From b3a0e0ac4c88b514c838dca9d9e33411abc1c4d3 Mon Sep 17 00:00:00 2001 From: Paul Gottschling Date: Tue, 24 May 2022 13:24:30 -0400 Subject: [PATCH] Hide Setup menu items based on scope (#12742) See #11383 Help ensure that no visitor to the Teleport docs site sees content that is irrelevant to their scope (e.g., Cloud, Open Source, or Enterprise) by hiding scope-irrelevant content from the navigation menu and menu pages. For pages that aren't step-by-step guides and are meant to convey general information about a Teleport edition, show these pages in all scopes so users who are curious about another scope can get the information they need. This PR focuses on the Setup section. --- docs/config.json | 19 +++++-- docs/pages/setup/deployments.mdx | 24 ++++++++ .../pages/setup/deployments/aws-terraform.mdx | 56 +++++++++++++++++-- docs/pages/setup/deployments/gcp.mdx | 34 ++++++++--- docs/pages/setup/deployments/ibm.mdx | 34 ++++++++--- docs/pages/setup/guides.mdx | 2 + .../setup/guides/joining-nodes-aws-ec2.mdx | 27 ++++++++- docs/pages/setup/operations.mdx | 16 ++++-- docs/pages/setup/operations/scaling.mdx | 32 +++++++++-- docs/pages/setup/reference.mdx | 2 + docs/pages/setup/reference/backends.mdx | 25 ++++++++- 11 files changed, 230 insertions(+), 41 deletions(-) diff --git a/docs/config.json b/docs/config.json index a63fe6981c649..302e0dab4e1df 100644 --- a/docs/config.json +++ b/docs/config.json @@ -89,18 +89,22 @@ { "title": "Deployments", "slug": "/setup/deployments/", + "hideInScopes": "cloud", "entries": [ { "title": "AWS Terraform", - "slug": "/setup/deployments/aws-terraform/" + "slug": "/setup/deployments/aws-terraform/", + "hideInScopes": "cloud" }, { "title": "GCP", - "slug": "/setup/deployments/gcp/" + "slug": "/setup/deployments/gcp/", + "hideInScopes": "cloud" }, { "title": "IBM", - "slug": "/setup/deployments/ibm/" + "slug": "/setup/deployments/ibm/", + "hideInScopes": "cloud" } ] }, @@ -110,7 +114,8 @@ "entries": [ { "title": "Scaling", - "slug": "/setup/operations/scaling/" + "slug": "/setup/operations/scaling/", + "hideInScopes": "cloud" }, { "title": "Upgrading a Cluster", @@ -166,7 +171,8 @@ }, { "title": "Joining Nodes via AWS EC2", - "slug": "/setup/guides/joining-nodes-aws-ec2/" + "slug": "/setup/guides/joining-nodes-aws-ec2/", + "hideInScopes": "cloud" }, { "title": "Using Teleport's CA with GitHub", @@ -208,7 +214,8 @@ }, { "title": "Storage Backends", - "slug": "/setup/reference/backends/" + "slug": "/setup/reference/backends/", + "hideInScopes": "cloud" }, { "title": "Networking", diff --git a/docs/pages/setup/deployments.mdx b/docs/pages/setup/deployments.mdx index c400d4be4e070..d23e6a49228f7 100644 --- a/docs/pages/setup/deployments.mdx +++ b/docs/pages/setup/deployments.mdx @@ -4,6 +4,29 @@ description: Teleport Installation and Configuration Reference Deployment Guides layout: tocless-doc --- +These guides show you how to set up a full self-hosted Teleport deployment on +the platform of your choice. + + + + + View our deployment guides as an Open Source Teleport user. + + + View our deployment guides as a Teleport Enterprise user. + + + + + + diff --git a/docs/pages/setup/deployments/aws-terraform.mdx b/docs/pages/setup/deployments/aws-terraform.mdx index 0115f50b9a368..cc51864e79699 100644 --- a/docs/pages/setup/deployments/aws-terraform.mdx +++ b/docs/pages/setup/deployments/aws-terraform.mdx @@ -5,14 +5,56 @@ h1: Running Teleport Enterprise in High Availability mode on AWS --- This guide is designed to accompany our [reference Terraform code](https://github.com/gravitational/teleport/tree/master/examples/aws/terraform/ha-autoscale-cluster#terraform-based-provisioning-example-amazon-single-ami) -and describe how to use and administrate the resulting Teleport deployment. +and describe how to manage the resulting Teleport deployment. -
-Our reference Terraform code deploys self-hosted instances of the Teleport Auth Service and Proxy Service. Since Teleport Cloud manages these services for you, users interested in Terraform should consult the following guides instead of this one: + -- To get started with Teleport and Terraform: [Terraform Provider](../guides/terraform-provider.mdx) -- For a full reference: [Terraform Provider Resources](../reference/terraform-provider.mdx) -
