Added cleanup for mtls. (#1473)

2018-06-08 06:37:03 +08:00 · 2018-06-08 06:37:03 +08:00 · 329e6acff6
parent 4d4b297542
commit 329e6acff6
1 changed files with 10 additions and 2 deletions
--- a/content/docs/tasks/security/mutual-tls.md
+++ b/content/docs/tasks/security/mutual-tls.md
@ -17,7 +17,7 @@ This task assumes you have a Kubernetes cluster:
 * Installed Istio with global mutual TLS enabled:

    ```command
-    $ kubectl apply -f @install/kubernetes/istio-auth.yaml@
+    $ kubectl apply -f @install/kubernetes/istio-demo-auth.yaml@
    ```
    _**OR**_
    Using [Helm](/docs/setup/kubernetes/helm-install/) with `global.mtls.enabled` to `true`.
@ -128,7 +128,7 @@ Assuming mutual TLS authentication is properly turned on, it should not affect c
 1. However, request will success if client certificate is provided

    ```command
-    $ kubectl exec $(kubectl get pod -l app=sleep -o jsonpath={.items..metadata.name}) -c istio-proxy -- curl https://httpbin:8000/headers -o /dev/null -s -w '%{http_code}\n' --key /etc/certs/key.pem --cert /etc/certs/cert-chain.pem --cacert /etc/certs/root-cert.pem -k'
+    $ kubectl exec $(kubectl get pod -l app=sleep -o jsonpath={.items..metadata.name}) -c istio-proxy -- curl https://httpbin:8000/headers -o /dev/null -s -w '%{http_code}\n' --key /etc/certs/key.pem --cert /etc/certs/cert-chain.pem --cacert /etc/certs/root-cert.pem -k
    200
    ```

@ -149,6 +149,14 @@ Assuming mutual TLS authentication is properly turned on, it should not affect c
    command terminated with exit code 56
    ```

+## Cleanup
+
+```command
+$ kubectl delete --ignore-not-found=true -f @samples/httpbin/httpbin.yaml@
+$ kubectl delete --ignore-not-found=true -f @samples/sleep/sleep.yaml@
+$ kubectl delete --ignore-not-found=true ns legacy
+```
+
 ## What's next

 * Learn more about the design principles behind Istio's automatic mutual TLS authentication