provide the following:
{{% code-placeholders "get-started|1y" %}}
influxctl database create --retention-period 1y get-started
{{% /code-placeholders %}}
Use the
influxctl token create command
to create a database token with read and write permissions for your database.
Provide the following:
--read-database: Grants read access to a database--write-database Grants write access to a database{{% code-placeholders "get-started" %}}
influxctl token create \
--read-database get-started \
--write-database get-started \
"Read/write token for get-started database"
{{% /code-placeholders %}}
<!--actual test ```sh # Test the preceding command outside of the code block. # influxctl authentication requires TTY interaction-- # output the auth URL to a file that the host can open. TOKEN_NAME=token_TEST_RUN script -q /dev/null -c "influxctl token list > /shared/urls.txt \ && influxctl token create \ --read-database DATABASE_NAME \ --write-database DATABASE_NAME \ \"Read/write token ${TOKEN_NAME} for DATABASE_NAME database\" > /shared/tokens.txt && influxctl token revoke $(head /shared/tokens.txt) \ && rm /shared/tokens.txt" ``` -->The command returns the token ID and the token string. Store the token string in a safe place. You'll need it later. This is the only time the token string is available in plain text.
[!Note]
Store secure tokens in a secret store
Token strings are returned only on token creation. We recommend storing database tokens in a secure secret store. For example, see how to authenticate Telegraf using tokens in your OS secret store.
Code samples in later sections assume you assigned the token string to an
INFLUX_TOKEN environment variable--for example:
{{< tabs-wrapper >}} {{% tabs %}} MacOS and Linux PowerShell CMD {{% /tabs %}} {{% tab-content %}}
<!-- Using tabs-wrapper b/c code-tabs-wrapper breaks here. --> <!-- BEGIN MACOS/LINUX -->{{% code-placeholders "DATABASE_TOKEN" %}}
export INFLUX_TOKEN=DATABASE_TOKEN
{{% /code-placeholders %}}
<!-- END MACOS/LINUX -->{{% /tab-content %}} {{% tab-content %}}
<!-- BEGIN POWERSHELL -->{{% code-placeholders "DATABASE_TOKEN" %}}
$env:INFLUX_TOKEN = "DATABASE_TOKEN"
{{% /code-placeholders %}}
<!-- END POWERSHELL -->{{% /tab-content %}} {{% tab-content %}}
<!-- BEGIN CMD -->{{% code-placeholders "DATABASE_TOKEN" %}}
set INFLUX_TOKEN=DATABASE_TOKEN
# Make sure to include a space character at the end of this command.
{{% /code-placeholders %}}
<!-- END CMD -->{{% /tab-content %}} {{< /tabs-wrapper >}}
Replace {{% code-placeholder-key %}}DATABASE_TOKEN{{% /code-placeholder-key %}}
with your database token string.
{{< page-nav prev="/influxdb3/clustered/get-started/" next="/influxdb3/clustered/get-started/write/" keepTab=true >}}