Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Operator managed trusted_cluster guide #50847

Open
wants to merge 12 commits into
base: master
Choose a base branch
from
Open

Operator managed trusted_cluster guide #50847

wants to merge 12 commits into from
+574 −1

Conversation

bernardjkim
Copy link
Contributor

Closes #22474

This PR adds a guide for how to manage trusted_clusters with the Teleport Operator.

@bernardjkim bernardjkim added documentation no-changelog Indicates that a PR does not require a changelog entry labels Jan 7, 2025
@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 7, 2025
edited
Loading

Amplify deployment status

Branch Commit Job ID Status Preview Updated (UTC)
bernard/operator-trusted-cluster-guide 6c9df1c 11 ✅SUCCEED bernard-operator-trusted-cluster-guide 2025-01-11 02:00:57

@bernardjkim
Fix lint
2d9190b 
- Add How it works section
- Capitalize Teleport Agent
@bernardjkim bernardjkim force-pushed the bernard/operator-trusted-cluster-guide branch from 6f202fb to b1408a7 Compare January 8, 2025 19:55
@bernardjkim bernardjkim force-pushed the bernard/operator-trusted-cluster-guide branch from b1408a7 to 954c9a5 Compare January 8, 2025 20:05
@bernardjkim bernardjkim force-pushed the bernard/operator-trusted-cluster-guide branch from 954c9a5 to 024116c Compare January 8, 2025 20:27
@bernardjkim bernardjkim marked this pull request as ready for review January 9, 2025 00:36
ptgott
ptgott approved these changes Jan 9, 2025
View reviewed changes
docs/pages/admin-guides/infrastructure-as-code/teleport-operator/trusted-cluster.mdx Outdated Show resolved Hide resolved
docs/pages/admin-guides/infrastructure-as-code/teleport-operator/trusted-cluster.mdx Outdated Show resolved Hide resolved
docs/pages/admin-guides/infrastructure-as-code/teleport-operator/trusted-cluster.mdx Outdated Show resolved Hide resolved
docs/pages/admin-guides/infrastructure-as-code/teleport-operator/trusted-cluster.mdx Outdated

## Prerequisites

- Access to **two** Teleport cluster instances.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would clarify that we expect each cluster to be on a Linux server, then link to the Linux demo guide. Otherwise, I didn't know "instances" meant "VM instances" until I got a couple items into Step 1.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think "instances" here means VM instance or has anything to do with linux. I believe what this is trying to convey is that in order to set up a trusted cluster that there must be TWO teleport clusters already deployed before the trust relationship can be established.

rosstimothy
rosstimothy approved these changes Jan 10, 2025
View reviewed changes
docs/pages/admin-guides/infrastructure-as-code/teleport-operator/trusted-cluster.mdx Outdated
Replace `rootcluster.example.com` with the Teleport root cluster domain and
`myuser` with your Teleport username.

1. Generate the invitation token by running the following command:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we refer to join tokens as invitation token anywhere else in the docs?

Suggested change
1. Generate the invitation token by running the following command:
1. Generate the join token by running the following command:

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A lot of the documentation was copied from the main trusted clusters doc https://goteleport.com/docs/admin-guides/management/admin/trustedclusters/.

I'll go ahead and update the wording to use 'join' in that guide as well.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems like we use 'invitation token' quite a bit in the docs actually. We might want to address this separately across all our docs.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We've not been very good at consistent naming in the past, but last year we consolidated the terms to "join method", and "join token": https://goteleport.com/docs/reference/join-methods/

You don't have to clean old pages, but it's better to favour the official terms in new pages.

@hugoShaka
Copy link
Contributor

The other guides in the section (user/role, access lists, agentless nodes) are covering all 3 IaC tools: terraform, tctl and the operator. Is it possible to do the same for this guide and use tabs to show the examples for every tool?

Documentation fragmentation is a big issue for out IaC today and most users don't know how to create the basic resources with IaC. Consolidating all IaC tools in the same docs page helps reducing the gaps between IaC methods.

@bernardjkim bernardjkim deployed to docs-amplify January 11, 2025 01:56 — with GitHub Actions Active
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hugoShaka hugoShaka hugoShaka left review comments

@rosstimothy rosstimothy rosstimothy approved these changes

@ptgott ptgott ptgott approved these changes

Assignees
No one assigned
Labels
documentation no-changelog Indicates that a PR does not require a changelog entry size/md
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

operator: Support trusted cluster resource
4 participants
@bernardjkim @hugoShaka @ptgott @rosstimothy