Skip to content

kube: resolve Kubernetes cluster domain#43584

Merged
tigrato merged 1 commit intomasterfrom
tigrato/cluster-domain-kube
Jun 28, 2024
Merged

kube: resolve Kubernetes cluster domain#43584
tigrato merged 1 commit intomasterfrom
tigrato/cluster-domain-kube

Conversation

@tigrato
Copy link
Copy Markdown
Contributor

@tigrato tigrato commented Jun 27, 2024
edited
Loading

This PR enhances teleport by no longer assuming the cluster domain must be cluster.local. Since many clusters use a non-default cluster domain, this assumption can disrupt app discovery access.

To address this, the PR allows to set clusterDomain via the helm chart when installing/upgrading the agent.

Fixes #39007

Changelog: Extend Teleport ability to use non-default cluster domains in Kubernetes, avoiding the assumption of cluster.local.

@github-actions github-actions Bot requested a review from marcoandredinis June 27, 2024 10:25
@tigrato tigrato force-pushed the tigrato/cluster-domain-kube branch from 60e89a8 to 132517b Compare June 27, 2024 10:28
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Jun 27, 2024

🤖 Vercel preview here: https://docs-k30hndljw-goteleport.vercel.app/docs/ver/preview

@tigrato tigrato mentioned this pull request Jun 27, 2024
Closed
rosstimothy
rosstimothy reviewed Jun 27, 2024
View reviewed changes
Comment thread lib/services/app.go Outdated
Comment thread lib/services/app.go Outdated
Comment thread lib/services/app_test.go Outdated
Comment thread lib/services/app_test.go Outdated
AntonAM
AntonAM approved these changes Jun 27, 2024
View reviewed changes
Comment thread lib/services/app.go Outdated
@tigrato tigrato force-pushed the tigrato/cluster-domain-kube branch from bc2253b to 6040836 Compare June 27, 2024 15:20
@tigrato tigrato force-pushed the tigrato/cluster-domain-kube branch from 6040836 to 0832dc0 Compare June 27, 2024 15:21
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Jun 27, 2024

🤖 Vercel preview here: https://docs-mw92ym9t7-goteleport.vercel.app/docs/ver/preview

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Jun 27, 2024

🤖 Vercel preview here: https://docs-8za9iev3y-goteleport.vercel.app/docs/ver/preview

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Jun 27, 2024

🤖 Vercel preview here: https://docs-9kzkb7kw0-goteleport.vercel.app/docs/ver/preview

@tigrato tigrato force-pushed the tigrato/cluster-domain-kube branch from 0832dc0 to 633dd56 Compare June 27, 2024 15:40
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Jun 27, 2024

🤖 Vercel preview here: https://docs-b52e0hwrv-goteleport.vercel.app/docs/ver/preview

webvictim
webvictim approved these changes Jun 27, 2024
View reviewed changes
Comment thread docs/pages/reference/helm-reference/includes/zz_generated.teleport-kube-agent.mdx Outdated
@tigrato tigrato force-pushed the tigrato/cluster-domain-kube branch from 9a57bd9 to 2d5490e Compare June 28, 2024 08:55
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Jun 28, 2024

🤖 Vercel preview here: https://docs-3phiw8nzp-goteleport.vercel.app/docs/ver/preview

@tigrato tigrato added this pull request to the merge queue Jun 28, 2024
Merged via the queue into master with commit 9f8dd01 Jun 28, 2024
@tigrato tigrato deleted the tigrato/cluster-domain-kube branch June 28, 2024 09:32
@public-teleport-github-review-bot
Copy link
Copy Markdown

public-teleport-github-review-bot Bot commented Jun 28, 2024

@tigrato See the table below for backport results.

Branch Result
branch/v14 Failed
branch/v15 Failed
branch/v16 Failed

tigrato added a commit that referenced this pull request Jun 28, 2024
@tigrato
kube: resolve Kubernetes cluster domain (#43584)
2da27a8 
This PR enhances teleport's intelligence by no longer assuming the cluster domain is `cluster.local`. Since many clusters use a non-default cluster domain, this assumption can disrupt app discovery access.

Fixes #39007

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
@tigrato tigrato mentioned this pull request Jun 28, 2024
Merged
tigrato added a commit that referenced this pull request Jun 28, 2024
@tigrato
kube: resolve Kubernetes cluster domain (#43584)
5ba0256 
This PR enhances teleport's intelligence by no longer assuming the cluster domain is `cluster.local`. Since many clusters use a non-default cluster domain, this assumption can disrupt app discovery access.

Fixes #39007

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
@tigrato tigrato mentioned this pull request Jun 28, 2024
Merged
@tigrato tigrato mentioned this pull request Jun 28, 2024
Merged
github-merge-queue Bot pushed a commit that referenced this pull request Jun 28, 2024
@tigrato
kube: resolve Kubernetes cluster domain (#43584) (#43632)
bc1c31b 
This PR enhances teleport's intelligence by no longer assuming the cluster domain is `cluster.local`. Since many clusters use a non-default cluster domain, this assumption can disrupt app discovery access.

Fixes #39007

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
github-merge-queue Bot pushed a commit that referenced this pull request Jun 28, 2024
@tigrato
kube: resolve Kubernetes cluster domain (#43584) (#43631)
f8c1263 
This PR enhances teleport's intelligence by no longer assuming the cluster domain is `cluster.local`. Since many clusters use a non-default cluster domain, this assumption can disrupt app discovery access.

