Add a guide for economic buyers (#42460)

* Add a guide for economic buyers Introduce the three Teleport products, spell out use cases, and provide a very brief architectural overview. In each section that describes a product, include links to relevant docs guides. The plan is to feature this guide more centrally once we reorganize the docs. For now, this change adds the guide to the docs without including navigation links to make it possible to review the text. * Turn the economic buyer guide into the home page Also respond to xinding33 feedback. The economic buyer guide will serve as the home page until we have a more purpose-built home page that provides information on the three main Teleport products. Also edit the introduction to the "Teleport Agents" section to make it more immediately useful as a guide to enrolling resources with Teleport that we can link to from the "Teleport Access" discussion in the economic buyer guide. Moves the original home page to "Deploy a Cluster" as a guide to deploying a demo cluster.
gravitational · Jun 6, 2024 · 9edad29 · 9edad29
1 parent 1d74c4f
commit 9edad29
Show file tree

Hide file tree

Showing 6 changed files with 395 additions and 275 deletions.
diff --git a/docs/config.json b/docs/config.json
@@ -5,7 +5,7 @@
       "title": "Home",
       "entries": [
         {
-          "title": "Get Started with Teleport",
+          "title": "Introduction to Teleport",
           "slug": "/"
         },
         {
@@ -157,6 +157,10 @@
           "slug": "/deploy-a-cluster/introduction/",
           "forScopes": ["oss", "enterprise"]
         },
+	{
+	  "title": "Linux Demo",
+	  "slug": "/deploy-a-cluster/linux-demo/"
+	},
         {
           "title": "High Availability Deployments",
           "slug": "/deploy-a-cluster/high-availability/",
@@ -865,15 +869,15 @@
       ]
     },
     {
-      "title": "Run Teleport Agents",
+      "title": "Protect Infrastructure",
       "icon": "layers",
       "entries": [
         {
           "title": "Introduction",
           "slug": "/agents/introduction/"
         },
         {
-          "title": "Deploy via Terraform",
+          "title": "Deploy Agents via Terraform",
           "slug": "/agents/deploy-agents-terraform/"
         },
         {

diff --git a/docs/pages/agents/introduction.mdx b/docs/pages/agents/introduction.mdx
@@ -1,19 +1,40 @@
 ---
-title: "Teleport Agents"
-description: Deploy agents to enroll resources in your infrastructure with Teleport. You can run multiple Teleport services per agent."
+title: Protect Infrastructure with Teleport
+description: Deploy Agents to enroll resources in your infrastructure with Teleport. You can run multiple Teleport services per Agent."
 ---
 
-Teleport agents are Teleport instances that are configured to proxy traffic to
+You can use Teleport to protect infrastructure resources like servers and
+databases by deploying **Teleport Agents**. 
+
+Teleport Agents are Teleport instances that are configured to proxy traffic to
 resources in your infrastructure, such as servers, databases, and Kubernetes
 clusters. 
 
-This section shows you how to use Teleport agents to enable secure access to
+This section shows you how to use Teleport Agents to enable secure access to
 your infrastructure.
 
+## Enroll infrastructure resources
+
+To protect infrastructure resources with Teleport, you deploy Teleport Agents
+and configure them to proxy traffic to and from the resources.
+
+We recommend getting started with [Teleport
+Auto-Discovery](../auto-discovery/introduction.mdx), in which the Teleport
+Discovery Service registers infrastructure resources with your cluster by
+polling service discovery endpoints. For information on enrolling a specific
+type of infrastructure resource, read the following sections of the
+documentation:
+
+- [Servers](../server-access/introduction.mdx)
+- [Databases](../database-access/introduction.mdx)
+- [Kubernetes clusters](../kubernetes-access/introduction.mdx)
+- [Windows desktops](../desktop-access/introduction.mdx)
+- [Applications](../application-access/introduction.mdx)
+
 ## Architecture overview
 
-This section provides a brief outline of how Teleport agents run in a Teleport
-cluster. For more information on the architecture of Teleport agents, read
+This section provides a brief outline of how Teleport Agents run in a Teleport
+cluster. For more information on the architecture of Teleport Agents, read
 [Teleport Agent Architecture](../architecture/agents.mdx).
 
 ### Services
@@ -29,85 +50,65 @@ services are enabled by default and how to enable a particular service.
 Agents typically run in the same private networks as the resources they proxy.
 They should be the only clients that can access a resource without Teleport.
 
-In this setup, agents dial the Teleport Proxy Service in order to establish
+In this setup, Agents dial the Teleport Proxy Service in order to establish
 reverse SSH tunnels. While the Proxy Service remains open to the public internet
-via its HTTPS port, agents require no open ports or public address.
+via its HTTPS port, Agents require no open ports or public address.
 
 The Teleport Proxy Service uses these reverse tunnels to forward traffic in
-Teleport's supported protocols to an available agent. Agents apply RBAC
+Teleport's supported protocols to an available Agent. Agents apply RBAC
 rules and forward the traffic to resources in your infrastructure.
 
-![Diagram showing the architecture of an agent pool](../../img/agent-pool-diagram.png)
+![Diagram showing the architecture of an Agent pool](../../img/agent-pool-diagram.png)
 
 Read our guide for how to use Terraform to [deploy a pool of
-agents](deploy-agents-terraform.mdx). 
+Agents](deploy-agents-terraform.mdx). 
+
+## Joining Agents
 
-## Joining agents
+Teleport Agents run one or more services, such as the Teleport SSH Service and
+Teleport Database Service. To establish trust between an Agent and your Teleport
+cluster, you use one of several **join methods**. When joining an Agent, you can
+configure the services that run on the agent. You can also edit the
+configuration of an Agent to change the services that run on it.
 
 ### Initially joining a cluster
 
-Teleport agents need to establish trust with the Teleport Auth Service in order
-to join a cluster. There are several ways to join an agent to your Teleport
+Teleport Agents need to establish trust with the Teleport Auth Service in order
+to join a cluster. There are several ways to join an Agent to your Teleport
 cluster, making it possible to automate the join process for your environment.
 Read about the available join methods in our [Join Services to your
 Cluster](./join-services-to-your-cluster.mdx) guides.
 
 When a Teleport process first runs, it checks its configuration file to
 determine which services are enabled. Each service then connects separately to
 the Teleport Auth Service, which checks whether it has created a **join token**
-for that service. If so, the Auth Service issues the agent credentials signed
+for that service. If so, the Auth Service issues the Agent credentials signed
 for that service. 
 
-### Joining a new service on an existing agent
+### Joining a new service on an existing Agent
 
-The credentials that the Auth Service issues to agents are signed for specific
-services. To run new services on an agent, you must repeat the initial join
+The credentials that the Auth Service issues to Agents are signed for specific
+services. To run new services on an Agent, you must repeat the initial join
 procedure for those services.
 
-Generate a new join token for all services running on an agent, including the
-new services. Then make the new join token available to the agent. The method to
+Generate a new join token for all services running on an Agent, including the
+new services. Then make the new join token available to the Agent. The method to
 use depends on the value of either `teleport.join_params` or
-`teleport.auth_token` in the agent's configuration file:
+`teleport.auth_token` in the Agent's configuration file:
 
 - If the value of the configuration field is a token, update the token.
 - If the value is a file path, edit the file at that path to refer to the new
   token.
 
-Delete the agent's state directory, which is `/var/lib/teleport` by default.
-(Check the `teleport.data_dir` field of the agent's configuration file.) With no
-data directory, the agent will obtain its initial credentials from the Auth
+Delete the Agent's state directory, which is `/var/lib/teleport` by default.
+(Check the `teleport.data_dir` field of the Agent's configuration file.) With no
+data directory, the Agent will obtain its initial credentials from the Auth
 Service instead of reading existing credentials.
 
-Finally, restart the agent.
+Finally, restart the Agent.
 
-We recommend deploying Teleport agents via infrastructure-as-code approaches,
+We recommend deploying Teleport Agents via infrastructure-as-code approaches,
 e.g., [using a Terraform module](./deploy-agents-terraform.mdx). To modify the
-services that an agent runs, you can edit the configuration of your agents
-within your infrastructure-as-code project, then redeploy the agents.
-
-## Enrolling infrastructure
-
-There are two ways to enroll infrastructure resources with Teleport agents:
-
-- **Static**: Edit an agent's configuration file to configure a specific
-   infrastructure resource to proxy.
-- **Dynamic**: Apply a [configuration
-   resource](../management/dynamic-resources.mdx) that configures a resource to
-   proxy.
-
-The dynamic method allows Teleport to discover resources automatically.  The
-Discovery Service polls your cloud provider APIs and modifies dynamic
-infrastructure resources as required.
-
-[Read our guide](deploy-agents-terraform.mdx) to deploying a pool of agents
-via Terraform and enrolling infrastructure resources dynamically.
-
-To learn how to enroll resources via static configuration files, plus all the
-ways Teleport supports enrolling infrastructure, consult our guides to each of
-Teleport's services:
+services that an Agent runs, you can edit the configuration of your Agents
+within your infrastructure-as-code project, then redeploy the Agents.
 
-- [SSH Service](../server-access/introduction.mdx)
-- [Database Service](../database-access/introduction.mdx)
-- [Kubernetes Service](../kubernetes-access/introduction.mdx)
-- [Windows Desktop Service](../desktop-access/introduction.mdx)
-- [Application Service](../application-access/introduction.mdx)
diff --git a/docs/pages/deploy-a-cluster/introduction.mdx b/docs/pages/deploy-a-cluster/introduction.mdx
@@ -6,6 +6,10 @@ description: "Guides to running Teleport in production."
 These guides show you how to run a self-hosted Teleport Enterprise or Teleport
 Community Edition cluster in production.
 
+Before deploying a production Teleport cluster on your own infrastructure, you
+may want to deploy a demo cluster on a single Linux server by following the
+[Linux Demo Cluster](./linux-demo.mdx) guide.
+
 Read our [High Availability Guide](./high-availability.mdx) for the general
 principles behind deploying a scalable, fault-tolerant Teleport cluster. Once
 you understand what is required to run Teleport in production, choose your