Tweaks in getting started guides. (#10780)

* Re-uses DNS section in linux guide.
* Fixes confusing DNS variable in dig section.

docs/pages/getting-started/linux-server.mdx

@@ -30,22 +30,15 @@ Take a look at the [Installation Guide](../installation.mdx) for more options.
 
 ### Configure DNS
 
-Teleport uses TLS to provide secure access to its Proxy Service and Auth Service, and this requires a domain name that clients can use to verify Teleport's certificate. To get started, set up two `A` records for `tele.example.com` and `*.tele.example.com` pointing to the IP/FQDN of the machine with Teleport installed.
-
-<Admonition
-  type="tip"
-  title="Tip"
->
-  You can use `dig` to make sure that DNS records are propagated:
-
-  ```code
-  $ dig @$DNS_SERVER_ADDRESS tele.example.com
-  ```
-</Admonition>
+(!docs/pages/includes/dns.mdx!)
 
 ### Configure Teleport
 
-Next, generate a configuration file for Teleport using the `teleport configure` command. This command requires information about a TLS certificate and private key. If your environment allows your Teleport Auth Server to be reachable via the public internet, we recommend using Let's Encrypt to generate your key and certificate automatically. Otherwise, you can use a key and certificate provided via your organization's internal public key infrastructure.
+Generate a configuration file for Teleport using the `teleport configure` command.
+This command requires information about a TLS certificate and private key.
+
+If you are running Teleport on the internet, we recommend using Let's Encrypt to receive your key and certificate automatically.
+For private net or custom deployments, use your own private key and certificate.
 
 <Tabs>
   <TabItem label="Public internet deployment with Let's Encrypt">

docs/pages/includes/dns.mdx

@@ -0,0 +1,54 @@
+Set up two `A` DNS records - `tele.example.com` for all traffic and `*.tele.example.com`
+for web apps using application access.
+
+<Details title="DNS instructions for cloud providers" opened={false}>
+
+<Tabs>
+  <TabItem label="GCP Cloud DNS">
+    ```code
+    $ MYZONE="myzone"
+    $ MYDNS="tele.example.com"
+
+    $ gcloud dns record-sets transaction start --zone="${MYZONE?}"
+    $ gcloud dns record-sets transaction add ${MYIP?} --name="${MYDNS?}" --ttl="30" --type="A" --zone="${MYZONE?}"
+    $ gcloud dns record-sets transaction add ${MYIP?} --name="*.${MYDNS?}" --ttl="30" --type="A" --zone="${MYZONE?}"
+    $ gcloud dns record-sets transaction describe --zone="${MYZONE?}"
+    $ gcloud dns record-sets transaction execute --zone="${MYZONE?}"
+    ```
+  </TabItem>
+
+  <TabItem label="AWS Route 53">
+    ```code
+    # Tip for finding AWS zone id by the domain name.
+    $ MYZONE_DNS="example.com"
+    $ MYZONE=$(aws route53 list-hosted-zones-by-name --dns-name=${MYZONE_DNS?} | jq -r '.HostedZones[0].Id' | sed s_/hostedzone/__)
+
+    $ MYDNS="tele.example.com"
+
+    # Create a JSON file changeset for AWS.
+    $ jq -n --arg ip ${MYIP?} --arg dns ${MYDNS?} '{"Comment": "Create records", "Changes": [{"Action": "CREATE","ResourceRecordSet": {"Name": $dns, "Type": "A", "TTL": 300, "ResourceRecords": [{ "Value": $ip}]}},{"Action": "CREATE", "ResourceRecordSet": {"Name": ("*." + $dns), "Type": "A", "TTL": 300, "ResourceRecords": [{ "Value": $ip}]}}]}' > myrecords.json
+
+    # Review records before applying.
+    $ cat myrecords.json | jq
+    # Apply the records and capture change id
+    $ CHANGEID=$(aws route53 change-resource-record-sets --hosted-zone-id ${MYZONE?} --change-batch file://myrecords.json | jq -r '.ChangeInfo.Id')
+
+    # Verify that change has been applied
+    $ aws route53 get-change --id ${CHANGEID?} | jq '.ChangeInfo.Status'
+    # "INSYNC"
+    ```
+  </TabItem>
+</Tabs>
+
+</Details>
+
+<Admonition
+  type="tip"
+  title="Tip"
+>
+  You can use `dig` to make sure that DNS records are propagated:
+
+  ```code
+  $ dig tele.example.com
+  ```
+</Admonition>

docs/pages/kubernetes-access/getting-started/cluster.mdx

@@ -139,45 +139,7 @@ to create a public IP for Teleport.
   </TabItem>
 </Tabs>
 
-Set up two `A` DNS records - `tele.example.com` for UI and `*.tele.example.com`
-for web apps using [application access](../../application-access/introduction.mdx).
-
-<Tabs>
-  <TabItem label="GCP Cloud DNS">
-    ```code
-    $ MYZONE="myzone"
-    $ MYDNS="tele.example.com"
-
-    $ gcloud dns record-sets transaction start --zone="${MYZONE?}"
-    $ gcloud dns record-sets transaction add ${MYIP?} --name="${MYDNS?}" --ttl="30" --type="A" --zone="${MYZONE?}"
-    $ gcloud dns record-sets transaction add ${MYIP?} --name="*.${MYDNS?}" --ttl="30" --type="A" --zone="${MYZONE?}"
-    $ gcloud dns record-sets transaction describe --zone="${MYZONE?}"
-    $ gcloud dns record-sets transaction execute --zone="${MYZONE?}"
-    ```
-  </TabItem>
-
-  <TabItem label="AWS Route 53">
-    ```code
-    # Tip for finding AWS zone id by the domain name.
-    $ MYZONE_DNS="example.com"
-    $ MYZONE=$(aws route53 list-hosted-zones-by-name --dns-name=${MYZONE_DNS?} | jq -r '.HostedZones[0].Id' | sed s_/hostedzone/__)
-
-    $ MYDNS="tele.example.com"
-
-    # Create a JSON file changeset for AWS.
-    $ jq -n --arg ip ${MYIP?} --arg dns ${MYDNS?} '{"Comment": "Create records", "Changes": [{"Action": "CREATE","ResourceRecordSet": {"Name": $dns, "Type": "A", "TTL": 300, "ResourceRecords": [{ "Value": $ip}]}},{"Action": "CREATE", "ResourceRecordSet": {"Name": ("*." + $dns), "Type": "A", "TTL": 300, "ResourceRecords": [{ "Value": $ip}]}}]}' > myrecords.json
-
-    # Review records before applying.
-    $ cat myrecords.json | jq
-    # Apply the records and capture change id
-    $ CHANGEID=$(aws route53 change-resource-record-sets --hosted-zone-id ${MYZONE?} --change-batch file://myrecords.json | jq -r '.ChangeInfo.Id')
-
-    # Verify that change has been applied
-    $ aws route53 get-change --id ${CHANGEID?} | jq '.ChangeInfo.Status'
-    # "INSYNC"
-    ```
-  </TabItem>
-</Tabs>
+(!docs/pages/includes/dns.mdx!)
 
 Use the following command to confirm that Teleport is running: