Skip to content

Commit c814695

Browse files
chinkitpchinkitp
committed
Adding support for teleport
Signed-off-by: chinkitp <chinkit.patel@gmail.com>
1 parent 77f612a commit c814695

File tree

5 files changed

+87
-0
lines changed

5 files changed

+87
-0
lines changed

cluster.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,9 @@ metadata:
66
projectName: audio
77
dryRun: false
88

9+
apps:
10+
sourceDirectoryPath: "apps"
11+
912
gitOps:
1013
directoryName: "./cluster"
1114

cluster/infrastructure/controllers/kustomization.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,3 +5,4 @@ resources:
55
- ./kubelet/components.yaml
66
- ./headlamp/components.yaml
77
- runtime-class.yaml
8+
- ./teleport/

cluster/infrastructure/controllers/teleport/agent.yaml

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
---
2+
apiVersion: source.toolkit.fluxcd.io/v1
3+
kind: HelmRepository
4+
metadata:
5+
name: teleport-kube-agent
6+
namespace: kube-system
7+
spec:
8+
interval: 24h
9+
url: https://charts.releases.teleport.dev
10+
---
11+
apiVersion: helm.toolkit.fluxcd.io/v2
12+
kind: HelmRelease
13+
metadata:
14+
name: teleport-agent
15+
namespace: kube-system
16+
spec:
17+
chart:
18+
spec:
19+
chart: teleport-kube-agent
20+
reconcileStrategy: ChartVersion
21+
sourceRef:
22+
kind: HelmRepository
23+
name: teleport-kube-agent
24+
version: 15.4.2
25+
interval: 1m0s
26+
values:
27+
kubeClusterName: patel02
28+
joinTokenSecret:
29+
create: false
30+
labels:
31+
teleport.internal/resource-id: kubox-k8s
32+
aws/Cluster: patel02
33+
aws/Project: patel02
34+
proxyAddr: sso.kubox.cloud:443
35+
roles: kube,app,discovery

cluster/infrastructure/controllers/teleport/kustomization.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
apiVersion: kustomize.config.k8s.io/v1beta1
2+
kind: Kustomization
3+
resources:
4+
- agent.yaml
5+
- rbac.yaml

cluster/infrastructure/controllers/teleport/rbac.yaml

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
apiVersion: rbac.authorization.k8s.io/v1
2+
kind: ClusterRole
3+
metadata:
4+
name: developer
5+
rules:
6+
- apiGroups: [""]
7+
resources: ["*"]
8+
verbs: ["*"]
9+
---
10+
apiVersion: rbac.authorization.k8s.io/v1
11+
kind: ClusterRoleBinding
12+
metadata:
13+
name: global-developer
14+
subjects:
15+
- kind: Group
16+
name: team-santoku
17+
apiGroup: rbac.authorization.k8s.io
18+
roleRef:
19+
kind: ClusterRole
20+
name: developer
21+
apiGroup: rbac.authorization.k8s.io
22+
---
23+
apiVersion: rbac.authorization.k8s.io/v1
24+
kind: ClusterRole
25+
metadata:
26+
name: kubox-admin
27+
rules:
28+
- apiGroups: ["*"]
29+
resources: ["*"]
30+
verbs: ["*"]
31+
---
32+
apiVersion: rbac.authorization.k8s.io/v1
33+
kind: ClusterRoleBinding
34+
metadata:
35+
name: global-admin
36+
subjects:
37+
- kind: Group
38+
name: team-katana
39+
apiGroup: rbac.authorization.k8s.io
40+
roleRef:
41+
kind: ClusterRole
42+
name: kubox-admin
43+
apiGroup: rbac.authorization.k8s.io

0 commit comments

Comments
 (0)