WIP Production Examples

[one000mph]

• Adds Production Guide, incomplete but shows direction
  • production.md shows major considerations when running Teleport in production. In addition to core Production topics it would link to supporting Guides on how to complete common Admin Tasks.
• Admin Guide: Node Join
• Admi Guide: Node Label
• [WIP] Admin Guide: Trusted Cluster
• [WIP] Admin Guide: Token Management
• [WIP] Adds Configuration Guide for YAML configuration
• Removes reorg/revised content from Admin Guide.

For ease of review the target branch is andyet/prod-base which merges existing PRs for andyet/installation, cli-docs, quickstart and andyet/concepts.

[one000mph]

Where to go from here:

The next steps that I would have done for the project would be to divide the Admin Guide into multiple pages. The content would be drawn from what exists, but include Prerequisites and Next Steps Sections at header and footer so users have context for what they can/should know before working through the guide and where they can/should go next. Any guides describing actionable tasks should be presented as much as possible in step-by-step format with script examples, references to architecture & CLI docs, and diagrams were needed.

I had the Production Guide in-progress. The vision there was to provide a document that admins could read to understand all important considerations for running Teleport in production. It would link to other guides for instructions on specific tasks and link to Platform Guides for instructions on how to run on AWS, K8S, and GCP.

• Dedicated Doc for YAML Config. Each key should be described with its default value [when unset] and possible values. The existing configuration section is a good start but could be improved.

• Admin Guides:

  • Managing Users
  • Managing Resource Files nodes, users, clusters, roles, connectors
    • Editing node/user/cluster resources
  • Add a Trusted Cluster
  • Certificate Rotation
  • High Availability
  • Accessing Audit Logs & Recorded Session data
  • Set up recording proxy mode
  • Teleport with OpenSSH
  • SSO: Github, OIDC, Okta, etc

• The User Guide seems fairly clear as is, but it may be helpful to divide into task-oriented sections like the Admin Guide.

• Clear distinctions should be made between SSO Integrations which involve mostly Auth, and things like AWS or K8s "Integrations" which involve the whole system. Perhaps consider "Platform Guide" instead of "Integrations" for these?