Skip to content

Add auto enrolling capability to EKS Discover flow #38432

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
AntonAM merged 21 commits into from
Feb 29, 2024
Merged

Add auto enrolling capability to EKS Discover flow #38432

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
eb58cf5
Add auto enrolling capability to EKS Discover flow
AntonAM Feb 20, 2024
c049f48
Handle error directly in catch block.
AntonAM Feb 22, 2024
3224e34
Remove commented code.
AntonAM Feb 22, 2024
5d39400
Refactor inverting a value.
AntonAM Feb 22, 2024
c27262e
Remove unneeded cast.
AntonAM Feb 22, 2024
518ec9d
Refactor inverting a value.
AntonAM Feb 22, 2024
f8f1322
Use strict equality check.
AntonAM Feb 22, 2024
c8bb9f2
Improve punctuation.
AntonAM Feb 22, 2024
631644a
Remove dot.
AntonAM Feb 23, 2024
a8fd2e9
Add comment for the notifyAboutDelay field.
AntonAM Feb 23, 2024
fff7590
Use empty string by default for cloud discovery group name.
AntonAM Feb 23, 2024
0fc19ce
Override autoDiscovery property of props inplace.
AntonAM Feb 23, 2024
522192a
Remove unneeded semicolon.
AntonAM Feb 23, 2024
541c7f0
Add story for SelfHostedAutoDiscoveryDirections
AntonAM Feb 23, 2024
7062ec3
Inline makeDiscoveryConfigReq.
AntonAM Feb 23, 2024
0147dc0
Stack toggles on top of each others, instead of side by side.
AntonAM Feb 23, 2024
34b20a6
Remove unused import.
AntonAM Feb 23, 2024
1e2da82
Remove redundant Box element.
AntonAM Feb 27, 2024
1cbc090
Improve a comment.
AntonAM Feb 28, 2024
f341450
Switch places for auto enrollment and app discovery toggles.
AntonAM Feb 28, 2024
79d30b4
Fix after rebase.
AntonAM Feb 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions web/packages/teleport/src/Discover/Database/EnrollRdsDatabase/EnrollRdsDatabase.test.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,10 @@ import DatabaseService from 'teleport/services/databases/databases';
import * as discoveryService from 'teleport/services/discovery/discovery';
import { ComponentWrapper } from 'teleport/Discover/Fixtures/databases';
import cfg from 'teleport/config';
import { DISCOVERY_GROUP_CLOUD } from 'teleport/services/discovery/discovery';
import {
DISCOVERY_GROUP_CLOUD,
DEFAULT_DISCOVERY_GROUP_NON_CLOUD,
} from 'teleport/services/discovery/discovery';

import { EnrollRdsDatabase } from './EnrollRdsDatabase';

Expand Down Expand Up @@ -207,7 +210,7 @@ describe('test EnrollRdsDatabase.tsx', () => {
// Second array are the parameters that this api got called with,
// we are interested in the second parameter.
expect(createDiscoveryConfig.mock.calls[0][1]['discoveryGroup']).toBe(
'aws-prod'
DEFAULT_DISCOVERY_GROUP_NON_CLOUD
);

expect(DatabaseService.prototype.createDatabase).not.toHaveBeenCalled();
Expand Down
172 changes: 13 additions & 159 deletions web/packages/teleport/src/Discover/Database/EnrollRdsDatabase/EnrollRdsDatabase.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,13 @@
*/

import React, { useState } from 'react';
import { Box, Flex, Input, Text, Toggle } from 'design';
import { Box, Text, Toggle } from 'design';
import { FetchStatus } from 'design/DataTable/types';
import { Danger } from 'design/Alert';
import useAttempt, { Attempt } from 'shared/hooks/useAttemptNext';
import { ToolTipInfo } from 'shared/components/ToolTip';
import { getErrMessage } from 'shared/utils/errorType';

import { TextSelectCopyMulti } from 'teleport/components/TextSelectCopy';
import { DbMeta, useDiscover } from 'teleport/Discover/useDiscover';
import {
AwsRdsDatabase,
Expand All @@ -40,19 +39,24 @@ import { isIamPermError } from 'teleport/Discover/Shared/Aws/error';
import cfg from 'teleport/config';
import {
DISCOVERY_GROUP_CLOUD,
DEFAULT_DISCOVERY_GROUP_NON_CLOUD,
DiscoveryConfig,
createDiscoveryConfig,
} from 'teleport/services/discovery';
import useTeleport from 'teleport/useTeleport';
import { Tabs } from 'teleport/components/Tabs';

import { ActionButtons, Header, Mark, StyledBox } from '../../Shared';
import {
AutoEnrollDialog,
ActionButtons,
Header,
Mark,
SelfHostedAutoDiscoverDirections,
} from '../../Shared';

import { useCreateDatabase } from '../CreateDatabase/useCreateDatabase';
import { CreateDatabaseDialog } from '../CreateDatabase/CreateDatabaseDialog';

