Skip to content

Commit

Permalink
Respond to feedback
Browse files Browse the repository at this point in the history
- Tweak API wording.
- Remove the usage of "data plane".
- Correct item re: `tbot` join methods.
  • Loading branch information
ptgott committed Sep 17, 2024
1 parent b76ef14 commit 32689eb
Showing 1 changed file with 12 additions and 18 deletions.
30 changes: 12 additions & 18 deletions docs/pages/reference/architecture/architecture.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -9,15 +9,10 @@ page, which describes the components of a Teleport cluster.

## Teleport control plane

Teleport consists of a **control plane** that runs the Teleport Auth Service and
Teleport Proxy Service, and a **data plane** that consists of Teleport Agents,
Machine ID Bots, and Auth Service API clients like the Event Handler and Access
Request plugins. The data plane communicates with both your infrastructure and
the control plane. Your infrastructure communicates only with the data plane.

On Teleport Enterprise (Cloud), the control plane is fully managed on Teleport
infrastructure. Read about [Teleport Enterprise (Cloud)
Architecture](teleport-cloud-architecture.mdx).
The Teleport **control plane** consists of the Teleport Auth Service and
Teleport Proxy Service. On Teleport Enterprise (Cloud), the control plane is
fully managed on Teleport infrastructure. Read about [Teleport Enterprise
(Cloud) Architecture](teleport-cloud-architecture.mdx).

### Teleport Auth Service

Expand All @@ -40,7 +35,7 @@ For more information about the Teleport Auth Service, read the following guides:

### Teleport Proxy Service

The Teleport Proxy Service enables components in the Teleport data plane to
The Teleport Proxy Service enables components in a Teleport cluster to
communicate securely with the Teleport Auth Service. With the Proxy Service,
users can use the public internet to access infrastructure in private networks.

Expand Down Expand Up @@ -77,7 +72,7 @@ infrastructure resources with a Teleport cluster:
### Teleport Agents

Teleport Agents proxy traffic from users to resources in your infrastructure.
Agents are instances of the `teleport` binary configured to run data plane
Agents are instances of the `teleport` binary configured to run certain
services, e.g., the Teleport SSH Service and Teleport Kubernetes Service, and
administrators deploy Agents on their own infrastructure.

Expand All @@ -88,17 +83,16 @@ deny access to a resource.

Agents must establish trust with the Teleport Auth Service when first joining a
cluster, and there is are [variety of
methods](../enroll-resources/agents/join-services-to-your-cluster.mdx) that
methods](../../enroll-resources/agents/join-services-to-your-cluster.mdx) that
Agents use for this.

Read more about [Teleport Agent Architecture](agents.mdx). You can also read
about the architecture of Teleport Agent features:
Read about the architecture of Teleport Agent features:

- [Automatic Agent updates](agent-update-management.mdx): How a
Teleport cluster ensures that Agents run the most up-to-date version of the
`teleport` binary.
- [Automatically discovering Kubernetes
applications](docs/pages/reference/architecture//kubernetes-applications-architecture.mdx):
applications](../../reference/architecture//kubernetes-applications-architecture.mdx):
The Teleport Discovery Service queries your Kubernetes cluster and registers
applications with the Teleport Auth Service.
- [Session recordings](session-recording.mdx): Teleport Agents record user
Expand All @@ -113,9 +107,9 @@ assigned Teleport roles.

Instances of the `tbot` binary communicate with the Teleport Auth Service to
continuously refresh credentials. As with Agents, administrators must deploy
`tbot` on their own infrastructure, including on CI/CD platforms such as GitHub
Actions. The [join methods](../enroll-resources/machine-id/deployment.mdx) for
`tbot` differ from those for Agents.
`tbot` instances on their own infrastructure, including on CI/CD platforms such
as GitHub Actions, and [join
them](../../enroll-resources/machine-id/deployment.mdx) to a cluster.

Read more about [Machine ID Architecture](machine-id-architecture.mdx).

Expand Down

0 comments on commit 32689eb

Please sign in to comment.