self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-22 18:23:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
6180 commits 3232 branches 4174 tags 1.3 GiB
Commit graph

83 commits

Author SHA1 Message Date
Steven Martin 39cafd6a1c
Added reverse tunnel port info to teleport-kube-agent readme (#5621) 2021-04-13 13:55:10 -07:00
Gus Luxton 52a29bb63f
helm: Improve linting and add log level override (#6330) 2021-04-08 08:02:29 -07:00
Yurii Matsiuk 7569413f99
Make authToken optional if secret exists (#6273) 
Co-authored-by: Gus Luxton <webvictim@gmail.com>
Signed-off-by: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
 2021-04-01 14:37:01 -03:00
Ben Arent a11ee59c80
Getting started with Kubernetes (#5981) 2021-03-13 09:39:15 -08:00
Gus Luxton 1102afb958
Update Helm charts to use Teleport 6 by default (#5983) 
Also bump chart version so people who have pinned versions don't get auto-updated.
 2021-03-12 13:40:17 -08:00
Gus Luxton c01fe027e5
Publish teleport-cluster Helm chart (#5895) 
* Publish teleport-cluster Helm chart

* Add teleport-cluster to Helm repo index HTML and update instructions
 2021-03-08 08:06:54 -08:00
Steven Martin 5f49e5a4c3
Fix for HA auth configmap (#5618) 
`session_control_timeout` and `session_recording` were not in the right spacing in the auth_service HA configuration.
 2021-02-19 13:26:51 -05:00
Steven Martin 3a7c7e80d9
Added recording type, session lockout and https key pair settings for teleport helm chart (#5555) 
* Added recording type, session lockout as `auth_service` options  and https key pair as `proxy_service` option
 2021-02-17 14:02:36 -05:00
Steven Martin 974825d6f5
Add kubernetes_service option to teleport helm chart (#5490) 
* Increment to version 0.0.10

* Add kubernetes_service option config
 2021-02-08 19:28:08 -05:00
Gus Luxton e7efa6738a
Add linting for Helm charts with example values (#5495) 2021-02-08 17:08:05 -04:00
Loïc Cotonéa bbd69866c5
[BUG FIX] Wrong value name persistnce.pdName (#5457) 
Co-authored-by: Gus Luxton <gus@gravitational.com>
 2021-02-02 17:28:32 -04:00
Steven Martin 335b923f4b
Allows specifying different public addresses for ssh, tunnel and k8s (#5422) 
* Checks for public addresses to assign instead of default

* Provide examples of specifying different public addresses for ssh, tunnel and k8s

* Update Chart.yaml

* Update examples/chart/teleport/values.yaml

Co-authored-by: Gus Luxton <gus@gravitational.com>

* move example indentation

Co-authored-by: Gus Luxton <gus@gravitational.com>

* Update examples/chart/teleport/values.yaml

Co-authored-by: Gus Luxton <gus@gravitational.com>

* Update examples/chart/teleport/templates/config.yaml

Co-authored-by: Gus Luxton <gus@gravitational.com>

* spacing

Co-authored-by: Gus Luxton <gus@gravitational.com>

* spacing

Co-authored-by: Gus Luxton <gus@gravitational.com>

* spacing

Co-authored-by: Gus Luxton <gus@gravitational.com>

* can use different ports in the config based on the public addr setting

* Update examples/chart/teleport/values.yaml

Co-authored-by: Gus Luxton <gus@gravitational.com>

* Update examples/chart/teleport/values.yaml

Co-authored-by: Gus Luxton <gus@gravitational.com>

* spacing

Co-authored-by: Gus Luxton <gus@gravitational.com>

* spacing

Co-authored-by: Gus Luxton <gus@gravitational.com>

* spacing

Co-authored-by: Gus Luxton <gus@gravitational.com>

* spacing

Co-authored-by: Gus Luxton <gus@gravitational.com>

* spacing

Co-authored-by: Gus Luxton <gus@gravitational.com>

Co-authored-by: Gus Luxton <gus@gravitational.com>
 2021-01-28 13:32:13 -05:00
Gus Luxton f7d542b3b0
teleport-kube-agent: Check whether Teleport version is >=6 before setting db_service key (#5407) 2021-01-26 13:45:19 -04:00
Gus Luxton 96f70860b6
Combined Helm chart for kube, app and db services (#5348) 2021-01-25 18:37:25 -04:00
Laurent Lavaud 1373490c95
Fix serviceAccount template (#5398) 
current serviceAccount template failed to apply correctly
 2021-01-25 13:50:39 -04:00
Gus Luxton 8d40ce9b6a
Address post-release checklist items for 5.1 (#5223) 2021-01-20 17:13:42 -04:00
Rob Coward 20e6466525
Adding annotations to the serviceAccount definition (#5271) 
* Adding annotations to the serviceAccount definition to allow IRSA to be used on AWS EKS deployments

* Adding separate settings for the auth service when deploying highAvailability and passing through loadBalancerSourceRanges when service type is LoadBalancer
 2021-01-20 10:31:09 -04:00
Sasha Klizhentas 579ee120bc Adds simpler standalone k8s chart. 
A new chart teleport-cluster helps users to get started
with Teleport on Kubernetes. It uses single node deployment with
persitent volumens and supports ACME.