import { DatabaseList } from './RdsDatabaseList';
import { AutoEnrollDialog } from './AutoEnrollDialog';

type TableData = {
items: CheckedAwsRdsDatabase[];
Expand Down Expand Up @@ -106,7 +110,7 @@ export function EnrollRdsDatabase() {
const [autoDiscoveryCfg, setAutoDiscoveryCfg] = useState<DiscoveryConfig>();
const [requiredVpcs, setRequiredVpcs] = useState<Record<string, string[]>>();
const [discoveryGroupName, setDiscoveryGroupName] = useState(() =>
cfg.isCloud ? '' : 'aws-prod'
cfg.isCloud ? '' : DEFAULT_DISCOVERY_GROUP_NON_CLOUD
);

function fetchDatabasesWithNewRegion(region: Regions) {
Expand Down Expand Up @@ -335,7 +339,9 @@ export function EnrollRdsDatabase() {
close={() => setAutoDiscoverAttempt({ status: '' })}
retry={handleOnProceed}
region={tableData.currRegion}
skipDeployment={requiredVpcs && Object.keys(requiredVpcs).length === 0}
notifyAboutDelay={
Copy link
Copy Markdown
Contributor

@kimlisa kimlisa Feb 21, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we should add a comment on what notifyAboutDelay means (i think skipDeployment made more sense tbh 🤷‍♀️ ). in the deployment section we let user know it'll take a few minutes, but since we are skipping deployment we have to show the note in the enrolling section

Copy link
Copy Markdown
Contributor Author

@AntonAM AntonAM Feb 23, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added comment. EKS doesn't have service deployment but has same need to warn user. I think it's a general capability that we want to notify user that for auto discovery resources will take some time to appear. be00e9c

requiredVpcs && Object.keys(requiredVpcs).length === 0
}
/>
);
}
Expand Down Expand Up @@ -435,14 +441,6 @@ function getRdsEngineIdentifier(engine: DatabaseEngine): RdsEngineIdentifier {
}
}

const discoveryGroupToolTip = `Discovery group name is used to group discovered resources into different sets. \
This parameter is used to prevent Discovery Agents watching different sets of cloud resources from \
colliding against each other and deleting resources created by another services.`;

const discoveryServiceToolTip = `The Discovery Service, is responsible for watching your \
cloud provider and checking if there are any new databases or if there have been any \
modifications to previously discovered databases.`;

function ToggleSection({
wantAutoDiscover,
toggleWantAutoDiscover,
Expand Down Expand Up @@ -484,147 +482,3 @@ function ToggleSection({
</Box>
);
}

const SelfHostedAutoDiscoverDirections = ({
clusterPublicUrl,
discoveryGroupName,
setDiscoveryGroupName,
}: {
clusterPublicUrl: string;
discoveryGroupName: string;
setDiscoveryGroupName(n: string): void;
}) => {
const yamlContent = `version: v3
teleport:
join_params:
token_name: "<YOUR_JOIN_TOKEN_FROM_STEP_1>"
method: token
proxy_server: "${clusterPublicUrl}"
auth_service:
enabled: off
proxy_service:
enabled: off
ssh_service:
enabled: off
discovery_service:
enabled: "yes"
discovery_group: "${discoveryGroupName}"`;

return (
<Box mt={2}>
<Flex alignItems="center">
<Text>
Auto-enrolling requires you to configure a{' '}
<Mark>Discovery Service</Mark>
</Text>
<ToolTipInfo children={discoveryServiceToolTip} />
</Flex>
<br />
<StyledBox mb={5}>
<Text bold>Step 1: Create a Join Token</Text>
<Text mb={2}>
Run the following command against your Teleport Auth Service and save
it in <Mark>/tmp/token</Mark> on the host that will run the Discovery
Service.
</Text>
<TextSelectCopyMulti
lines={[
{
text: `tctl tokens add --type=discovery`,
},
]}
/>
</StyledBox>
<StyledBox mb={5}>
<Flex alignItems="center">
<Text bold mr={1}>
Step 2: Define a Discovery Group name{' '}
</Text>
<ToolTipInfo children={discoveryGroupToolTip} />
</Flex>
<Box mt={3} width="260px">
<Input
value={discoveryGroupName}
onChange={e => setDiscoveryGroupName(e.target.value)}
hasError={discoveryGroupName.length == 0}
/>
</Box>
</StyledBox>
<StyledBox mb={5}>
<Text bold mr={1}>
Step 3: Create a teleport.yaml file
</Text>
<Text mb={2}>
Use this template to create a <Mark>teleport.yaml</Mark> on the host
that will run the Discovery Service.
</Text>
<TextSelectCopyMulti lines={[{ text: yamlContent }]} bash={false} />
</StyledBox>
<StyledBox mb={5}>
<Text bold mr={1}>
Step 4: Start Discovery Service
</Text>
<Text mb={2}>
Configure the Discovery Service to start automatically when the host
boots up by creating a systemd service for it. The instructions depend
on how you installed the Discovery Service.
</Text>
<Tabs
tabs={[
{
title: 'Package Manager',
content: (
<Box px={2} pb={2}>
<Text mb={2}>
On the host where you will run the Discovery Service, enable
and start Teleport:
</Text>
<TextSelectCopyMulti
lines={[
{
text: `sudo systemctl enable teleport`,
},
{
text: `sudo systemctl start teleport`,
},
]}
/>
</Box>
),
},
{
title: `TAR Archive`,
content: (
<Box px={2} pb={2}>
<Text mb={2}>
On the host where you will run the Discovery Service, create
a systemd service configuration for Teleport, enable the
Teleport service, and start Teleport:
</Text>
<TextSelectCopyMulti
lines={[
{
text: `sudo teleport install systemd -o /etc/systemd/system/teleport.service`,
},
{
text: `sudo systemctl enable teleport`,
},
{
text: `sudo systemctl start teleport`,
},
]}
/>
</Box>
),
},
]}
/>
<Text mt={2}>
You can check the status of the Discovery Service with{' '}
<Mark>systemctl status teleport</Mark> and view its logs with{' '}
<Mark>journalctl -fu teleport</Mark>.
</Text>
</StyledBox>
</Box>
);
};
25 changes: 14 additions & 11 deletions web/packages/teleport/src/Discover/Kubernetes/EnrollEKSCluster/EksClustersList.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ import { CheckedEksCluster } from './EnrollEksCluster';

