Steven Martin
39cafd6a1c
Added reverse tunnel port info to teleport-kube-agent readme ( #5621 )
2021-04-13 13:55:10 -07:00
Gus Luxton
52a29bb63f
helm: Improve linting and add log level override ( #6330 )
2021-04-08 08:02:29 -07:00
Yurii Matsiuk
7569413f99
Make authToken optional if secret exists ( #6273 )
...
Co-authored-by: Gus Luxton <webvictim@gmail.com>
Signed-off-by: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
2021-04-01 14:37:01 -03:00
Ben Arent
a11ee59c80
Getting started with Kubernetes ( #5981 )
2021-03-13 09:39:15 -08:00
Gus Luxton
1102afb958
Update Helm charts to use Teleport 6 by default ( #5983 )
...
Also bump chart version so people who have pinned versions don't get auto-updated.
2021-03-12 13:40:17 -08:00
Gus Luxton
c01fe027e5
Publish teleport-cluster Helm chart ( #5895 )
...
* Publish teleport-cluster Helm chart
* Add teleport-cluster to Helm repo index HTML and update instructions
2021-03-08 08:06:54 -08:00
Steven Martin
5f49e5a4c3
Fix for HA auth configmap ( #5618 )
...
`session_control_timeout` and `session_recording` were not in the right spacing in the auth_service HA configuration.
2021-02-19 13:26:51 -05:00
Steven Martin
3a7c7e80d9
Added recording type, session lockout and https key pair settings for teleport helm chart ( #5555 )
...
* Added recording type, session lockout as `auth_service` options and https key pair as `proxy_service` option
2021-02-17 14:02:36 -05:00
Steven Martin
974825d6f5
Add kubernetes_service option to teleport helm chart ( #5490 )
...
* Increment to version 0.0.10
* Add kubernetes_service option config
2021-02-08 19:28:08 -05:00
Gus Luxton
e7efa6738a
Add linting for Helm charts with example values ( #5495 )
2021-02-08 17:08:05 -04:00
Loïc Cotonéa
bbd69866c5
[BUG FIX] Wrong value name persistnce.pdName ( #5457 )
...
Co-authored-by: Gus Luxton <gus@gravitational.com>
2021-02-02 17:28:32 -04:00
Steven Martin
335b923f4b
Allows specifying different public addresses for ssh, tunnel and k8s ( #5422 )
...
* Checks for public addresses to assign instead of default
* Provide examples of specifying different public addresses for ssh, tunnel and k8s
* Update Chart.yaml
* Update examples/chart/teleport/values.yaml
Co-authored-by: Gus Luxton <gus@gravitational.com>
* move example indentation
Co-authored-by: Gus Luxton <gus@gravitational.com>
* Update examples/chart/teleport/values.yaml
Co-authored-by: Gus Luxton <gus@gravitational.com>
* Update examples/chart/teleport/templates/config.yaml
Co-authored-by: Gus Luxton <gus@gravitational.com>
* spacing
Co-authored-by: Gus Luxton <gus@gravitational.com>
* spacing
Co-authored-by: Gus Luxton <gus@gravitational.com>
* spacing
Co-authored-by: Gus Luxton <gus@gravitational.com>
* can use different ports in the config based on the public addr setting
* Update examples/chart/teleport/values.yaml
Co-authored-by: Gus Luxton <gus@gravitational.com>
* Update examples/chart/teleport/values.yaml
Co-authored-by: Gus Luxton <gus@gravitational.com>
* spacing
Co-authored-by: Gus Luxton <gus@gravitational.com>
* spacing
Co-authored-by: Gus Luxton <gus@gravitational.com>
* spacing
Co-authored-by: Gus Luxton <gus@gravitational.com>
* spacing
Co-authored-by: Gus Luxton <gus@gravitational.com>
* spacing
Co-authored-by: Gus Luxton <gus@gravitational.com>
Co-authored-by: Gus Luxton <gus@gravitational.com>
2021-01-28 13:32:13 -05:00
Gus Luxton
f7d542b3b0
teleport-kube-agent: Check whether Teleport version is >=6 before setting db_service key ( #5407 )
2021-01-26 13:45:19 -04:00
Gus Luxton
96f70860b6
Combined Helm chart for kube, app and db services ( #5348 )
2021-01-25 18:37:25 -04:00
Laurent Lavaud
1373490c95
Fix serviceAccount template ( #5398 )
...
current serviceAccount template failed to apply correctly
2021-01-25 13:50:39 -04:00
Gus Luxton
8d40ce9b6a
Address post-release checklist items for 5.1 ( #5223 )
2021-01-20 17:13:42 -04:00
Rob Coward
20e6466525
Adding annotations to the serviceAccount definition ( #5271 )
...
* Adding annotations to the serviceAccount definition to allow IRSA to be used on AWS EKS deployments
* Adding separate settings for the auth service when deploying highAvailability and passing through loadBalancerSourceRanges when service type is LoadBalancer
2021-01-20 10:31:09 -04:00
Sasha Klizhentas
579ee120bc
Adds simpler standalone k8s chart.
...
A new chart teleport-cluster helps users to get started
with Teleport on Kubernetes. It uses single node deployment with
persitent volumens and supports ACME.
A new quickstart guide will use this chart.
2021-01-18 09:43:41 -08:00
William Reed
40b68708af
checksum must be on pod, not deployment ( #5289 )
...
checksum must be on pod, not deployment
2021-01-13 11:20:14 -08:00
Gus Luxton
6e1726bc4c
Add teleport-kube-agent chart and remove unwanted charts ( #5233 )
2021-01-07 16:53:25 -04:00
Kevin Nisbet
7947160afa
Apply suggestions from code review
...
