Hello,
I have deployed teleport proxy and auth in k8s pod. All is well except I need to tctl create github.yaml. How can I do this? I tried adding
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "tctl create -f /etc/teleport/github.yaml"]
to my deployment, however it fails with:
tctl must be either used on the auth server or provided with the identity file via --identity flag
How can I apply auth configs to a pod running teleport?
SImply, you need to do something like kubectl exec -it teleport-pod tctl create -f /etc/teleport/github.yaml
You can try adding a sleep 3 or something to the beginning of your command in case Teleport is taking a little time to start, causing the issue.
The behaviour of the tctl command is that it will read your /etc/teleport.yaml file by default to find the path to your Teleport database (which is under /var/lib/teleport by default) and then attempt to make changes there. If it can’t find the database then you’ll get an error similar to the above. You can get DEBUG level logging with tctl -d create -f /etc/teleport/github.yaml which may help you figure out what’s going on.