type Props = {
items: CheckedEksCluster[];
autoDiscovery: boolean;
fetchStatus: FetchStatus;
fetchNextPage(): void;

Expand All @@ -42,6 +43,7 @@ type Props = {

export const ClustersList = ({
items = [],
autoDiscovery,
fetchStatus = '',
fetchNextPage,
onSelectCluster,
Expand All @@ -63,21 +65,23 @@ export const ClustersList = ({
isChecked={isChecked}
onChange={onSelectCluster}
value={item.name}
{...disabledStates(item)}
{...disabledStates(item, autoDiscovery)}
/>
);
},
},
{
key: 'name',
headerText: 'Name',
render: item => <Cell {...disabledStates(item)}>{item.name}</Cell>,
render: item => (
<Cell {...disabledStates(item, autoDiscovery)}>{item.name}</Cell>
),
},
{
key: 'labels',
headerText: 'Labels',
render: item => (
<Cell {...disabledStates(item)}>
<Cell {...disabledStates(item, autoDiscovery)}>
<Labels labels={item.labels} />
</Cell>
),
Expand All @@ -89,7 +93,7 @@ export const ClustersList = ({
<StatusCell
status={getStatus(item)}
statusText={item.status}
{...disabledStates(item)}
{...disabledStates(item, autoDiscovery)}
/>
),
},
Expand Down Expand Up @@ -117,9 +121,11 @@ function getStatus(item: CheckedEksCluster) {
}
}

function disabledStates(item: CheckedEksCluster) {
function disabledStates(item: CheckedEksCluster, autoDiscovery: boolean) {
const disabled =
getStatus(item) !== ItemStatus.Success || item.kubeServerExists;
getStatus(item) !== ItemStatus.Success ||
item.kubeServerExists ||
autoDiscovery;

let disabledText = `This EKS cluster is already enrolled and is a part of this cluster`;
switch (item.status) {
Expand All @@ -132,11 +138,8 @@ function disabledStates(item: CheckedEksCluster) {
case 'deleting':
disabledText = 'Not available';
}

if (item.status === 'failed') {
disabledText = 'Not available, try refreshing the list';
} else if (item.status === 'deleting') {
disabledText = 'Not available';
if (autoDiscovery) {
disabledText = 'All eligible EKS clusters will be enrolled automatically';
}

return { disabled, disabledText };
Expand Down
7 changes: 7 additions & 0 deletions web/packages/teleport/src/Discover/Kubernetes/EnrollEKSCluster/EnrollEksCluster.story.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,13 +101,19 @@ const successEnrollmentHandler = rest.post(
}
);

const discoveryConfigHandler = rest.post(
cfg.api.discoveryConfigPath,
(req, res, ctx) => res(ctx.json({}))
);

export const ClustersList = () => <Component />;

ClustersList.parameters = {
msw: {
handlers: [
tokenHandler,
successEnrollmentHandler,
discoveryConfigHandler,
rest.post(cfg.getListEKSClustersUrl(integrationName), (req, res, ctx) => {
{
return res(ctx.json({ clusters: eksClusters }));
Expand Down Expand Up @@ -135,6 +141,7 @@ ClustersListInCloud.parameters = {
handlers: [
tokenHandler,
successEnrollmentHandler,
discoveryConfigHandler,
rest.post(cfg.getListEKSClustersUrl(integrationName), (req, res, ctx) => {
{
return res(ctx.json({ clusters: eksClusters }));
Expand Down
Loading