Sapian
/
backup-gitops
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
backup-gitops/cur/k8s/helm/teleport/chart
History
Alexander Morales 3b33f3d45d
add backup gitops 		8 months ago
..
templates add backup gitops 8 months ago
.helmignore add backup gitops 8 months ago
Chart.yaml add backup gitops 8 months ago
README.md add backup gitops 8 months ago
values.yaml add backup gitops 8 months ago

README.md

Teleport

Gravitational Teleport is a modern SSH/Kubernetes API proxy server for remotely accessing clusters of Linux containers and servers via SSH, HTTPS, or Kubernetes API.

Introduction

This chart deploys Teleport components to your cluster via a Kubernetes Deployment.

By default this chart is configured as follows:

  • 1 replica
  • Record ssh/k8s exec and attach session to the emptyDir of the Teleport pod
  • The assumed externally accessible hostname of Teleport is teleport.example.com
  • Teleport is accessible only from within your cluster. You need kubectl port-forward for external access.
  • TLS is enabled by default on the Proxy

See the comments in the default values.yaml and also the Teleport documentation for more options.

Prerequisites

  • Kubernetes 1.10+
  • A Teleport license file stored as a Kubernetes Secret object(See below)

Prepare the license file

Download the license.pem from the Teleport dashboard, and then rename it to the filename that this chart expects:

cp ~/Downloads/license.pem license-enterprise.pem

Store it as a Kubernetes secret:

kubectl create secret generic license --from-file=license-enterprise.pem

Installing the chart

To install the chart with the release name teleport, run:

$ helm install --name teleport ./

Teleport proxy generates a TLS key and a cert of its own by default. In order to instruct the proxy to use the TLS assets brought by you, prepare the following files:

  • Your CA cert named ca.pem
  • Your proxy server cert named proxy-server.pem
  • Your proxy server key named proxy-server-key.pem

Then run:

$ kubectl create secret tls tls-web --cert=proxy-server.pem --key=proxy-server-key.pem
$ kubectl create configmap ca-certs --from-file=ca.pem
$ helm upgrade --install --name teleport ./

Running locally on minikube

Grab the test setup from the community project teleport-on-minikube and run:

path/to/teleport-on-minikube//scripts/install-on-minikube

Type your desired password, capture the barcode with your MFA device like Google Authenticator, type the OTP.

Now, you can run various tsh commands against your local Teleport installation via teleport.example.com:

$ tsh login --auth=local --user=$USER login

Contributing

Building the cli yourself

$ git clone git@github.com:gravitational/teleport.git ~/go/src/github.com/gravitational/teleport
cd $_

$ make full

$ build/tsh --proxy=teleport.example.com --auth=local --user=admin login