sa_8001/dsk-devops-toolchains
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

디렉토리 구조 및 각 서비스 추가

Browse Source
This commit is contained in:
dsk-minchulahn
2024-01-03 17:29:11 +09:00
parent 98de2a7627
commit d601d0f259
1632 changed files with 207616 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
helm/teleport-cluster/README.md Normal file
View File

@@ -0,0 +1,64 @@
# Teleport Cluster
This chart sets up a single node Teleport cluster.
It uses a persistent volume claim for storage.
Great for getting started with Teleport.
## Important Notices
- The chart version follows the Teleport version. e.g. chart v10.x can run Teleport v10.x and v11.x, but is not compatible with Teleport 9.x
- Teleport does mutual TLS to authenticate clients. It currently does not support running behind a L7 LoadBalancer, like a Kubernetes `Ingress`. It requires being exposed through a L4 LoadBalancer (Kubernetes `Service`).
## Getting Started
### Single-node example
To install Teleport in a separate namespace and provision a web certificate using Let's Encrypt, run:
```bash
$ helm install teleport/teleport-cluster \
--set acme=true \
--set acmeEmail=alice@example.com \
--set clusterName=teleport.example.com\
--create-namespace \
--namespace=teleport-cluster \
./teleport-cluster/
```
Finally, configure the DNS for `teleport.example.com` to point to the newly created LoadBalancer.
Note: this guide uses the built-in ACME client to get certificates.
In this setup, Teleport nodes cannot be replicated. If you want to run multiple
Teleport replicas, you must provide a certificate through `tls.existingSecretName`
or by installing [cert-manager](https://cert-manager.io/docs/) and setting the `highAvailability.certManager.*` values.
### Replicated setup guides
- [Running an HA Teleport cluster in Kubernetes using an AWS EKS Cluster](https://goteleport.com/docs/deploy-a-cluster/helm-deployments/aws/)
- [Running an HA Teleport cluster in Kubernetes using a Google Cloud GKE cluster](https://goteleport.com/docs/deploy-a-cluster/helm-deployments/gcp/)
- [Running a Teleport cluster in Kubernetes with a custom Teleport config](https://goteleport.com/docs/deploy-a-cluster/helm-deployments/custom/)
### Creating first user
The first user can be created by executing a command in one of the auth pods.
```shell
kubectl exec it -n teleport-cluster statefulset/teleport-cluster-auth -- tctl users add my-username --roles=editor,auditor,access
```
The command should output a registration link to finalize the user creation.
## Uninstalling
```bash
helm uninstall --namespace teleport-cluster teleport-cluster
```
## Documentation
See https://goteleport.com/docs/kubernetes-access/helm/guides/ for guides on setting up HA Teleport clusters
in EKS or GKE, plus a comprehensive chart reference.
## Contributing to the chart
Please read [CONTRIBUTING.md](../CONTRIBUTING.md) before raising a pull request to this chart.