+Our reference Terraform code deploys self-hosted instances of the Teleport Auth +Service and Proxy Service. Since Teleport Cloud manages these services for you, +users interested in Terraform should consult the following guides instead of +this one: + + + + +Read our guide to using Teleport and Terraform + + + + +Read our Terraform provider reference + + + + +You can also view this guide as a user of another Teleport edition: + + + + + + + + + + + ## Prerequisites @@ -841,3 +883,5 @@ $ ./connect.sh proxy 1 # connect to the node $ ./connect.sh node ``` + + \ No newline at end of file diff --git a/docs/pages/setup/deployments/gcp.mdx b/docs/pages/setup/deployments/gcp.mdx index f8ab0dbe219bb..5a4db70adf05d 100644 --- a/docs/pages/setup/deployments/gcp.mdx +++ b/docs/pages/setup/deployments/gcp.mdx @@ -3,17 +3,35 @@ title: Running Teleport on GCP description: How to install and configure Gravitational Teleport on GCP for SSH and Kubernetes access. --- -We've created this guide to give customers a high level overview of how to use Teleport -on [Google Cloud](https://cloud.google.com/gcp/) (GCP). This guide provides a high level -introduction leading to a deep dive into how to setup and run Teleport in production. +We've created this guide to give customers an overview of how to use Teleport on +[Google Cloud](https://cloud.google.com/gcp/) (GCP). This guide provides a +high-level introduction to setting up and running Teleport in production. - + This guide shows you how to deploy the Auth Service and Proxy Service, which -Teleport Cloud manages for you. You can read this guide if you are interested in -learning about self-hosting Teleport on Google Cloud. +Teleport Cloud manages for you. - +You can view this guide as a user of another Teleport edition: + + + + + + + + + + + We have split this guide into: @@ -221,3 +239,5 @@ proxy_service: **4. Add Users** Follow [adding users](../../enterprise/getting-started.mdx#adding-users) or integrate with [Google Workspace](../../enterprise/sso/google-workspace.mdx) to provide SSO access. + + \ No newline at end of file diff --git a/docs/pages/setup/deployments/ibm.mdx b/docs/pages/setup/deployments/ibm.mdx index d4fb484577f43..d6a4e81d93252 100644 --- a/docs/pages/setup/deployments/ibm.mdx +++ b/docs/pages/setup/deployments/ibm.mdx @@ -3,17 +3,35 @@ title: Running Teleport on IBM Cloud description: How to install and configure Gravitational Teleport on IBM cloud for SSH and Kubernetes access. --- -We've created this guide to give customers a high level overview of how to use Teleport -on the [IBM Cloud](https://www.ibm.com/cloud). This guide provides a high level -introduction leading to a deep dive into how to setup and run Teleport in production. +We've created this guide to give customers an overview of how to use Teleport on +[IBM Cloud](https://www.ibm.com/cloud). This guide provides a high-level +introduction to setting up and running Teleport in production. - + This guide shows you how to deploy the Auth Service and Proxy Service, which -Teleport Cloud manages for you. You can read this guide if you are interested in -learning about self-hosting Teleport on IBM Cloud. +Teleport Cloud manages for you. - +You can view this guide as a user of another Teleport edition: + + + + + + + + + + + We have split this guide into: @@ -198,3 +216,5 @@ the Teleport Proxy public address. # (see public_addr section below) public_addr: proxy.example.com:3080 ``` + + \ No newline at end of file diff --git a/docs/pages/setup/guides.mdx b/docs/pages/setup/guides.mdx index 2de7bd32b59c3..b001c6565395b 100644 --- a/docs/pages/setup/guides.mdx +++ b/docs/pages/setup/guides.mdx @@ -9,5 +9,7 @@ layout: tocless-doc - [Fluentd Event Forwarder](./guides/fluentd.mdx). Forwarding events with Fluentd and the Teleport Events Handler. - [EC2 tags as Teleport Nodes](./guides/ec2-tags.mdx). How to set up Teleport Node labels based on EC2 tags. - [Joining Nodes via AWS IAM Role](./guides/joining-nodes-aws-iam.mdx). Use the IAM join method to add Nodes to your Teleport cluster on AWS. + - [Joining Nodes via AWS EC2 Identity Document](./guides/joining-nodes-aws-ec2.mdx). Use the EC2 join method to add Nodes to your Teleport cluster on AWS. + - [Using Teleport's Certificate Authority with GitHub](./guides/ssh-key-extensions.mdx). Use Teleport's short-lived certificates with GitHub's Certificate Authority. diff --git a/docs/pages/setup/guides/joining-nodes-aws-ec2.mdx b/docs/pages/setup/guides/joining-nodes-aws-ec2.mdx index d9639cf59cd33..ea657e6c63340 100644 --- a/docs/pages/setup/guides/joining-nodes-aws-ec2.mdx +++ b/docs/pages/setup/guides/joining-nodes-aws-ec2.mdx @@ -7,13 +7,32 @@ This guide will explain how to use the **EC2 