Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add end user docs for VNet #42550

Merged
merged 12 commits into from
Jun 14, 2024
Merged

Add end user docs for VNet #42550

merged 12 commits into from
Jun 14, 2024

Conversation

ravicious
Copy link
Member

@ravicious ravicious commented Jun 6, 2024
edited

Preview

This is part 1 of VNet docs meant for end users. Part 2 which focuses on admin tasks, such as custom DNS zone configuration, is going to come in a separate PR.

The structure is loosely based on TCP Application Access guide. When writing the docs, I wanted to make sure it answers some of the questions asked by a design partner.

@ravicious ravicious added the no-changelog Indicates that a PR does not require a changelog entry label Jun 6, 2024
@github-actions GitHub Actions

This comment was marked as outdated.

Sign in to view
ravicious
ravicious commented Jun 6, 2024
View reviewed changes
docs/pages/connect-your-client/vnet.mdx

## Prerequisites

- A client machine running macOS Ventura (13.0) or higher.
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not a requirement for VNet that's going to ship with 16.0.0. But once we replace osascript with a daemon, macOS 13.0 will become a requirement as SMAppService requires it and it's the recommended way to handle such daemons.

docs/pages/connect-your-client/vnet.mdx Outdated
Comment on lines 63 to 64
VNet is available in `tsh` as well. Using it is as simple as logging in to the cluster and
calling `tsh vnet`.
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Once we add the daemon, technically people will need the signed version of tsh from the .pkg installer – SMAppService works only with bundled apps (and possibly only signed apps as well). Otherwise they'll be asked for a password on each start anyway.

However, that's not the case at the moment and I didn't want to complicate this paragraph. With Connect the good thing is that there's only one source users typically get Connect from, while tsh can be obtained from the .pkg installer, but also the archive with all other Teleport programs.

docs/pages/connect-your-client/vnet.mdx
Comment on lines +43 to +44
permissions. For now your password is needed each time you start VNet, but we're working on showing
the prompt only once.
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I didn't have to mention that we're working on it. But I imagine it might be one of the biggest gripes for now and it's the top priority item once I'm done with the docs and the test plan.

docs/pages/connect-your-client/vnet.mdx
Comment on lines +73 to +81
### Timeouts when trying to reach a Teleport cluster

If VNet doesn't have a chance to clean up before stopping, such as during sudden device shut down,
it may leave leftover DNS configuration files in `/etc/resolver`. Those files tell your computer to
talk to a DNS server operated by VNet when connecting to your cluster. But since VNet is no longer
running, there's no DNS server to answer those calls.

To clean up those files, simply start VNet again. Alternatively, you can remove the leftover files
manually.
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This shouldn't be a problem once we introduce the daemon. But until then people might run into this problem from time to time.

docs/pages/connect-your-client/vnet.mdx

## Next steps

- Read [RFD 163](https://github.com/gravitational/teleport/blob/master/rfd/0163-vnet.md) to learn how VNet works on a technical level.
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we ever need a proper explanation behind VNet? Would we put it in admin docs or somewhere else?

I imagine some sort of simplified explanation of the DNS setup would be useful.

@ravicious ravicious marked this pull request as ready for review June 6, 2024 14:23
@github-actions GitHub Actions

This comment was marked as outdated.

Sign in to view
@github-actions GitHub Actions
Copy link

🤖 Vercel preview here: https://docs-a4t5btyky-goteleport.vercel.app/docs/ver/preview

@ravicious ravicious mentioned this pull request Jun 12, 2024
Merged
ptgott
ptgott approved these changes Jun 13, 2024
View reviewed changes
Copy link
Contributor

@ptgott ptgott left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved while giving this a cursory look to make sure it's in the docs before the v16 release

docs/pages/connect-your-client/teleport-connect.mdx Show resolved Hide resolved
docs/pages/connect-your-client/vnet.mdx Show resolved Hide resolved
docs/pages/connect-your-client/vnet.mdx
title: Using VNet
description: Using VNet
---

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've suggested a very quick one. I think all guides should have some kind of initial paragraph to orient the user and help them make sure they're in the right place

@ravicious @ptgott
Add intro paragraph
dc9004c 
Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
@ravicious ravicious enabled auto-merge June 14, 2024 09:40
@github-actions GitHub Actions
Copy link

🤖 Vercel preview here: https://docs-axpvo6189-goteleport.vercel.app/docs/ver/preview

@github-actions GitHub Actions
Copy link

🤖 Vercel preview here: https://docs-25zlcqr3z-goteleport.vercel.app/docs/ver/preview

@ravicious ravicious added this pull request to the merge queue Jun 14, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Jun 14, 2024
@ravicious ravicious added this pull request to the merge queue Jun 14, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Jun 14, 2024
@ravicious ravicious added this pull request to the merge queue Jun 14, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Jun 14, 2024
@ravicious ravicious added this pull request to the merge queue Jun 14, 2024
Merged via the queue into master with commit 116ee9a Jun 14, 2024
42 checks passed
@ravicious ravicious deleted the r7s/vnet-docs branch June 14, 2024 11:29
@public-teleport-github-review-bot
Copy link

@ravicious See the table below for backport results.

Branch Result
branch/v16 Create PR

@ravicious ravicious mentioned this pull request Jun 14, 2024
Merged
@ravicious ravicious mentioned this pull request Jul 2, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zmb3 zmb3 zmb3 approved these changes

@ptgott ptgott ptgott approved these changes

@nklaassen nklaassen Awaiting requested review from nklaassen

Assignees
No one assigned
Labels
backport/branch/v16 documentation no-changelog Indicates that a PR does not require a changelog entry size/md ui
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@ravicious @zmb3 @nklaassen @ptgott