diff --git a/content/enterprise_influxdb/v1/flux/flux-vs-influxql.md b/content/enterprise_influxdb/v1/flux/flux-vs-influxql.md index 98df88877..fca04a286 100644 --- a/content/enterprise_influxdb/v1/flux/flux-vs-influxql.md +++ b/content/enterprise_influxdb/v1/flux/flux-vs-influxql.md @@ -8,6 +8,7 @@ menu: weight: 5 --- + Flux is an alternative to [InfluxQL](/enterprise_influxdb/v1/query_language/) and other SQL-like query languages for querying and analyzing data. Flux uses functional language patterns making it incredibly powerful, flexible, and able to overcome many of the limitations of InfluxQL. This article outlines many of the tasks possible with Flux but not InfluxQL and provides information about Flux and InfluxQL parity. @@ -278,13 +279,11 @@ from(bucket: "geo/autogen") ## InfluxQL and Flux parity -Flux is working towards complete parity with InfluxQL and new functions are being added to that end. + The table below shows InfluxQL statements, clauses, and functions along with their equivalent Flux functions. _For a complete list of Flux functions, [view all Flux functions](/flux/v0/stdlib/all-functions)._ -### InfluxQL and Flux parity - | InfluxQL | Flux Functions | | :------------------------------------------------------------------------------------------------------------------------------------------ | :----------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [SELECT](/enterprise_influxdb/v1/query_language/explore-data/#the-basic-select-statement) | [filter()](/flux/v0/stdlib/universe/filter/) | diff --git a/content/influxdb/v1/administration/authentication_and_authorization.md b/content/influxdb/v1/administration/authentication_and_authorization.md index 1e3ab01fb..27d6635c2 100644 --- a/content/influxdb/v1/administration/authentication_and_authorization.md +++ b/content/influxdb/v1/administration/authentication_and_authorization.md @@ -15,40 +15,37 @@ alt_links: This document covers setting up and managing authentication and authorization in InfluxDB. - [Authentication](#authentication) - - [Set up Authentication](#set-up-authentication") + - [Set up Authentication](#set-up-authentication) - [Authenticate Requests](#authenticate-requests) - [Authorization](#authorization) - [User Types and Privileges](#user-types-and-privileges) - [User Management Commands](#user-management-commands) - [HTTP Errors](#authentication-and-authorization-http-errors) -{{% note %}} -Authentication and authorization should not be relied upon to prevent access and protect data from malicious actors. -If additional security or compliance features are desired, InfluxDB should be run behind a third-party service. If InfluxDB is -being deployed on a publicly accessible endpoint, we strongly recommend authentication be enabled. Otherwise the data will be -publicly available to any unauthenticated user. -{{% /note %}} +> [!Note] +> Authentication and authorization should not be relied upon to prevent access and protect data from malicious actors. +> If additional security or compliance features are desired, InfluxDB should be run behind a third-party service. If InfluxDB is +> being deployed on a publicly accessible endpoint, we strongly recommend authentication be enabled. Otherwise the data will be +> publicly available to any unauthenticated user. ## Authentication The InfluxDB API and the [command line interface](/influxdb/v1/tools/shell/) (CLI), which connects to the database using the API, include simple, built-in authentication based on user credentials. When you enable authentication, InfluxDB only executes HTTP requests that are sent with valid credentials. -{{% note %}} -Authentication only occurs at the HTTP request scope. -Plugins do not currently have the ability to authenticate requests and service -endpoints (for example, Graphite, collectd, etc.) are not authenticated. -{{% /note %}} +> [!Note] +> Authentication only occurs at the HTTP request scope. +> Plugins do not currently have the ability to authenticate requests and service +> endpoints (for example, Graphite, collectd, etc.) are not authenticated. ### Set up authentication 