Teleport service not running on node

Tek · May 17, 2019, 10:38am

Hello Team,

I am beginner in teleport. Yesterday i have started working over it. I am taking the help of teleport documentation.

When i am running below command on node then its showing under Cluster:

teleport start --roles=node --token=n92bb958ce97f761da978d08c35c54a5c --auth-server=10.0.10.1

But when i terminated it using ctrl+c its quit and after that i am trying to start it using below command:

systemctl start teleport.service

but its not starting and getting below error in syslog:

May 17 09:48:36 ubuntu-s-1vcpu-1gb-blr1-01 teleport[6171]: ERRO [AUTH]      "failed to retrieve client pool: \nERROR REPORT:\nOriginal Error: *trace.NotFoundError key \"teleport\" is not found\nStack Trace:\n\t/gopath/src/github.com/gravitational/teleport/lib/backend/dir/impl.go:307 github.com/gravitational/teleport/lib/backend/dir.(*Backend).GetVal\n\t/gopath/src/github.com/gravitational/teleport/lib/backend/sanitize.go:131 github.com/gravitational/teleport/lib/backend.(*Sanitizer).GetVal\n\t/gopath/src/github.com/gravitational/teleport/lib/services/local/trust.go:170 github.com/gravitational/teleport/lib/services/local.(*CA).GetCertAuthority\n\t/gopath/src/github.com/gravitational/teleport/lib/auth/auth.go:706 github.com/gravitational/teleport/lib/auth.(*AuthServer).ClientCertPool\n\t/gopath/src/github.com/gravitational/teleport/lib/auth/middleware.go:141 github.com/gravitational/teleport/lib/auth.(*TLSServer).GetConfigForClient\n\t/gopath/src/github.com/gravitational/teleport/lib/auth/middleware.go:110 github.com/gravitational/teleport/lib/auth.(*TLSServer).GetConfigForClient-fm\n\t/opt/go/src/crypto/tls/handshake_server.go:129 crypto/tls.(*serverHandshakeState).readClientHello\n\t/opt/go/src/crypto/tls/handshake_server.go:47 crypto/tls.(*Conn).serverHandshake\n\t/opt/go/src/crypto/tls/conn.go:1274 crypto/tls.(*Conn).Handshake\n\t/opt/go/src/net/http/server.go:1762 net/http.(*conn).serve\n\t/opt/go/src/runtime/asm_amd64.s:1334 runtime.goexit\nUser Message: key \"teleport\" is not found\n" auth/middleware.go:145
May 17 09:48:36 ubuntu-s-1vcpu-1gb-blr1-01 teleport[6171]: ERRO [PROC:1]    Critical service ssh.node has exited with error Get https://teleport.cluster.local/v2/namespaces/default: x509: certificate signed by unknown authority, aborting. service/signals.go:149
May 17 09:48:36 ubuntu-s-1vcpu-1gb-blr1-01 teleport[6171]: error: Get https://teleport.cluster.local/v2/namespaces/default: x509: certificate signed by unknown authority

I have some other few question also. If you can help me to find out the answer of these question it will be very helpful for me:

How we can create multiple cluster in teleport?
How we can add a node in specific cluster?
How we can define that a user will have access over specific node from number of nodes in a cluster ?
I didn’t found teleport.yaml file in /etc/ directory.

Thanks in advance.

sasha · May 17, 2019, 8:36pm

Hey, thanks for giving Teleport a try! Can you tell us a bit more about your configuration?

Teleport version
Configuration file if any
Systemd file contents

Tek · May 20, 2019, 12:40pm

Hello Sasha,

Thank you for your response.

Please find the requested details:
Teleport Version:- Teleport v3.2.4 git:v3.2.4-0-g339827c6 go1.11.5
Configuration file:- There was no default teleport.yaml file available on system. It is created manually by me at /etc/teleport.yaml.
Systemd file contenet: /etc/systemd/system/teleport.service

[Unit]
Description=Teleport SSH Service
After=network.target 

[Service]
Type=simple
Restart=on-failure
ExecStart=/usr/local/bin/teleport start --pid-file=/var/run/teleport.pid
ExecReload=/bin/kill -HUP $MAINPID
PIDFile=/var/run/teleport.pid

[Install]
WantedBy=multi-user.target

When i am using the below command the service is started

teleport start --config /etc/teleport.yaml --auth-server=x.y.z:3025

But its starting in frontend when i am pressing ctrl+c service is terminating. How we can run the service as systemd so it can run all time? If i run it in background then it will be stopped whenever system is rebooted and need to start manually again.

Please help me.

Tek · May 29, 2019, 4:35am

Hello Team,

Can you please help me on above issue?

Thanks.

gus · May 31, 2019, 5:39pm

If that systemd unit file is installed, you should be able to run Teleport with sudo systemctl start teleport.service.

You can configure systemd to run Teleport when the system reboots by using sudo systemctl enable teleport.service