sklirg
commented
1 year ago I've worked around this myself with some systemd-magic and shell scripting, but I'll gladly contribute a more permanent fix as well.
Would it make sense to simply add a variable for specifying the port, or should it be set directly to the public_addr of the proxy service if multiplexing is enabled? Or can it be omitted completely, and then the client will use the public addr, which is the case for e.g. postgres? (not specifying a postgres_public_addr will make the client use public_addr instead, iirc.)
Assylbek2002
tt0y
Expected behavior:
Being able to configure the port of the
kubernetes.public_addrexposed by proxy_service.Current behavior:
The port is hard-coded to 3026:
https://github.com/gravitational/teleport/blob/v12.3.2/assets/aws/files/bin/teleport-generate-config#L132-L147
This breaks when using multiplexing on the proxy_service, which listens on another port than 3026.
Bug details:
PROXY_MULTIPLEXINGinteleport-generate-configuration.kubectl applyand received "Unable to connect to the server: dial tcp^1: I tried to reproduce this locally by logging out and back in through tsh to get the "incorrect" public_addr, but my tsh client seemed to manage to connect correctly even though the kubernetes.public_addr was configured incorrectly. Maybe tbot and tsh are configured differently when multiplexing is configured, so that tsh "understands" that all "public_addr"s should point to the same port, but tbot doesn't? I didn't dig into this in detail because of the ongoing issue.