RFD 163: VNet (#37834)

* RFD 163: VNet

Starting with an empty shell we can add to.

* Add first part of UX section

* describe DNS and IP assignment

* Replace SMJobBless with SMAppService

* describe TCP ports

* edits and diagrams

* Rewrite section about SMAppService, mention Network Extension

* Expand sections on guiding user towards VNet and lifecycle

* Update screenshot

* Add VNet tab and lifecycle section on start & stop

* Add tsh integration section

* Add section on product usage

* add proto and observability

* describe ipv6 assignment

* Simplify card UI

* mention other protocols

* Send one protocol use event per app per VNet lifespan

* use public_addr

* remove remaining vnet_addr refs

* edits

* more info on protocols and IP ranges

* Replace VNet tab with panel in Connections

* Rewrite section on system start, streamline Lifecycle section

* Fix link to VNet panel image

* describe DNS rebinding

* describe long-running admin process and simplify tsh vnet

* add required approvers

* fix typo

* Remove admin process in favor of daemon

* The daemon is responsible for creating a TUN device and setting up DNS only.
* Mention lifetimes
* Add protobuf for daemon service

* drop web app support

* Remove HTTP apps from UX section

* require TXT record for custom DNS zones

* mention that config resource is a singleton

* better call-out of local-only IPs

* conclude DNS rebinding section

* Add note about restricting access to daemon

* add audit events

* mention other OS users

* TSH_HOME → TELEPORT_HOME

* Use Vnet instead of VNet in proto specifications

* clarify scope of UDP support

* rename resource vnet -> vnet_config

* update reviewers

---------

Co-authored-by: Rafał Cieślak <[email protected]>