A new quickstart guide will use this chart.
 2021-01-18 09:43:41 -08:00
William Reed 40b68708af
checksum must be on pod, not deployment (#5289) 
checksum must be on pod, not deployment
 2021-01-13 11:20:14 -08:00
Gus Luxton 6e1726bc4c
Add teleport-kube-agent chart and remove unwanted charts (#5233) 2021-01-07 16:53:25 -04:00
Kevin Nisbet 7947160afa Apply suggestions from code review 
Co-authored-by: Andrew Lytvynov <andrew@goteleport.com>
 2020-12-17 11:06:05 -08:00
Kevin Nisbet eb386e21f0 add PSP to kube-agent helm chart 2020-12-17 11:06:05 -08:00
Ben Yitzhaki c0232bfd0e
Use tag as string instead of number in chart values (#5075) 
* Use "5.0" as string instead of integer

Otherwise, it won't find the tag as it will look for tag 5, instead of 5.0

* update values for teleport-auto-trustedcluster and teleport-deamonset

Co-authored-by: Gus Luxton <gus@gravitational.com>
Co-authored-by: Andrew Lytvynov <andrew@goteleport.com>
 2020-12-16 10:28:27 -08:00
Andrew Lytvynov 441cb95a77
kube-agent helm chart: use image tag 5.0 instead of 5.0.0 (#5117) 
Automatically picks up the latest patch version.
 2020-12-14 13:44:20 -04:00
Gus Luxton 96dcfde3c4
Always set proxy public_addr port to 443 when ingress is enabled (#5019) 2020-12-02 10:36:25 -04:00
Gus Luxton 553d632b2d
Post-release checklist for 5.0 (#4982) 2020-11-25 17:23:00 -04:00
Andrew Lytvynov 1159c4ba7b
Adda a helm chart for in-cluster kubernetes_service agent (#4963) 
* Add helm chart for in-cluster kubernetes_service agent

This is a simplified version of the teleport chart, intended to only run
a "stateless" `kubernetes_service` instance within a kubernetes cluster.
This instance joins an externally-managed teleport cluster, given a
proxy address and a join token. The connection is always over a reverse
tunnel, per our recommended approach.

The chart is opinionated and only lets the user modify the bare minimum.

* Apply suggestions from code review

Co-authored-by: Gus Luxton <gus@gravitational.com>

* Move join token into a secret

Secret can be more tightly restricted via RBAC, and encrypted at rest
with KMSs.

Also, a few other small tweaks for UX.

Co-authored-by: Andrew Lytvynov <andrew@gravitational.com>
Co-authored-by: Gus Luxton <gus@gravitational.com>
 2020-11-24 20:20:00 -08:00
Gus Luxton 02d62f9be9
Update to Helm v3 and package all charts (#4809) 2020-11-12 21:02:33 -04:00
Gus Luxton fe36035819
Update examples to 4.4 (#4608) 2020-10-21 16:00:17 -03:00
Gus Luxton 20d3dd3b68
Update Teleport Helm/Terraform/CloudFormation to 4.3.7 (#4453) 2020-10-05 18:28:40 -03:00
Gus Luxton 470bd61dc4
Remove unused teleport-demo chart (#4387) 2020-09-29 09:43:52 -03:00
Gus Luxton 3408a7d306
Fix Helm chart public_addr for proxy when using Ingress (#4107) 2020-07-28 12:10:34 -03:00
Chad H dec724285c
Typofix: there's no "y" in Teleport (#4079) 2020-07-20 11:25:05 -03:00
Gus Luxton 523d5d6bcb
Update Teleport version in Helm chart to 4.3.0 (#4037) 2020-07-15 13:22:02 -03:00
Gus Luxton d72aff82f7
http -> https (#3991) 2020-07-08 00:14:56 -03:00
Gus Luxton 72b3679018
Add Helm chart packaging for Teleport (#3943) 2020-07-02 10:48:54 -07:00
Steven Martin 576e4b510d
Update to Teleport Chart (#3821) 2020-07-02 10:47:56 -07:00
Andrew Lytvynov e0c7f80f6c Update example helm charts with SelfSubjectAccessReview permissions 
The new permission is there to allow the proxy to self-test
impersonation powers at startup and surface RBAC problems early.
 2020-06-11 00:14:50 +00:00
Steven Martin 32109d8836
Teleport example helm README update (#3750) 
* Teleport helm upgrade command update

The --name in the helm upgrade example was not a valid parameter.  Also put in comments that ca.pem is not required.  It is off by default.

* Modified comments based on feedback
 2020-05-20 18:41:42 -04:00
Gus Luxton 4e9c679a05
Add Helm chart with DaemonSet to provide access to underlying host nodes (#3674) 2020-05-19 10:41:12 -03:00
Gus Luxton 7c7c91da10 Add more detail to README 2020-05-01 14:17:49 -07:00
Gus Luxton 218aec357b Change LoadBalancer to ClusterIP 2020-05-01 14:17:49 -07:00
Gus Luxton a3151111bf Update README 2020-05-01 14:17:49 -07:00
Gus Luxton b9c9174e07 Update README 2020-05-01 14:17:49 -07:00
Gus Luxton 2934f65fe2 Removed all requirements for TLS 2020-05-01 14:17:49 -07:00
Gus Luxton 4368891b4e Don't set Kubernetes public address 2020-05-01 14:17:49 -07:00
Gus Luxton 3378dfccd9 Update TLS secret names 2020-05-01 14:17:49 -07:00
Gus Luxton cd4cb69894 More README tweaks 2020-05-01 14:17:49 -07:00
Gus Luxton c5b9d3e68f Changes to README 2020-05-01 14:17:49 -07:00
Gus Luxton 84cd3cc13b Update README 2020-05-01 14:17:49 -07:00