Document that crdb can be used a a pg replacement for events #44704
Conversation
hugoShaka
added
no-changelog
github-actions
bot
requested review from
mmcallister,
ptgott,
r0mant,
xinding33 and
zmb3
|
🤖 Vercel preview here: https://docs-6x12nntk7-goteleport.vercel.app/docs/ver/preview |
docs/pages/reference/backends.mdx
Outdated
| @@ -13,7 +13,7 @@ read/write ratio, mutability, etc.). | |||
| | Data type | Description | Supported storage backends | | |||
| | - | - | - | | |||
| | core cluster state | Cluster configuration (e.g. users, roles, auth connectors) and identity (e.g. certificate authorities, registered nodes, trusted clusters). | Local directory (SQLite), etcd, PostgreSQL, Amazon DynamoDB, GCP Firestore, CockroachDB | | |||
| | audit events | JSON-encoded events from the audit log (e.g. user logins, RBAC changes) | Local directory, PostgreSQL, AWS DynamoDB, GCP Firestore | | |||
| | audit events | JSON-encoded events from the audit log (e.g. user logins, RBAC changes) | Local directory, PostgreSQL/CockroachDB, AWS DynamoDB, GCP Firestore | | |||
There was a problem hiding this comment.
I don't know that we should be equating the Postgres and CockroachDB backend like this.
| | audit events | JSON-encoded events from the audit log (e.g. user logins, RBAC changes) | Local directory, PostgreSQL/CockroachDB, AWS DynamoDB, GCP Firestore | | |
| | audit events | JSON-encoded events from the audit log (e.g. user logins, RBAC changes) | Local directory, PostgreSQL, CockroachDB, AWS DynamoDB, GCP Firestore | |
There was a problem hiding this comment.
For audit events, we use the same backend for pg and crdb. For cluster state we use separate backends.
There was a problem hiding this comment.
That seems more like an internal implementation detail than something that should be conveyed in our documentation though.
There was a problem hiding this comment.
I'm not sure because in one case, the user needs enterprise + explicitly specify the cockroachDB backend. In the other, they configure a postgres audit backend that happens to be backed by crdb but it's transparent.
Co-authored-by: rosstimothy <[email protected]>
|
🤖 Vercel preview here: https://docs-d26stra5e-goteleport.vercel.app/docs/ver/preview |
Co-authored-by: Paul Gottschling <[email protected]>
|
🤖 Vercel preview here: https://docs-onsz06j2e-goteleport.vercel.app/docs/ver/preview |
docs/pages/reference/backends.mdx
Outdated
| @@ -13,7 +13,7 @@ read/write ratio, mutability, etc.). | |||
| | Data type | Description | Supported storage backends | | |||
| | - | - | - | | |||
| | core cluster state | Cluster configuration (e.g. users, roles, auth connectors) and identity (e.g. certificate authorities, registered nodes, trusted clusters). | Local directory (SQLite), etcd, PostgreSQL, Amazon DynamoDB, GCP Firestore, CockroachDB | | |||
| | audit events | JSON-encoded events from the audit log (e.g. user logins, RBAC changes) | Local directory, PostgreSQL, AWS DynamoDB, GCP Firestore | | |||
| | audit events | JSON-encoded events from the audit log (e.g. user logins, RBAC changes) | Local directory, PostgreSQL/CockroachDB, AWS DynamoDB, GCP Firestore | | |||
There was a problem hiding this comment.
That seems more like an internal implementation detail than something that should be conveyed in our documentation though.
|
🤖 Vercel preview here: https://docs-24ruanyis-goteleport.vercel.app/docs/ver/preview |
public-teleport-github-review-bot
bot
removed request for
r0mant,
mmcallister and
zmb3
public-teleport-github-review-bot
bot
removed the request for review
from xinding33
Co-authored-by: rosstimothy <[email protected]>
|
🤖 Vercel preview here: https://docs-47hu45kvy-goteleport.vercel.app/docs/ver/preview |
|
@hugoShaka See the table below for backport results.
|
Backend doc reference update to mention that crdb can be used for audit.