teleport

mirror of https://github.com/gravitational/teleport synced 2024-10-22 10:13:21 +00:00

History

Ev Kontsevoy be52971437 Terminal resizing in the UI works for remote clusters Fixes #778		2017-02-24 22:04:59 -08:00
..
.bashrc	Updated docker-based example	2017-02-23 21:45:13 -08:00
.dockerignore	Created Docker-based test bed	2017-02-18 22:06:12 -08:00
.gitignore	Created Docker-based test bed	2017-02-18 22:06:12 -08:00
.screenrc	Minor dockerile/make changes	2017-02-23 17:00:56 -08:00
Dockerfile	Minor dockerile/make changes	2017-02-23 17:00:56 -08:00
Makefile	Updated docker-based example	2017-02-23 21:45:13 -08:00
one.yaml	Terminal resizing in the UI works for remote clusters	2017-02-24 22:04:59 -08:00
README.md	Minor dockerile/make changes	2017-02-23 17:00:56 -08:00
two-auth.yaml	Terminal resizing in the UI works for remote clusters	2017-02-24 22:04:59 -08:00
two-node.yaml	Updated docker-based example	2017-02-23 21:45:13 -08:00
two-proxy.yaml	Created Docker-based test bed	2017-02-18 22:06:12 -08:00

README.md

Docker

This directory contains Docker-based flow to run Teleport clusters locally for testing & development purposes.

Building

First, you need to build teleport:latest Docker image. This image is built automatically when you type make BUT...

But you have to build the base image first, by running make -C build.assets from $GOPATH/github.com/gravitational/teleport (repository base dir).

Starting

Type:

$ make

This will start two Teleport clusters:

Single-node cluster one, accessible now on https://localhost:3080
Three-node cluster two, accessible now on https://localhost:5080

Stopping

Type:

$ make stop

Configuration

Look at the Makefile: the containers are started with their /var/lib/teleport mounted to data/one or data/two on a host.

The configuration is passed via YAML files located in /teleport/docker/xxx.yaml inside each container.

The cluster data is preserved between restarts, so you can link these two clusters (make them "trusted") by placing certificates within data and updating the config files.

Using TCTL

To add users to any of the clusters, you have to "enter" into the running containers of their auth servers and use tctl there.

For cluster "one":

$ make enter-one

and then you'll find yourself inside a container where teleport auth daemon is running, try ps -ef for example and you'll get something like this:

container(one) /teleport: ps -ef
UID        PID  PPID  C STIME TTY          TIME CMD
root         1     0 40 06:04 ?        00:00:06 build/teleport start -c /teleport/docker/one.yaml
root        13     0  0 06:04 ?        00:00:00 /bin/bash
root        19    13  0 06:04 ?        00:00:00 ps -ef

For cluster "two":

$ make enter-two

... and then you can use stuff like tctl users add, etc. Make sure to pass the YAML file to tctl via -c flag.

Interactive Usage

Also you can start an empty container from which you can manually invoke teleport start. This is similar to launching an empty Linux VM with a Teleport binary.

To get shell inside the same "one" (single-node cluster) container without Teleport running:

$ make shell

NOTE: If you get "network already exists" error, do make stop first.

Once inside, you'll get the same /var/lib/teleport as "one", so you can start (and even build) teleport daemon manually. This container also comes with a fully configured screen so you can treat it as a real VM.