periscopev1.1.6

Periscope documentation.

Install, configure, and operate your fleet. Written for the platform engineer who has to run it on Monday.

Deploy guideOnboard a clusterAuth0 setupSource

— Start here

01

Deploy

Helm chart from ghcr.io as an OCI artifact, signed with cosign. Pod Identity / IRSA wiring, OIDC client setup, ingress + TLS.

  • OCI install
  • Pod Identity
  • Secret modes
02

Onboard

Add managed clusters via the agent tunnel. UI flow + CLI flow + 3 deployment topologies (NLB / ALB / nginx-passthrough).

  • UI-driven
  • CLI-driven
  • Topologies
03

Auth0

OIDC tenant setup. Client config, callback URLs, group claims, token lifetimes. Mirrors the Okta path 1:1.

  • Tenant
  • Group claims
  • Verify

Architecture

Periscope architecture overview — design notes for contributorsAgent tunnelWatch streams

RFCs

RFC 0001 — Pod Exec SupportRFC 0002 — OIDC Login + Per-User K8s AuthorizationRFC 0003 — Audit Log: Schema and Retention SemanticsRFC 0004 — Exec over the agent tunnel: validation harness

Security

RBAC posture for security review

Getting Started

Install Periscope on Kubernetes — Helm guidePer-cluster RBAC for Periscope — shared, tier, raw modesAuth0 SSO for Periscope — Kubernetes dashboard OIDC setupOkta SSO for Periscope — Kubernetes dashboard OIDC setupConnect a Kubernetes cluster via the Periscope agentAudit logPod execCluster shellNode shell (SSM)Helm release browserWatch streams (real-time list updates)NetworkPolicyApply YAMLWorkload rollbackEKS managed add-onsEKS upgrade readinessPeriscope Helm values reference — every chart optionEnvironment variablesTroubleshooting

Operator Guide

Cluster overviewNodesWorkloadsEventsNetworkPoliciesStorage (PVs, PVCs, StorageClasses)Custom Resources (CRDs)Form-mode editor for ConfigMap, Secret, Service, IngressKarpenter dashboard — NodePools, NodeClaims, pending podsCVE dashboard for EKS pods — Amazon Inspector v2 integrationCluster shellNode shell