Navigation
While turbopuffer strives to be as low interaction as possible, there are certain manual operations you will have to perform in your on-prem deployment.
turbopuffer on-prem allows you to configure multiple organizations, each with their own set of API keys which you can use to scope data access. Currently, we only support creating admin API keys, that will apply to all namespaces in their organization. For this reason, if you need to ensure data is isolated we recommend creating multiple organizations instead. If this is a limitation, we recommend you contact us on Slack.
As part of your on-prem kit, you were provided with a python script apikey.py capable of generating valid org ids and API keys. If you generate your keys yourselves, we require you to follow the following schema:
[a-z0-9].[a-zA-Z0-9].The generated org id and API keys must be stored in the turbopuffer configmap, in the format documented here.
Each org id is associated an array of API keys stored as base64(sha256(apikey)), that is, the configuration base 64 encoded sha-256 hash of the actual key.
These values can be set as part of values.yaml in the helm chart provided in your on-prem kit.
