From 0f1e890f9b84aa382e211b0ac729983fa55021c0 Mon Sep 17 00:00:00 2001 From: Gus Luxton Date: Thu, 19 Sep 2024 15:01:54 -0300 Subject: [PATCH 1/5] docs: Add troubleshooting step around case-insensitive routing to Ansible guides --- .../machine-id/access-guides/ansible.mdx | 29 ++++++++++++++++ .../server-access/guides/ansible.mdx | 33 +++++++++++++++++-- 2 files changed, 60 insertions(+), 2 deletions(-) diff --git a/docs/pages/enroll-resources/machine-id/access-guides/ansible.mdx b/docs/pages/enroll-resources/machine-id/access-guides/ansible.mdx index f078368c40d1..33d4229e2772 100644 --- a/docs/pages/enroll-resources/machine-id/access-guides/ansible.mdx +++ b/docs/pages/enroll-resources/machine-id/access-guides/ansible.mdx @@ -216,6 +216,35 @@ If `ssh` works, try running the playbook with verbose mode on: $ ansible-playbook -vvv playbook.yaml ``` +If your hostnames contain uppercase characters (like `MYHOSTNAME`), please note that Teleport's internal hostname matching +is case-sensitive by default, which can also lead to seeing this error. + +If this is the case, you can work around this by enabling case-insensitive routing at the cluster level. + + + + +Edit your `/etc/teleport.yaml` config file on all servers running the Teleport `auth_service`, then restart Teleport on each. + +```yaml +auth_service: + authentication: + case_insensitive_routing: true +``` + + + + +Run `tctl edit cluster_auth_preference` to add the following specification, then save and exit. + +```yaml +spec: + case_insensitive_routing: true +``` + + + + ## Next steps - Read the [configuration reference](../../../reference/machine-id/configuration.mdx) to explore diff --git a/docs/pages/enroll-resources/server-access/guides/ansible.mdx b/docs/pages/enroll-resources/server-access/guides/ansible.mdx index 0d3d239fd4ba..7b844f9ec62a 100644 --- a/docs/pages/enroll-resources/server-access/guides/ansible.mdx +++ b/docs/pages/enroll-resources/server-access/guides/ansible.mdx @@ -87,7 +87,7 @@ to a valid SSH username that works with the target host and is allowed by Telepo From the folder `ansible`, run the ansible playbook: ```code -$ ansible-playbook playbook.yaml +$ ansible-playbook playbook.yaml # PLAY [all] ***************************************************************************************************************************************** # TASK [Gathering Facts] ***************************************************************************************************************************** @@ -106,7 +106,7 @@ all ansible commands in the audit log. ## Troubleshooting -In case if ansible can not connect, you may see error like this one: +In cases where Ansible cannot connect, you may see an error like this: ```txt example.host | UNREACHABLE! => { @@ -129,3 +129,32 @@ If `ssh` works, try running the playbook with verbose mode on: ```code $ ansible-playbook -vvvv playbook.yaml ``` + +If your hostnames contain uppercase characters (like `MYHOSTNAME`), please note that Teleport's internal hostname matching +is case-sensitive by default, which can also lead to seeing this error. + +If this is the case, you can work around this by enabling case-insensitive routing at the cluster level. + + + + +Edit your `/etc/teleport.yaml` config file on all servers running the Teleport `auth_service`, then restart Teleport on each. + +```yaml +auth_service: + authentication: + case_insensitive_routing: true +``` + + + + +Run `tctl edit cluster_auth_preference` to add the following specification, then save and exit. + +```yaml +spec: + case_insensitive_routing: true +``` + + + \ No newline at end of file From dba032d7124f7dca2b5892e434d694e60c3bff73 Mon Sep 17 00:00:00 2001 From: Gus Luxton Date: Thu, 19 Sep 2024 15:35:13 -0300 Subject: [PATCH 2/5] Fix config levels --- .../enroll-resources/machine-id/access-guides/ansible.mdx | 5 ++--- docs/pages/enroll-resources/server-access/guides/ansible.mdx | 5 ++--- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/docs/pages/enroll-resources/machine-id/access-guides/ansible.mdx