1. **Create at least one [admin user](#admin-users)**. See the [authorization section](#authorization) for how to create an admin user. - {{% note %}} -If you enable authentication and have no users, InfluxDB will **not** enforce authentication -and will only accept the [query](#user-management-commands) that creates a new admin user. - {{% /note %}} + > [!Note] + > If you enable authentication and have no users, InfluxDB will **not** enforce authentication + > and will only accept the [query](#user-management-commands) that creates a new admin user. InfluxDB will enforce authentication once there is an admin user. @@ -70,10 +67,9 @@ and will only accept the [query](#user-management-commands) that creates a new a https-certificate = "/etc/ssl/influxdb.pem" ``` - {{% note %}} -If `pprof-enabled` is set to `true`, set `pprof-auth-enabled` and `ping-auth-enabled` -to `true` to require authentication on profiling and ping endpoints. - {{% /note %}} + > [!Note] + > If `pprof-enabled` is set to `true`, set `pprof-auth-enabled` and `ping-auth-enabled` + > to `true` to require authentication on profiling and ping endpoints. 3. **Restart InfluxDB**. Once restarted, InfluxDB checks user credentials on every request and only @@ -210,10 +206,8 @@ Use the ``Bearer`` authorization scheme: ``` Authorization: Bearer ``` -{{% note %}} -Only unexpired tokens will successfully authenticate. -Be sure your token has not expired. -{{% /note %}} +> [!Note] +> Only unexpired tokens will successfully authenticate. Be sure your token has not expired. ###### Example query request with JWT authentication ```bash @@ -312,21 +306,20 @@ CREATE USER admin WITH PASSWORD '' WITH ALL PRIVILEGES CREATE USER WITH PASSWORD '' WITH ALL PRIVILEGES ``` -{{% note %}} -Repeating the exact `CREATE USER` statement is idempotent. -If any values change the database will return a duplicate user error. - -```sql -> CREATE USER todd WITH PASSWORD '123456' WITH ALL PRIVILEGES -> CREATE USER todd WITH PASSWORD '123456' WITH ALL PRIVILEGES -> CREATE USER todd WITH PASSWORD '123' WITH ALL PRIVILEGES -ERR: user already exists -> CREATE USER todd WITH PASSWORD '123456' -ERR: user already exists -> CREATE USER todd WITH PASSWORD '123456' WITH ALL PRIVILEGES -> -``` -{{% /note %}} +> [!Note] +> Repeating the exact `CREATE USER` statement is idempotent. +> If any values change the database will return a duplicate user error. +> +> ```sql +> > CREATE USER todd WITH PASSWORD '123456' WITH ALL PRIVILEGES +> > CREATE USER todd WITH PASSWORD '123456' WITH ALL PRIVILEGES +> > CREATE USER todd WITH PASSWORD '123' WITH ALL PRIVILEGES +> ERR: user already exists +> > CREATE USER todd WITH PASSWORD '123456' +> ERR: user already exists +> > CREATE USER todd WITH PASSWORD '123456' WITH ALL PRIVILEGES +> > +> ``` ##### `GRANT` administrative privileges to an existing user ```sql @@ -370,28 +363,27 @@ CREATE USER WITH PASSWORD '' > ``` -{{% note %}} -##### Important notes about providing user credentials -- The user value must be wrapped in double quotes if it starts with a digit, is an InfluxQL keyword, contains a hyphen and or includes any special characters, for example: `!@#$%^&*()-` -- The password [string](/influxdb/v1/query_language/spec/#strings) must be wrapped in single quotes. - Do not include the single quotes when authenticating requests. - We recommend avoiding the single quote (`'`) and backslash (`\`) characters in passwords. - For passwords that include these characters, escape the special character with a backslash (e.g. (`\'`) when creating the password and when submitting authentication requests. -- Repeating the exact `CREATE USER` statement is idempotent. If any values change the database will return a duplicate user error. See GitHub Issue [#6890](https://github.com/influxdata/influxdb/pull/6890) for details. - -###### CLI example -```sql -> CREATE USER "todd" WITH PASSWORD '123456' -> CREATE USER "todd" WITH PASSWORD '123456' -> CREATE USER "todd" WITH PASSWORD '123' -ERR: user already exists -> CREATE USER "todd" WITH PASSWORD '123456' -> CREATE USER "todd" WITH PASSWORD '123456' WITH ALL PRIVILEGES -ERR: user already exists -> CREATE USER "todd" WITH PASSWORD '123456' -> -``` -{{% /note %}} +> [!Important] +> ##### Important notes about providing user credentials +> - The user value must be wrapped in double quotes if it starts with a digit, is an InfluxQL keyword, contains a hyphen and or includes any special characters, for example: `!