Merge branch 'v0.11' into create_blob_typo

daprdocs/content/en/operations/hosting/kubernetes/kubernetes-annotations.md

@@ -17,6 +17,7 @@ The following table shows all the supported pod Spec annotations supported by Da
 | `dapr.io/config`                                  | Tells Dapr which Configuration CRD to use
 | `dapr.io/log-as-json`                             | Setting this parameter to `true` outputs logs in JSON format. Default is `false`
 | `dapr.io/enable-profiling`                        | Setting this paramater to `true` starts the Dapr profiling server on port `7777`. Default is `false`
+| `dapr.io/api-token-secret`                        | Tells Dapr which Kubernetes secret to use for token based API authentication. By default this is not set.
 | `dapr.io/app-protocol`                            | Tells Dapr which protocol your application is using. Valid options are `http` and `grpc`. Default is `http`
 | `dapr.io/app-max-concurrency`                     | Limit the concurrency of your application. A valid value is any number larger than `0`
 | `dapr.io/app-ssl`   | Tells Dapr to invoke the app over an insecure SSL connection. Applies to both HTTP and gRPC. Default is `false`.

daprdocs/content/en/operations/hosting/kubernetes/kubernetes-production.md

@@ -138,12 +138,19 @@ NAME     	CHART VERSION	APP VERSION	DESCRIPTION
 dapr/dapr	1.0.0-rc.1   	1.0.0-rc.1 	A Helm chart for Dapr on Kubernetes
 ```
 
-The APP VERSION column tells us which Dapr runtime version is installed by the chart.
+The APP VERSION column tells us which Dapr runtime version is installed by the chart. Now, use the following command to upgrade Dapr to your desired runtime version providing a path to the certificate files you saved before:
 
-Use the following command to upgrade Dapr to your desired runtime version providing a path to the certificate files you saved:
+> Remove `--set global.ha.enabled=true` if current Dapr installation has not been deployed in HA mode.
 
 ```bash
-helm upgrade dapr dapr/dapr --version <Dapr chart version> --namespace dapr-system --reset-values --set-file dapr_sentry.tls.root.certPEM=ca.crt --set-file dapr_sentry.tls.issuer.certPEM=issuer.crt --set-file dapr_sentry.tls.issuer.keyPEM=issuer.key
+helm upgrade dapr dapr/dapr \
+    --version <Dapr chart version> \
+    --namespace dapr-system \
+    --reset-values \
+    --set-file dapr_sentry.tls.root.certPEM=certs/ca.crt \
+    --set-file dapr_sentry.tls.issuer.certPEM=certs/issuer.crt \
+    --set-file dapr_sentry.tls.issuer.keyPEM=certs/issuer.key \
+    --set global.ha.enabled=true
 ```
 
 Kubernetes now performs a rolling update. Wait until all the new pods appear as running:

daprdocs/content/en/operations/security/api-token.md

@@ -1,6 +1,6 @@
 ---
 type: docs
-title: "Enable API token based authentication"
+title: "Enable token based API authentication"
 linkTitle: "API token auth"
 weight: 3000
 description: "Require every incoming API request to include an authentication token before allowing that request to pass through"
@@ -14,7 +14,7 @@ Dapr uses [JWT](https://jwt.io/) tokens for API authentication.
 
 > Note, while Dapr itself is actually not the JWT token issuer in this implementation, being explicit about the use of JWT standard enables federated implementations in the future (e.g. OAuth2).
 
-To configure APIs authentication, start by generating your token using any JWT token compatible tool (e.g. https://jwt.io/) and your secret. 
+To configure API authentication, start by generating your token using any JWT token compatible tool (e.g. https://jwt.io/) and your secret. 
 
 > Note, that secret is only necessary to generate the token, and Dapr doesn't need to know about or store it