Co-authored-by: Andrew Lytvynov <andrew@goteleport.com>
2020-12-17 11:06:05 -08:00
Kevin Nisbet
eb386e21f0
add PSP to kube-agent helm chart
2020-12-17 11:06:05 -08:00
Ben Yitzhaki
c0232bfd0e
Use tag as string instead of number in chart values ( #5075 )
...
* Use "5.0" as string instead of integer
Otherwise, it won't find the tag as it will look for tag 5, instead of 5.0
* update values for teleport-auto-trustedcluster and teleport-deamonset
Co-authored-by: Gus Luxton <gus@gravitational.com>
Co-authored-by: Andrew Lytvynov <andrew@goteleport.com>
2020-12-16 10:28:27 -08:00
Andrew Lytvynov
441cb95a77
kube-agent helm chart: use image tag 5.0 instead of 5.0.0 ( #5117 )
...
Automatically picks up the latest patch version.
2020-12-14 13:44:20 -04:00
Gus Luxton
96dcfde3c4
Always set proxy public_addr port to 443 when ingress is enabled ( #5019 )
2020-12-02 10:36:25 -04:00
Gus Luxton
553d632b2d
Post-release checklist for 5.0 ( #4982 )
2020-11-25 17:23:00 -04:00
Andrew Lytvynov
1159c4ba7b
Adda a helm chart for in-cluster kubernetes_service agent ( #4963 )
...
* Add helm chart for in-cluster kubernetes_service agent
This is a simplified version of the teleport chart, intended to only run
a "stateless" `kubernetes_service` instance within a kubernetes cluster.
This instance joins an externally-managed teleport cluster, given a
proxy address and a join token. The connection is always over a reverse
tunnel, per our recommended approach.
The chart is opinionated and only lets the user modify the bare minimum.
* Apply suggestions from code review
Co-authored-by: Gus Luxton <gus@gravitational.com>
* Move join token into a secret
Secret can be more tightly restricted via RBAC, and encrypted at rest
with KMSs.
Also, a few other small tweaks for UX.
Co-authored-by: Andrew Lytvynov <andrew@gravitational.com>
Co-authored-by: Gus Luxton <gus@gravitational.com>
2020-11-24 20:20:00 -08:00
Gus Luxton
02d62f9be9
Update to Helm v3 and package all charts ( #4809 )
2020-11-12 21:02:33 -04:00
Gus Luxton
fe36035819
Update examples to 4.4 ( #4608 )
2020-10-21 16:00:17 -03:00
Gus Luxton
20d3dd3b68
Update Teleport Helm/Terraform/CloudFormation to 4.3.7 ( #4453 )
2020-10-05 18:28:40 -03:00
Gus Luxton
470bd61dc4
Remove unused teleport-demo chart ( #4387 )
2020-09-29 09:43:52 -03:00
Gus Luxton
3408a7d306
Fix Helm chart public_addr for proxy when using Ingress ( #4107 )
2020-07-28 12:10:34 -03:00
Chad H
dec724285c
Typofix: there's no "y" in Teleport ( #4079 )
2020-07-20 11:25:05 -03:00
Gus Luxton
523d5d6bcb
Update Teleport version in Helm chart to 4.3.0 ( #4037 )
2020-07-15 13:22:02 -03:00
Gus Luxton
d72aff82f7
http -> https ( #3991 )
2020-07-08 00:14:56 -03:00
Gus Luxton
72b3679018
Add Helm chart packaging for Teleport ( #3943 )
2020-07-02 10:48:54 -07:00
Steven Martin
576e4b510d
Update to Teleport Chart ( #3821 )
2020-07-02 10:47:56 -07:00
Andrew Lytvynov
e0c7f80f6c
Update example helm charts with SelfSubjectAccessReview permissions
...
The new permission is there to allow the proxy to self-test
impersonation powers at startup and surface RBAC problems early.
2020-06-11 00:14:50 +00:00
Steven Martin
32109d8836
Teleport example helm README update ( #3750 )
...
* Teleport helm upgrade command update
The --name in the helm upgrade example was not a valid parameter. Also put in comments that ca.pem is not required. It is off by default.
* Modified comments based on feedback
2020-05-20 18:41:42 -04:00
Gus Luxton
4e9c679a05
Add Helm chart with DaemonSet to provide access to underlying host nodes ( #3674 )
2020-05-19 10:41:12 -03:00
Gus Luxton
7c7c91da10
Add more detail to README
2020-05-01 14:17:49 -07:00
Gus Luxton
218aec357b
Change LoadBalancer to ClusterIP
2020-05-01 14:17:49 -07:00
Gus Luxton
a3151111bf
Update README
2020-05-01 14:17:49 -07:00
Gus Luxton
b9c9174e07
Update README
2020-05-01 14:17:49 -07:00
Gus Luxton
2934f65fe2
Removed all requirements for TLS
2020-05-01 14:17:49 -07:00
Gus Luxton
4368891b4e
Don't set Kubernetes public address
2020-05-01 14:17:49 -07:00
Gus Luxton
3378dfccd9
Update TLS secret names
2020-05-01 14:17:49 -07:00
Gus Luxton
cd4cb69894
More README tweaks
2020-05-01 14:17:49 -07:00
Gus Luxton
c5b9d3e68f
Changes to README
2020-05-01 14:17:49 -07:00
Gus Luxton
84cd3cc13b
Update README
2020-05-01 14:17:49 -07:00