Skip to main content
The Tempest Kubernetes App enables management of Kubernetes applications and resources, with capabilities for both new deployments and importing existing resources for centralized management. For detailed information about each resource, see the Resources section below.

Authentication

Currently supports public Kubernetes clusters via kubeconfig. Support for private clusters coming soon.

Kubeconfig Authentication

  • Cluster API must be publicly accessible (typical for GKE and EKS clusters)
  • Dedicated service account with long-lived token
1

Create Service Account

apiVersion: v1
kind: ServiceAccount
metadata:
  name: <service_account_name>
  namespace: <your_namespace>
Apply with: kubectl apply -f sa.yaml
2

Create Service Account Token

apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
  name: <token_name>
  namespace: <your_namespace>
  annotations:
    kubernetes.io/service-account.name: <service_account_name>
Apply with: kubectl apply -f sa_token.yaml
3

Bind to Cluster Role

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: <service_account_name>
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: <service_account_name>
    namespace: <your_namespace>
Apply with: kubectl apply -f crb.yaml
4

Get Token

Retrieve token: kubectl get secret <token_name> -o jsonpath='{.data.token}' | base64 --decode
5

Create Kubeconfig

apiVersion: v1
clusters:
  - cluster: { your_cluster_information }
    name: <your_cluster_name>
contexts:
  - context:
      cluster: <your_cluster_name>
      user: <service_account_name>
    name: <your_cluster_name>
current-context: <your_cluster_name>
kind: Config
preferences: {}
users:
  - name: <service_account_name>
    user:
      token: <token_data>
1

Access Recipes

Navigate to Recipes and create or select a recipe
2

Add Kubernetes Resource

Add or select a Kubernetes resource
3

Link Credentials

Click “Add credentials” then “+Link credentials”
4

Select Kubeconfig

Choose “Kubeconfig” authentication
5

Name Credentials

Enter an identifier for these credentials
6

Upload Configuration

Upload your kubeconfig file

Resources

Application

Deploy containerized applications in Kubernetes. Configuration options:
  • Name and image specification
  • Gateway class selection
  • Resource allocation:
  • CPU (100m-1)
  • Memory (256Mi-2Gi)
  • Storage (1Gi-10Gi)
  • Replica count
  • Port configuration
Properties:
  • Namespace location
  • Resource relationships
  • Primary address

Importable Resources

Tempest can import existing Kubernetes resources for centralized management:
  • ConfigMaps
  • Deployments
  • Gateways
  • Ingresses
  • Replicasets
  • Secrets
  • Services
Properties for imported resources:
  • Resource name
  • Namespace
  • Configuration data (except Secrets)
  • Resource relationships
I