You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While prepping for a webinar, I'm running into a few of the same issues as this ticket "Ability to dynamically add and remove apps under Kubernetes" #4705 but for Database Access.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
While prepping for a webinar, I'm running into a few of the same issues as this ticket "Ability to dynamically add and remove apps under Kubernetes" #4705 but for Database Access.
Current 'Day 2' CA Issue:
Obtaining and Rotating Teleport's Certificates for database access. We are currently recommend customers to
$ tctl auth sign --format=db --host=db.example.com --out=server --ttl=8760h. As we move to recommending short lived certs Stop recommending long lived creds #5978 we can store these as Kubernetes Secrets, https://kubernetes.io/docs/concepts/configuration/secret/ but what do we do when if a customer rotates the CA? Maybe we include this in Operator for deploying a Teleport Cluster #6050How to deploy the database agent? A: This is easily resolved using https://github.com/gravitational/teleport/tree/master/examples/chart/teleport-kube-agent#database-access, but skips over the step for setting up MySQL https://goteleport.com/docs/database-access/guides/mysql-self-hosted/#configure-mysql-server
Beta Was this translation helpful? Give feedback.
All reactions