Docs: add discovery_group to teleport.yaml/discovery_service examples #48362
Conversation
marcoandredinis
added
no-changelog
marcoandredinis
temporarily deployed
to
vercel
GitHub Actions
Inactive
|
This pull request is automatically being deployed by Amplify Hosting (learn more). |
|
🤖 Vercel preview here: https://docs-jceyj4aft-goteleport.vercel.app/docs/ver/preview |
github-actions
bot
requested review from
mmcallister,
ptgott,
r0mant,
xinding33 and
zmb3
| @@ -396,6 +396,7 @@ ssh_service: | |||
| enabled: off | |||
| discovery_service: | |||
| enabled: "yes" | |||
| discovery_group: "gke-myproject" | |||
There was a problem hiding this comment.
Do we have any instructions telling the user to update discovery_group in this and other Teleport configuration examples?
There was a problem hiding this comment.
We have it in the reference page and some other configurations.
I can add it to everything.
The description we use in the reference page is:
# discovery_group is used to group discovered resources into different
# sets. This is required when you have multiple Teleport Discovery services
# running. It prevents discovered services from colliding in Teleport when
# managing discovered resources.
# If two Discovery Services match the same resources, they must be in the
# same discovery group.
# If two Discovery Services match different resources, they must be in
# different discovery groups.
discovery_group: "disc-group"There was a problem hiding this comment.
👍 I would just make it explicit how to assign this value. Is this the name of a Google Cloud project where Kubernetes clusters you want to discover are running?
There was a problem hiding this comment.
It's an opaque value. Can be a random string.
When multiple DiscoveryServices are running, it is used to ensure resources are not deleted when reconciling the list of resources (eg databases).
There was a problem hiding this comment.
👍 I hadn't realized when leaving this comment that there is a partial, docs/pages/includes/discovery/discovery-group.mdx, that provides this information already. I think we can remove the discovery_group comments and use this partial instead.
There was a problem hiding this comment.
Removed the inline comment in the yaml code blocks.
Added the partial where it was missing.
marcoandredinis
force-pushed
the
marco/docs_add_discoverygroup
branch
from
225f133 to
80ff9ad
Compare
marcoandredinis
temporarily deployed
to
vercel
GitHub Actions
Inactive
marcoandredinis
force-pushed
the
marco/docs_add_discoverygroup
branch
from
80ff9ad to
4703c4a
Compare
marcoandredinis
temporarily deployed
to
vercel
GitHub Actions
Inactive
|
🤖 Vercel preview here: https://docs-l8x05mjri-goteleport.vercel.app/docs/ver/preview |
|
🤖 Vercel preview here: https://docs-5kprohh6a-goteleport.vercel.app/docs/ver/preview |
marcoandredinis
force-pushed
the
marco/docs_add_discoverygroup
branch
from
4703c4a to
8678c21
Compare
marcoandredinis
temporarily deployed
to
vercel
GitHub Actions
Inactive
|
🤖 Vercel preview here: https://docs-o25hbch0m-goteleport.vercel.app/docs/ver/preview |
| # discovery_group is used to group discovered resources into different | ||
| # sets. This is required when you have multiple Teleport Discovery services | ||
| # running. It prevents discovered services from colliding in Teleport when | ||
| # managing discovered resources. | ||
| # If two Discovery Services match the same resources, they must be in the | ||
| # same discovery group. | ||
| # If two Discovery Services match different resources, they must be in | ||
| # different discovery groups. |
There was a problem hiding this comment.
Why did you remove these explanations from everywhere? They seemed useful, discovery group is not an obvious concept to understand without the comment.
There was a problem hiding this comment.
I removed them but added the (!docs/pages/includes/discovery/discovery-group.mdx!) partial where it was not already present.
I'm fine with either, but I think we should stick to only one form of documentation (either inline with the yaml code block or with the partial).
public-teleport-github-review-bot
bot
removed request for
mmcallister,
zmb3 and
xinding33
When the discovery_group is not configured, teleport will log a warning message saying that it is recommended. Some configuration examples do not include it, so when users use that example to implement their own variation, it will output a warning message. After seeing that warning users might wonder if there's anything wrong with their `teleport.yaml`. Instead, we add a discovery_group to all examples so that users don't get that message.
marcoandredinis
force-pushed
the
marco/docs_add_discoverygroup
branch
from
8678c21 to
7f9ba7a
Compare
marcoandredinis
temporarily deployed
to
vercel
GitHub Actions
Inactive
|
🤖 Vercel preview here: https://docs-f0sxhnkwr-goteleport.vercel.app/docs/ver/preview |
…#48362) * Docs: add discovery_group to teleport.yaml/discovery_service examples When the discovery_group is not configured, teleport will log a warning message saying that it is recommended. Some configuration examples do not include it, so when users use that example to implement their own variation, it will output a warning message. After seeing that warning users might wonder if there's anything wrong with their `teleport.yaml`. Instead, we add a discovery_group to all examples so that users don't get that message. * explain discovery group * use partial instead
github-merge-queue
bot
removed this pull request from the merge queue due to failed status checks
|
@marcoandredinis See the table below for backport results.
|
When the discovery_group is not configured, teleport will log a warning message saying that it is recommended.
teleport/lib/srv/discovery/discovery.go
Line 251 in 24e8b68
Some configuration examples do not include it, so when users use that example to implement their own variation, it will output a warning message.
After seeing that warning users might wonder if there's anything wrong with their
teleport.yaml.Instead, we add a discovery_group to all examples so that users don't get that message.