* Adding annotations to the serviceAccount definition to allow IRSA to be used on AWS EKS deployments
* Adding separate settings for the auth service when deploying highAvailability and passing through loadBalancerSourceRanges when service type is LoadBalancer
A new chart teleport-cluster helps users to get started
with Teleport on Kubernetes. It uses single node deployment with
persitent volumens and supports ACME.
A new quickstart guide will use this chart.
* Use "5.0" as string instead of integer
Otherwise, it won't find the tag as it will look for tag 5, instead of 5.0
* update values for teleport-auto-trustedcluster and teleport-deamonset
Co-authored-by: Gus Luxton <gus@gravitational.com>
Co-authored-by: Andrew Lytvynov <andrew@goteleport.com>
* benchmark package
* use default config if path is not specified
* progressiveBench as a config method
* implement a main.go approach to run progressive tests
* make teleport client, run specified benchmark
* function and method descriptions
* make teleport client
* testing
* change interface method signatures
* dry up bench.go code, move producer goroutines to own function
* output formatting
* remove yaml
* fix linter errors
* remove print
* PR suggested changes, moved export latency profile functionality to the benchmark package
* PR fixes
* method description
* update testing
* linter
* docs and example
* PR suggestion changes
* fix coord omission bug
* remove benchmark struct
* remove threads, using open system
* recover in run
* close channel, check if open with each execution
* update testing, pr suggestions
* add more instructions to readme
* update example.go
* pass back context
* use SyncBuffer
* export response and service histograms
* update readme, exporting profiles section
* return from execute()
* export singular latency profile
* export response profile
* Revert "export response profile"
This reverts commit 5a21cb034c.
* export response profile
* update branch
* format example.go
* remove threads
* update example.go
* update branch
* goimports
* add signal handler & update docs
* PR suggestions
* exit out of interactive session
* revert execute
* PR suggestion
* run commmand on non-interactive instead of nil
* Add helm chart for in-cluster kubernetes_service agent
This is a simplified version of the teleport chart, intended to only run
a "stateless" `kubernetes_service` instance within a kubernetes cluster.
This instance joins an externally-managed teleport cluster, given a
proxy address and a join token. The connection is always over a reverse
tunnel, per our recommended approach.
The chart is opinionated and only lets the user modify the bare minimum.
* Apply suggestions from code review
Co-authored-by: Gus Luxton <gus@gravitational.com>
* Move join token into a secret
Secret can be more tightly restricted via RBAC, and encrypted at rest
with KMSs.
Also, a few other small tweaks for UX.
Co-authored-by: Andrew Lytvynov <andrew@gravitational.com>
Co-authored-by: Gus Luxton <gus@gravitational.com>
