This is an example for Teleport setup running on Kubernetes.
- docker
- k3d
- First create a cluster:
make k8s-cluster- Deploy Teleport with its dependencies:
make k8s-up- Deploy the new role:
kubectl apply -f infra/teleport/roles/deployer.yaml- Deploy the user eden and give the deployer role:
kubectl apply -f infra/teleport/users/eden.yamlSend an invitation link to eden for reset the password.
AUTH_POD=$(kubectl -n teleport get po -l app=teleport-cluster -o jsonpath='{.items[0].metadata.name}')
kubectl -n teleport exec -it "$AUTH_POD" -c teleport -- tctl users reset eden --ttl 8h- Fix the issue of attempting to login from the tsh to the cluster, even with
--insecureflag, resulting in:
ERROR REPORT:
Original Error: trace.aggregate connection error: desc = "transport: Error while dialing: failed to dial: tls: failed to verify certificate: x509: certificate signed by unknown authority"
Stack Trace:
github.com/gravitational/teleport/lib/client/api.go:4109 github.com/gravitational/teleport/lib/client.(*TeleportClient).ConnectToRootCluster
github.com/gravitational/teleport/tool/tsh/common/tsh.go:1915 github.com/gravitational/teleport/tool/tsh/common.onLogin
github.com/gravitational/teleport/tool/tsh/common/tsh.go:1331 github.com/gravitational/teleport/tool/tsh/common.Run
github.com/gravitational/teleport/tool/tsh/common/tsh.go:548 github.com/gravitational/teleport/tool/tsh/common.Main
github.com/gravitational/teleport/tool/tsh/main.go:24 main.main
runtime/proc.go:267 runtime.main
runtime/asm_arm64.s:1197 runtime.goexit
User Message: connection error: desc = "transport: Error while dialing: failed to dial: tls: failed to verify certificate: x509: certificate signed by unknown authority
- Try out new cluster auto discovery feature
- Explore also standalone servers auto discovery feature