Fixes #39007

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
tigrato added a commit that referenced this pull request Jul 8, 2024
@tigrato
kube: resolve Kubernetes cluster domain (#43584)
e9e8001 
This PR enhances teleport's intelligence by no longer assuming the cluster domain is `cluster.local`. Since many clusters use a non-default cluster domain, this assumption can disrupt app discovery access.

Fixes #39007

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
github-merge-queue Bot pushed a commit that referenced this pull request Jul 8, 2024
@tigrato
kube: resolve Kubernetes cluster domain (#43584) (#43633)
f3db7d0 
This PR enhances teleport's intelligence by no longer assuming the cluster domain is `cluster.local`. Since many clusters use a non-default cluster domain, this assumption can disrupt app discovery access.

Fixes #39007

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
@1st8
Copy link
Copy Markdown

1st8 commented Sep 3, 2024

@tigrato is there a reason that this has only been added to the deployment.yaml, and not to the statefulset.yaml?

tigrato added a commit that referenced this pull request Sep 3, 2024
@tigrato
kube: expose cluster domain to statefulset pod
b9191b8 
This PR corrects a typo that didn't exposed the cluster domain in the statefulset, when it was introduced in PR #43584.

Changelog: Extend Teleport ability to use non-default cluster domains in Kubernetes, avoiding the assumption of `cluster.local`.

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
@tigrato tigrato mentioned this pull request Sep 3, 2024
Merged
@tigrato
Copy link
Copy Markdown
Contributor Author

tigrato commented Sep 3, 2024

@tigrato is there a reason that this has only been added to the deployment.yaml, and not to the statefulset.yaml?

No, not at all. I though I also added it but doesn't look like the case. PR #46144 fixes it

@1st8
Copy link
Copy Markdown

1st8 commented Sep 3, 2024

Nice, thank you!

github-merge-queue Bot pushed a commit that referenced this pull request Sep 3, 2024
@tigrato
kube: expose cluster domain to statefulset pod (#46144)
1732449 
This PR corrects a typo that didn't exposed the cluster domain in the statefulset, when it was introduced in PR #43584.

Changelog: Extend Teleport ability to use non-default cluster domains in Kubernetes, avoiding the assumption of `cluster.local`.

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
tigrato added a commit that referenced this pull request Sep 3, 2024
@tigrato
kube: expose cluster domain to statefulset pod (#46144)
1004786 
This PR corrects a typo that didn't exposed the cluster domain in the statefulset, when it was introduced in PR #43584.

Changelog: Extend Teleport ability to use non-default cluster domains in Kubernetes, avoiding the assumption of `cluster.local`.

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
tigrato added a commit that referenced this pull request Sep 3, 2024
@tigrato
kube: expose cluster domain to statefulset pod (#46144)
0ee0fbd 
This PR corrects a typo that didn't exposed the cluster domain in the statefulset, when it was introduced in PR #43584.

Changelog: Extend Teleport ability to use non-default cluster domains in Kubernetes, avoiding the assumption of `cluster.local`.

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
tigrato added a commit that referenced this pull request Sep 3, 2024
@tigrato
kube: expose cluster domain to statefulset pod (#46144)
443332e 
This PR corrects a typo that didn't exposed the cluster domain in the statefulset, when it was introduced in PR #43584.

Changelog: Extend Teleport ability to use non-default cluster domains in Kubernetes, avoiding the assumption of `cluster.local`.

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
github-merge-queue Bot pushed a commit that referenced this pull request Sep 3, 2024
@tigrato
kube: expose cluster domain to statefulset pod (#46144) (#46152)
636a3ab 
This PR corrects a typo that didn't exposed the cluster domain in the statefulset, when it was introduced in PR #43584.

Changelog: Extend Teleport ability to use non-default cluster domains in Kubernetes, avoiding the assumption of `cluster.local`.

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
github-merge-queue Bot pushed a commit that referenced this pull request Sep 3, 2024
@tigrato
kube: expose cluster domain to statefulset pod (#46144) (#46151)
47fe261 
This PR corrects a typo that didn't exposed the cluster domain in the statefulset, when it was introduced in PR #43584.

Changelog: Extend Teleport ability to use non-default cluster domains in Kubernetes, avoiding the assumption of `cluster.local`.

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
github-merge-queue Bot pushed a commit that referenced this pull request Sep 3, 2024
@tigrato
kube: expose cluster domain to statefulset pod (#46144) (#46150)
685b13e 
This PR corrects a typo that didn't exposed the cluster domain in the statefulset, when it was introduced in PR #43584.

Changelog: Extend Teleport ability to use non-default cluster domains in Kubernetes, avoiding the assumption of `cluster.local`.

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marcoandredinis marcoandredinis marcoandredinis approved these changes

@webvictim webvictim webvictim approved these changes

@hugoShaka hugoShaka hugoShaka approved these changes

@rosstimothy rosstimothy rosstimothy approved these changes

+1 more reviewer

@AntonAM AntonAM AntonAM approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

discovery helm size/md

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Kubernetes Application Discovery fails when the cluster DNS suffix is not cluster.local

7 participants

@tigrato @1st8 @marcoandredinis @webvictim @AntonAM @hugoShaka @rosstimothy