dirien/teleport.md

## teleport.md

      
    Raw
  

              teleport.md
            
          
    Install teleport on Civo Instance

civo sshkey create key -k key.pub
Created an SSH key called key with ID 368a2903-92af-435b-aca4-6f361f409f37

civo instance create -i g3.medium -k 368a2903-92af-435b-aca4-6f361f409f37 -t 921fcb64-8abf-4a51-8823-027d9d75c1d4 -u root -w 
The instance late-summit has been created

ssh -i key root@<ip>

curl https://deb.releases.teleport.dev/teleport-pubkey.asc | sudo apt-key add -
sudo add-apt-repository 'deb https://deb.releases.teleport.dev/ stable main'
sudo apt-get update
sudo apt-get install teleport

sudo teleport configure --acme --acme-email=your-email@example.com --cluster-name=tele.example.com -o file

tee /etc/systemd/system/teleport.service <<EOF
[Unit]
Description=Teleport Server
Documentation=https://goteleport.com/docs/getting-started/linux-server/

[Service]
WorkingDirectory=/
Type=simple
ExecStart=teleport start

Restart=on-failure
RestartSec=5

[Install]
WantedBy=multi-user.target
EOF

systemctl restart teleport.service
systemctl enable teleport.service

tctl users add teleport-admin --roles=editor,access --logins=root,ubuntu
Create 3 Cluster

cluster - Scaleway

scw k8s cluster create name=scaleway-cluster ingress=none pools.0.size=1 pools.0.node-type=DEV1-M pools.0.name=default

scw k8s kubeconfig install ef105cb1-6a8f-4a2c-9257-ab74b342655d
Kubeconfig for cluster ef105cb1-6a8f-4a2c-9257-ab74b342655d successfully written at /Users/dirien/.kube/config
On the teleport root server
TOKEN=$(tctl nodes add --roles=kube --ttl=10000h --format=json | jq -r '.[0]')
echo $TOKEN
On your client:
CLUSTER='scaleway-civo'
PROXY=teleport.ediri.online:443
TOKEN=xxx

helm upgrade -i teleport-agent teleport/teleport-kube-agent --set kubeClusterName=$CLUSTER --set proxyAddr=$PROXY --set authToken=$TOKEN --create-namespace --namespace=teleport-agent
Civo

civo k3s create civo-cluster --nodes=1 --size=g3.k3s.large
civo k3s config civo-cluster --save --merge
helm upgrade -i teleport-agent teleport/teleport-kube-agent --set kubeClusterName=$CLUSTER --set proxyAddr=$PROXY --set authToken=$TOKEN --create-namespace --namespace=teleport-agent
Check the Clusters

Create a new user, with only acces rights.
tsh login --proxy=teleport.ediri.online --user=viwer


tsh kube ls
Kube Cluster Name Selected
----------------- --------
civo-cluster
scaleway-civo

tsh kube login civo-cluster