teleport icon indicating copy to clipboard operation
teleport copied to clipboard
verified publisher icon gravitational

Recovery guide for Teleport HA for disaster recovery scenarios

Open benarent opened this issue 5 years ago • 2 comments

Summary

We should provide guidance around break glass procedure guide for various recovery scenarios.

These will include

  • [ ] If Teleport Auth cluster is offline
  • [ ] Backing up core Teleport config and restoring
  • [ ] Rolling out certs if an account has been compromised.

Audience

This guide should be aimed at users evaluating the product, and power users who want to cover all edge cases.

What steps are you concerned with, and what do you do?

Location

TBD

benarent avatar May 26 '20 17:05 benarent

If the configuration management stack uses a non-SSH protocol for communication, that can be used to rebootstrap a node into a known safe state.

russjones avatar Jun 25 '20 00:06 russjones

also TIL

Trust will automatically reestablish if you backup your CAs with tctl get --with-secrets cas > cas.yaml and, after full loss of backend, start the fresh auth server with --bootstrap cas.yaml.

benarent avatar Aug 19 '20 03:08 benarent