Gravitational Teleport error on adding remote nodes

6.1k views Asked by At

Just installed for the first time Teleport (ver. 8.0.1) on an Ubuntu 20.04 VM. I'm able to login into the web UI. Now I'm trying to add a remote node to the main server (bastion). Following the docs, when trying to add node, this error shows up:

INFO [PROC:1] Connecting to the cluster NODE1 with TLS client certificate. service/connect.go:132
ERRO [PROC:1] Node failed to establish connection to cluster: Failed to connect to Auth Server directly or over tunnel, no methods remaining.. service/connect.go:68

BTW, there's no firewall enabled (neither system nor cloud firewall).

To add a node, I did the following:

  1. SSH into bastion server and ran: tctl tokens add --type=node
  2. SSH into node server and ran: sudo teleport start --roles=node --token=XXX --ca-pin=XXX --auth-server=SERVER_FQDN_NAME:3025

Is this the proper way to add a node? (the official docs are quite confusing... some say that this last command should be performed in the bastion host, some other say in the node host... and also pointing to different ports 3025 in this case or 443 in others)

1

There are 1 answers

4
Roberto Jobet On BEST ANSWER

The right command to issue on the node server is: sudo teleport start --roles=node --auth-server=https://your.domain.tld:443 --token=TOKEN

Port 3025 should be used only when installing both the Teleport bastion (master) and the Teleport node on a virtual private network (like AWS VPC).