b/docs/pages/enroll-resources/machine-id/access-guides/ansible.mdx index 33d4229e2772..634ce663aa2e 100644 --- a/docs/pages/enroll-resources/machine-id/access-guides/ansible.mdx +++ b/docs/pages/enroll-resources/machine-id/access-guides/ansible.mdx @@ -228,14 +228,13 @@ Edit your `/etc/teleport.yaml` config file on all servers running the Teleport ` ```yaml auth_service: - authentication: - case_insensitive_routing: true + case_insensitive_routing: true ``` -Run `tctl edit cluster_auth_preference` to add the following specification, then save and exit. +Run `tctl edit cluster_networking_config` to add the following specification, then save and exit. ```yaml spec: diff --git a/docs/pages/enroll-resources/server-access/guides/ansible.mdx b/docs/pages/enroll-resources/server-access/guides/ansible.mdx index 7b844f9ec62a..27d07dceb3fc 100644 --- a/docs/pages/enroll-resources/server-access/guides/ansible.mdx +++ b/docs/pages/enroll-resources/server-access/guides/ansible.mdx @@ -142,14 +142,13 @@ Edit your `/etc/teleport.yaml` config file on all servers running the Teleport ` ```yaml auth_service: - authentication: - case_insensitive_routing: true + case_insensitive_routing: true ``` -Run `tctl edit cluster_auth_preference` to add the following specification, then save and exit. +Run `tctl edit cluster_networking_config` to add the following specification, then save and exit. ```yaml spec: From eb49d44ba7a300b47ebe9afe27b5fed7a3dcefe8 Mon Sep 17 00:00:00 2001 From: Gus Luxton Date: Thu, 19 Sep 2024 17:28:38 -0300 Subject: [PATCH 3/5] Update ansible.mdx Co-authored-by: Paul Gottschling --- .../pages/enroll-resources/machine-id/access-guides/ansible.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/pages/enroll-resources/machine-id/access-guides/ansible.mdx b/docs/pages/enroll-resources/machine-id/access-guides/ansible.mdx index 634ce663aa2e..92518e21d4e7 100644 --- a/docs/pages/enroll-resources/machine-id/access-guides/ansible.mdx +++ b/docs/pages/enroll-resources/machine-id/access-guides/ansible.mdx @@ -217,7 +217,7 @@ $ ansible-playbook -vvv playbook.yaml ``` If your hostnames contain uppercase characters (like `MYHOSTNAME`), please note that Teleport's internal hostname matching -is case-sensitive by default, which can also lead to seeing this error. +is case sensitive by default, which can also lead to seeing this error. If this is the case, you can work around this by enabling case-insensitive routing at the cluster level. From caac2fbe100569d8c56395b7916ed95d4b555f81 Mon Sep 17 00:00:00 2001 From: Gus Luxton Date: Thu, 19 Sep 2024 17:28:44 -0300 Subject: [PATCH 4/5] Update ansible.mdx Co-authored-by: Paul Gottschling --- docs/pages/enroll-resources/server-access/guides/ansible.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/pages/enroll-resources/server-access/guides/ansible.mdx b/docs/pages/enroll-resources/server-access/guides/ansible.mdx index 27d07dceb3fc..62d2327f66b6 100644 --- a/docs/pages/enroll-resources/server-access/guides/ansible.mdx +++ b/docs/pages/enroll-resources/server-access/guides/ansible.mdx @@ -131,7 +131,7 @@ $ ansible-playbook -vvvv playbook.yaml ``` If your hostnames contain uppercase characters (like `MYHOSTNAME`), please note that Teleport's internal hostname matching -is case-sensitive by default, which can also lead to seeing this error. +is case sensitive by default, which can also lead to seeing this error. If this is the case, you can work around this by enabling case-insensitive routing at the cluster level. From 2581daea61c773e03639f414f6c39735edcacf59 Mon Sep 17 00:00:00 2001 From: Gus Luxton Date: Thu, 19 Sep 2024 17:30:18 -0300 Subject: [PATCH 5/5] Whitelist word for spell checker --- docs/cspell.json | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/cspell.json b/docs/cspell.json index f5b4c50d69f0..7d5437f292cb 100644 --- a/docs/cspell.json +++ b/docs/cspell.json @@ -129,6 +129,7 @@ "Mqgcq", "Multifactor", "Multihost", + "MYHOSTNAME", "Mzgz", "NOFILE", "NOKEY",