@#$%^&*()-` +> - The password [string](/influxdb/v1/query_language/spec/#strings) must be wrapped in single quotes. +> Do not include the single quotes when authenticating requests. +> We recommend avoiding the single quote (`'`) and backslash (`\`) characters in passwords. +> For passwords that include these characters, escape the special character with a backslash (for example, (`\'`) when creating the password and when submitting authentication requests. +> - Repeating the exact `CREATE USER` statement is idempotent. If any values change the database will return a duplicate user error. See GitHub Issue [#6890](https://github.com/influxdata/influxdb/pull/6890) for details. +> +> ###### CLI example +> ```sql +> > CREATE USER "todd" WITH PASSWORD '123456' +> > CREATE USER "todd" WITH PASSWORD '123456' +> > CREATE USER "todd" WITH PASSWORD '123' +> ERR: user already exists +> > CREATE USER "todd" WITH PASSWORD '123456' +> > CREATE USER "todd" WITH PASSWORD '123456' WITH ALL PRIVILEGES +> ERR: user already exists +> > CREATE USER "todd" WITH PASSWORD '123456' +> > +> ``` ##### `GRANT` `READ`, `WRITE` or `ALL` database privileges to an existing user @@ -472,13 +464,12 @@ CLI example: > ``` -{{% note %}} -**Note:** The password [string](/influxdb/v1/query_language/spec/#strings) must be wrapped in single quotes. -Do not include the single quotes when authenticating requests. - -We recommend avoiding the single quote (`'`) and backslash (`\`) characters in passwords -For passwords that include these characters, escape the special character with a backslash (e.g. (`\'`) when creating the password and when submitting authentication requests. -{{% /note %}} +> [!Note] +> The password [string](/influxdb/v1/query_language/spec/#strings) must be wrapped in single quotes. +> Do not include the single quotes when authenticating requests. +> +> We recommend avoiding the single quote (`'`) and backslash (`\`) characters in passwords +> For passwords that include these characters, escape the special character with a backslash (for example, (`\'`) when creating the password and when submitting authentication requests. ##### `DROP` a user diff --git a/content/influxdb/v1/administration/backup_and_restore.md b/content/influxdb/v1/administration/backup_and_restore.md index 43c090937..afdf31cd0 100644 --- a/content/influxdb/v1/administration/backup_and_restore.md +++ b/content/influxdb/v1/administration/backup_and_restore.md @@ -35,7 +35,7 @@ Depending on the volume of data to be protected and your application requirement > > Use the `backup` and `restore` utilities in > [InfluxDB Enterprise](/enterprise_influxdb/v1/administration/backup-and-restore/) and -> [InfluxDB OSS (version 1.5 and later)](#backup-and-restore-utilities/) to: +> [InfluxDB OSS (version 1.5 and later)](#backup-and-restore-utilities) to: > > - Restore InfluxDB Enterprise backup files to InfluxDB OSS instances. > - Back up InfluxDB OSS data that can be restored in InfluxDB Enterprise clusters. @@ -398,9 +398,9 @@ Requirements and commands necessary to restore a backup depend on the - [Restore all databases](#restore-all-databases) - [Restore all data to a remote InfluxDB instance](#restore-all-data-to-a-remote-influxdb-instance) - [Restore a specific database](#restore-a-specific-database) -- [Restore data from a database that already exists](#restore-data-from-a-database-that-already-exists) +- [Restore data to a database that already exists](#restore-data-to-a-database-that-already-exists) - [Restore a specific retention policy](#restore-a-specific-retention-policy) -- [Restore data from a retention policy that already exists](#restore-data-from-a-retention-policy-that-already-exists) +- [Restore data to a retention policy that already