https://pulumi.com logo
Powered by
Title
b

bitter-eve-53295

04/17/2022, 6:23 PM
Anyone ever used Teleport, or similar, to connect to private clusters? I'm thinking about trying to make a dynamic provider (custom resource/gate) to establish a session with the cluster after its creation, but before I start loading up helm charts.
q

quiet-wolf-18467

04/17/2022, 6:43 PM
I use Teleport every single day. The challenge is that Teleport doesn't really provide a long term token that can be used with Pulumi
b

bitter-eve-53295

04/17/2022, 6:43 PM
Isn't that a good thing?
q

quiet-wolf-18467

04/17/2022, 6:44 PM
Yes, but not for automation 😅
One could use our bridge generator to wrap the Terraform provider
https://goteleport.com/docs/setup/guides/terraform-provider/
b

bitter-eve-53295

04/17/2022, 6:44 PM
Lol, i mean, as long a (pipeline) user can generate a very with a long enough lifetime, right?
q

quiet-wolf-18467

04/17/2022, 6:48 PM
Yeah. The new MachineID launched with Teleport 9 will be very helpful here
b

bitter-eve-53295

04/17/2022, 6:52 PM
How are you securing your clusters? Do you expose a public endpoint?
q

quiet-wolf-18467

04/17/2022, 6:53 PM
Yeah. I use the multiplex proxy so everything is available over 443
Over public IP / DNS
✅ 1
5 Views
#kubernetesJoin Slack
Powered by