Hello, and welcome to SPIRE examples!
This repository houses various SPIFFE/SPIRE deployment and integration examples. All examples are self contained, and come with instructions on how to use them.
The SPIRE project is growing rapidly, and new features are released often. In order to ensure the accuracy of accompanying documentation, each example is written against a specific version of SPIRE. All examples are regularly tested against the stated SPIRE version, but are likely to work with newer versions as well.
Examples showing how SPIRE integrates with Envoy.
- Envoy SDS Integration Use SPIRE to deliver and rotate X509-SVIDs for Envoy
Examples showing how to deploy SPIRE on Kubernetes. There are several configuration possibilities.
- Simple PSAT - This is a simple configuration using the Kubernetes projected service account token (PSAT) attestor.
- Postgres - This expands on the Simple PSAT configuration by moving the SPIRE datastore into a Postgres StatefulSet. The SPIRE server is now a stateless Deployment that can be scaled.
- Kustomize - A set of SPIRE examples using Kustomize as shown at the SPIFFE Community Day in May 2019.
Examples showing how to deploy SPIRE on Amazon EKS.
- EKS-based SAT - This slightly modifies the Kubernetes Simple PSAT configuration to make it compatible with EKS platform.
Examples showing how to start up SPIRE services using SystemD
- SystemD SPIRE services managed by SystemD
If you have any questions on the above examples, or anything else related to deploying or maintaining SPIRE, please feel free to either open an issue or ask in #help on our Slack.