exists](#restore-data-to-a-retention-policy-that-already-exists) - [Restore a specific shard](#restore-a-specific-shard) #### Restore all databases diff --git a/content/influxdb/v1/administration/config.md b/content/influxdb/v1/administration/config.md index 22ebdb3e0..d66ec857b 100644 --- a/content/influxdb/v1/administration/config.md +++ b/content/influxdb/v1/administration/config.md @@ -72,7 +72,7 @@ file or in an environment variable, InfluxDB uses its internal default configura > If an environment variable has already been set, the equivalent configuration > setting in the configuration file is ignored. -### InfluxDB environment variables (`INFLUXDB_*`) +### InfluxDB environment variables (`INFLUXDB_*`) {#influxdb-environment-variables-influxdb} The InfluxDB environment variables are documented below with the corresponding configuration file settings. All of the InfluxDB-specific environment variables @@ -899,8 +899,8 @@ permissions to access the following endpoints: - `/debug/vars` This setting has no effect if either -[`auth-enabled`](#auth-enabled-false) or -[`pprof-enabled`](#pprof-enabled-true) are set to `false`. +[`auth-enabled`](#auth-enabled) or +[`pprof-enabled`](#pprof-enabled) are set to `false`. **Default**: `false` **Environment variable**: `INFLUXDB_HTTP_PPROF_AUTH_ENABLED` @@ -915,9 +915,8 @@ Useful for debugging startup performance issues. #### ping-auth-enabled -Enables authentication on the `/ping`, `/metrics`, and deprecated `/status` -endpoints. This setting has no effect if -[`auth-enabled`](#auth-enabled-false) is set to `false`. +Enables authentication on the `/ping`, `/metrics`, and deprecated `/status` endpoints. +This setting has no effect if [`auth-enabled`](#auth-enabled) is set to `false`. **Default**: `false` **Environment variable**: `INFLUXDB_HTTP_PING_AUTH_ENABLED` @@ -925,7 +924,7 @@ endpoints. This setting has no effect if #### prom-read-auth-enabled Enables authentication on the Prometheus remote read API. This setting has no -effect if [`auth-enabled`](#auth-enabled-false) is set to `false`. +effect if [`auth-enabled`](#auth-enabled) is set to `false`. **Default**: `false` **Environment variable**: `INFLUXDB_HTTP_PROM_READ_AUTH_ENABLED` diff --git a/content/influxdb/v1/administration/upgrading.md b/content/influxdb/v1/administration/upgrading.md index 5ea792595..f67dd08e4 100644 --- a/content/influxdb/v1/administration/upgrading.md +++ b/content/influxdb/v1/administration/upgrading.md @@ -53,12 +53,12 @@ Run the `buildtsi` command using the user account that you are going to run the Switch index types at any time by doing one of the following: -- To switch from to `inmem` to `tsi1`, complete steps 3 and 4 above in [Upgrade to InfluxDB 1.11.x](#upgrade-to-influxdb-1-8-x). -- To switch from to `tsi1` to `inmem`, change `tsi1` to `inmem` by completing steps 3a-3c and 4 above in [Upgrade to InfluxDB 1.11.x](#upgrade-to-influxdb-1-8-x). +- To switch from to `inmem` to `tsi1`, complete steps 3 and 4 above in [Upgrade to InfluxDB 1.11.x](#upgrade-to-influxdb-111x). +- To switch from to `tsi1` to `inmem`, change `tsi1` to `inmem` by completing steps 3a-3c and 4 above in [Upgrade to InfluxDB 1.11.x](#upgrade-to-influxdb-111x). ## Downgrade InfluxDB -To downgrade to an earlier version, complete the procedures above in [Upgrade to InfluxDB 1.11.x](#upgrade-to-influxdb-1-8-x), replacing the version numbers with the version that you want to downgrade to. +To downgrade to an earlier version, complete the procedures above in [Upgrade to InfluxDB 1.11.x](#upgrade-to-influxdb-111x), replacing the version numbers with the version that you want to downgrade to. After downloading the release, migrating your configuration settings, and enabling TSI or TSM, make sure to [rebuild your index](/influxdb/v1/administration/rebuild-tsi-index/). >**Note:** Some versions of InfluxDB may have breaking changes that impact your ability to upgrade and downgrade. For example, you cannot downgrade from InfluxDB 1.3 or later to an earlier version. Please review the applicable version of release notes to check for compatibility issues between releases.