dapr
/
docs
mirror of https://github.com/dapr/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/master'

This commit is contained in:
Kai Walter 2020-07-07 14:24:46 +00:00
parent 426fe0840b ff576c9752
commit 92efe1c827
4 changed files with 26 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
concepts/configuration/README.md
View File

@ -3,10 +3,10 @@ Dapr configurations are settings that enable you to change the behavior of indiv
An example of a per Dapr sidecar setting is configuring trace settings. An example of a control plane setting is mutual TLS which is a global setting on the Sentry system service.
- [Self hosted sidecar configuration](#Self-hosted-sidecar-configuration)
- [Kubernetes sidecar configuration](#Kubernetes-sidecar-configuration)
- [Self hosted sidecar configuration](#self-hosted-sidecar-configuration)
- [Kubernetes sidecar configuration](#kubernetes-sidecar-configuration)
- [Sidecar Configuration settings](#sidecar-configuration-settings)
- [Kubernetes control plane configuration](#Kubernetes-control-plane-configuration)
- [Kubernetes control plane configuration](#kubernetes-control-plane-configuration)
- [Control plane configuration settings](#control-plane-configuration-settings)
## Self hosted sidecar configuration
@ -36,7 +36,7 @@ A Dapr sidecar can apply a specific configuration by using a ```dapr.io/config``
dapr.io/port: "3000"
dapr.io/config: "myappconfig"
```
Note: There are more [Kubernetes annotations](../../howto/configure-k8s/readme.md) available to configure the Dapr sidecar on activation by sidecar Injector system service.
Note: There are more [Kubernetes annotations](../../howto/configure-k8s/README.md) available to configure the Dapr sidecar on activation by sidecar Injector system service.
## Sidecar configuration settings
@ -109,7 +109,7 @@ There is a single configuration file called `default` installed with the control
A Dapr control plane configuration can configure the following settings:
* [Mutual TLS](../../howto/configure-mtls/readme.md). Also see [security concepts](../security/readme.md)
* [Mutual TLS](../../howto/configure-mtls/README.md). Also see [security concepts](../security/README.md)
Property | Type | Description
@ -136,5 +136,5 @@ spec:
## References
* [Distributed tracing](../observability/traces.md)
* [Middleware pipelines](../middleware/README.md)
* [Security](../security/readme.md)
* [How-To: Configuring the Dapr sidecar on Kubernetes](../../howto/configure-k8s/readme.md)
* [Security](../security/README.md)
* [How-To: Configuring the Dapr sidecar on Kubernetes](../../howto/configure-k8s/README.md)

2
concepts/observability/README.md
View File

@ -5,7 +5,7 @@ Observability is a term from control theory. Observability means you can answer
The observability capabilities enable users to monitor the Dapr system services, their interaction with user applications and understand how these monitored services behave. The observability capabilities are divided into the following areas;
* **[Metrics](./metrics.md)**: are the series of measured values and counts that are collected and stored over time. Dapr metrics provide monitoring and understanding of the behavior of Dapr system services and user apps. For example, the service metrics between Dapr sidecars and user apps show call latency, traffic failures, error rates of requests etc. Dapr system services metrics show side car injection failures, health of the system services including CPU usage, number of actor placement made etc.
* **[Logs](./logs.md)**: are records of events that occur occur that can be used to determine failures or other status. Logs events contain warning, error, info and debug messages produced by Dapr system services. Each log event includes metadata such as message type, hostname, component name, App ID, ip address, etc.
* **[Logs](./logs.md)**: are records of events that occur and can be used to determine failures or another status. Logs events contain warning, error, info, and debug messages produced by Dapr system services. Each log event includes metadata such as message type, hostname, component name, App ID, ip address, etc.
* **[Distributed tracing](./traces.md)**: is used to profile and monitor Dapr system services and user apps. Distributed tracing helps pinpoint where failures occur and what causes poor performance. Distributed tracing is particularly well-suited to debugging and monitoring distributed software architectures, such as microservices.
You can use distributed tracing to help debug and optimize application code. Distributed tracing contains trace spans between the Dapr runtime, Dapr system services, and user apps across process, nodes, network, and security boundaries. It provides a detailed understanding of service invocations (call flows) and service dependencies.

20
concepts/secrets/component-secrets.md
View File

@ -12,19 +12,31 @@ Go to [this](../../howto/setup-secret-store/README.md) link to see all the secre
## Non default namespaces
If your Dapr enabled apps are using components that fetch secrets from non-default namespaces, apply the following resource to the namespace:
If your Dapr enabled apps are using components that fetch secrets from non-default namespaces, apply the following resources to the namespace:
```yaml
kind: ClusterRoleBinding
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: secret-reader
namespace: <NAMESPACE>
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: dapr-secret-reader
namespace: <NAMESPACE>
subjects:
- kind: ServiceAccount
name: default
namespace: <YOUR-NAMESPACE-HERE>
roleRef:
kind: ClusterRole
kind: Role
name: secret-reader
apiGroup: rbac.authorization.k8s.io
```

2
overview/README.md
View File

@ -91,7 +91,7 @@ You can use the [Dapr CLI](https://github.com/dapr/cli#launch-dapr-and-your-app)
## Running Dapr in Kubernetes mode
Dapr can be configured to run on any [Kubernetes cluster](https://github.com/dapr/samples/tree/master/2.hello-kubernetes). In Kubernetes the `dapr-sidecar-injector` and `dapr-operator` services provide first class integration to launch Dapr as a sidecar container in the same pod as the service container and provide notifications of Dapr component updates provisioned into the cluster.
Dapr can be configured to run on any [Kubernetes cluster](https://github.com/dapr/samples/tree/master/2.hello-kubernetes). In Kubernetes the `dapr-sidecar-injector` and `dapr-operator` services provide first class integration to launch Dapr as a sidecar container in the same pod as the service container and provide notifications of Dapr component updates provisioned into the cluster. Additionally, the `dapr-sidecar-injector` also injects the environment variables `DAPR_HTTP_PORT` and `DAPR_GRPC_PORT` into **all** the containers in the pod to enable user defined applications to easily communicate with Dapr without hardcoding Dapr port values.
The `dapr-sentry` service is a certificate authority that enables mutual TLS between Dapr sidecar instances for secure data encryption. For more information on the `Sentry` service read the [security overview](../concepts/security/README.md#dapr-to-dapr-communication)