mirror of
https://github.com/gravitational/teleport
synced 2024-10-20 01:03:40 +00:00
f0dd7d7d85
This commit adds a new joinMethod as described in https://github.com/gravitational/teleport/pull/17905 This method allow pods running in the same Kubernetes cluster than the auth servers to join the Teleport cluster. It relies on Kubernetes tokens to establish trust. The goal is to be able to deploy proxies and auths separately and join them in a single cluser. Pre Kubernetes 1.20, the tokens are static, long-lived, not bound to pods. We support them for compatibility reasons. Starting with Kubernetes 1.20, tokens are bound to pods (and starting with 1.21 they can be mounted through projected volumes). Starting with 1.21 we should only accept bound tokens. The chart will ensure tokens are properly mounted with projected volumes so we can benefit from the 1h to 10min token lifetime. |
||
---|---|---|
.. | ||
common | ||
tbot | ||
tctl | ||
teleport | ||
tsh |