join method** to configure Teleport nodes and Proxies to join your Teleport cluster without sharing any secrets when they are running in AWS. - + The EC2 join method is not available in Teleport Cloud. Teleport Cloud customers can use the [IAM join method](./joining-nodes-aws-iam.mdx) or [secret tokens](../admin/adding-nodes.mdx). - +You can view this guide as a user of another Teleport edition: + + + + + + + + + + + The EC2 join method is available in self-hosted versions of Teleport 7.3+. It is available to any Teleport node or Proxy running on an EC2 instance. Only one @@ -33,7 +52,7 @@ scopeOnly There are two other AWS join methods available depending on your use case. The **IAM join method** is available in self-hosted editions of Teleport 8.3+. -It is available to any Teleport node or Proxy running anywhere with access to +It is available to any Teleport Node or Proxy running anywhere with access to IAM credentials, such as an EC2 instance with an attached IAM role. No specific permissions or IAM policy is required: an IAM role with no attached policies is sufficient. No IAM credentials are required on the Teleport Auth Service. @@ -282,3 +301,5 @@ spec: - us-west-2 aws_role: "arn:aws:iam::333333333333:role/teleport-DescribeInstances-role" ``` + + \ No newline at end of file diff --git a/docs/pages/setup/operations.mdx b/docs/pages/setup/operations.mdx index 98ba32ce96a7c..10da9c79cac00 100644 --- a/docs/pages/setup/operations.mdx +++ b/docs/pages/setup/operations.mdx @@ -11,9 +11,11 @@ For guides on the fundamentals of setting up your cluster, you should consult the [Cluster Administration Guides](./admin.mdx) section. - - How to configure Teleport for large-scale deployments. - + + + How to configure Teleport for large-scale deployments. + + Learn about how to upgrade your Teleport cluster while ensuring that components remain compatible. @@ -23,7 +25,9 @@ the [Cluster Administration Guides](./admin.mdx) section. Rotating Teleport certificate authorities. - - Migrating your Teleport cluster to single-port TLS routing mode. - + + + Migrating your Teleport cluster to single-port TLS routing mode. + + diff --git a/docs/pages/setup/operations/scaling.mdx b/docs/pages/setup/operations/scaling.mdx index 9f4332b73daa6..e2ccc7b022378 100644 --- a/docs/pages/setup/operations/scaling.mdx +++ b/docs/pages/setup/operations/scaling.mdx @@ -3,12 +3,34 @@ title: Scaling description: How to configure Teleport for large-scale deployments --- -This section covers recommended configurations for large-scale +This section explains the recommended configuration settings for large-scale deployments of Teleport. - -For Teleport Cloud customers, the settings in this guide are configured automatically. - + + +For Teleport Cloud customers, the settings in this guide are configured +automatically. + +You can view this guide as a user of another Teleport edition: + + + + + + + + + + + ## Prerequisites @@ -53,3 +75,5 @@ $ cat /proc/$(pidof teleport)/limits # Limit Soft Limit Hard Limit Units # Max open files 65536 65536 files ``` + + \ No newline at end of file diff --git a/docs/pages/setup/reference.mdx b/docs/pages/setup/reference.mdx index 084ee48ec095c..cfc5cd96bd8a5 100644 --- a/docs/pages/setup/reference.mdx +++ b/docs/pages/setup/reference.mdx @@ -26,9 +26,11 @@ layout: tocless-doc
  • [Authentication](./reference/authentication.mdx). Cluster authentication options.
    • +
  • [Backends](./reference/backends.mdx). Supported storage backends.
    • +
  • [Networking](./reference/networking.mdx). Ports, protocols and networking requirements.
    • diff --git a/docs/pages/setup/reference/backends.mdx b/docs/pages/setup/reference/backends.mdx index b56990d6178f1..a96820f4fb201 100644 --- a/docs/pages/setup/reference/backends.mdx +++ b/docs/pages/setup/reference/backends.mdx @@ -8,12 +8,31 @@ default everything is stored in a local directory at the Auth server. Integration with other storage types is implemented based on the nature of the stored data (size, read/write ratio, mutability, etc.). - + Teleport Cloud manages Auth Service and Proxy Service data for you, so there is no need to configure a backend. - +You can view this guide as a user of another Teleport edition: + + + + + + + + + + + | Data type | Description | Supported storage backends | | - | - | - | @@ -684,3 +703,5 @@ $ psql -d postgres postgres=# CREATE DATABASE teleport; postgres=# GRANT ALL PRIVILEGES ON DATABASE teleport TO dbuser; ``` + + \ No newline at end of file