Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: update cloud networking on proxy service #47506

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

docs: update cloud networking on proxy service #47506

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
4da1fa9
docs: update cloud networking on proxy service
stevenGravy Oct 11, 2024
76631d1
docs: update verbiage for networking
stevenGravy Oct 22, 2024
af7ffe5
docs: update cloud-hosted public address
stevenGravy Oct 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 10 additions & 10 deletions docs/pages/reference/networking.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,21 +36,21 @@
</TabItem>
<TabItem scope={["cloud", "team"]} label="Cloud-Hosted">

All Teleport services (e.g., the Application Service and Database Service) have
an optional `public_addr` property that you can modify in each service's
configuration file. The public address can take an IP or a DNS name. It can also
be a list of values:
For Teleport Enterprise Cloud all Teleport services (e.g. Kubernetes Service,

Check failure on line 39 in docs/pages/reference/networking.mdx

View workflow job for this annotation

GitHub Actions / Lint docs prose style 

[vale] reported by reviewdog 🐶
[messaging.edition-names] "Teleport Enterprise Cloud" is no longer a recognized Teleport edition. Use "Teleport Enterprise (Self-Hosted)" or "Teleport Enterprise (Cloud)" instead. If the hosting type is not important in a given sentence, there is no need to specify it, and you can use "Teleport Enterprise".

Raw Output:
{"message": "[messaging.edition-names] \"Teleport Enterprise Cloud\" is no longer a recognized Teleport edition. Use \"Teleport Enterprise (Self-Hosted)\" or \"Teleport Enterprise (Cloud)\" instead. If the hosting type is not important in a given sentence, there is no need to specify it, and you can use \"Teleport Enterprise\".", "location": {"path": "docs/pages/reference/networking.mdx", "range": {"start": {"line": 39, "column": 5}}}, "severity": "ERROR"}
SSH Service,...) connect via reverse tunnels through the Teleport Proxy Service.
The Teleport Proxy Service and Auth Service are provided so no specification
is required for those. This makes the usage of `public_addr` limited to the Application Service.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like we are introducing the public_addr property in this Tabs component, so a user won't understand what "the usage of public_addr" means.

I think we can structure the content of this TabItem to mention the public_addr property for Teleport Enterprise (Cloud) users as though it is only available for the Application Service, indicating why a user would want to set this property.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks @ptgott , please see update


In the case of web applications the public address must be a subdomain of the tenant
stevenGravy marked this conversation as resolved.
Show resolved Hide resolved
since the domain and TLS certificates are maintained by Teleport.

```yaml
public_addr: ["service-one.example.com", "service-two.example.com"]
public_addr: "myapp.example.teleport.sh"
```

Specifying a public address for a Teleport agent may be useful in the
following use cases:
For TCP applications you can specify a fqdn outside of `teleport.sh` in combination
stevenGravy marked this conversation as resolved.
Show resolved Hide resolved
with [VNet](../enroll-resources/application-access/guides/vnet.mdx) since that domain is served via your machine's local network.

- You have multiple identical services behind a load balancer.
- You want Teleport to issue an SSH certificate for the service with additional
principals, e.g., host names.
</TabItem>
</Tabs>

Expand Down
Loading