Authentication
Currently supports public Kubernetes clusters via kubeconfig. Support for private clusters coming soon.
Kubeconfig Authentication
Prerequisites
Prerequisites
- Cluster API must be publicly accessible (typical for GKE and EKS clusters)
- Dedicated service account with long-lived token
Generate Kubeconfig for Tempest
Generate Kubeconfig for Tempest
1
Create Service Account
kubectl apply -f sa.yaml
2
Create Service Account Token
kubectl apply -f sa_token.yaml
3
Bind to Cluster Role
kubectl apply -f crb.yaml
4
Get Token
Retrieve token:
kubectl get secret <token_name> -o jsonpath='{.data.token}' | base64 --decode
5
Create Kubeconfig
Connect to Tempest
Connect to Tempest
1
Access Recipes
Navigate to Recipes and create or select a recipe
2
Add Kubernetes Resource
Add or select a Kubernetes resource
3
Link Credentials
Click “Add credentials” then “+Link credentials”
4
Select Kubeconfig
Choose “Kubeconfig” authentication
5
Name Credentials
Enter an identifier for these credentials
6
Upload Configuration
Upload your kubeconfig file
Resources
Application
Deploy containerized applications in Kubernetes. Configuration options:- Name and image specification
- Gateway class selection
- Resource allocation:
- CPU (100m-1)
- Memory (256Mi-2Gi)
- Storage (1Gi-10Gi)
- Replica count
- Port configuration
- Namespace location
- Resource relationships
- Primary address
Importable Resources
Tempest can import existing Kubernetes resources for centralized management:- ConfigMaps
- Deployments
- Gateways
- Ingresses
- Replicasets
- Secrets
- Services
- Resource name
- Namespace
- Configuration data (except Secrets)
- Resource relationships