mirror of https://github.com/istio/istio.io.git
Automatically a warning to older blog posts about them being potentially out of date. (#5134)
This commit is contained in:
Martin Taillefer
GitHub
parent
d5482da0aa
commit
612d10c921
|
|
@ -148,12 +148,13 @@ A few front-matter fields are specific to section pages (i.e. for files names `_
|
|||
|
||||
There are a few more front matter fields available specifically for blog posts:
|
||||
|
||||
|Field | Description
|
||||
|---------------|------------
|
||||
|`publishdate` | Date of the post's original publication
|
||||
|`last_update` | Date when the post last received a major revision
|
||||
|`attribution` | Optional name of the post's author
|
||||
|`twitter` | Optional Twitter handle of the post's author
|
||||
|Field | Description
|
||||
|----------------|------------
|
||||
|`publishdate` | Date of the post's original publication
|
||||
|`last_update` | Date when the post last received a major revision
|
||||
|`attribution` | Optional name of the post's author
|
||||
|`twitter` | Optional Twitter handle of the post's author
|
||||
|`target_release`| Release this blog is written with in mind (this is normally the current major Istio release at the time the blog is authored or updated)
|
||||
|
||||
## Adding images
|
||||
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ attribution: The Istio Team
|
|||
aliases:
|
||||
- /blog/0.1-auth.html
|
||||
- /blog/istio-auth-for-microservices.html
|
||||
target_release: 0.1
|
||||
---
|
||||
|
||||
Conventional network security approaches fail to address security threats to distributed applications deployed in dynamic production environments. Today, we describe how Istio Auth enables enterprises to transform their security posture from just protecting the edge to consistently securing all inter-service communications deep within their applications. With Istio Auth, developers and operators can protect services with sensitive data against unauthorized insider access and they can achieve this without any changes to the application code!
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ attribution: Frank Budinsky
|
|||
keywords: [traffic-management,canary]
|
||||
aliases:
|
||||
- /blog/canary-deployments-using-istio.html
|
||||
target_release: 0.7
|
||||
---
|
||||
|
||||
{{< tip >}}
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ subtitle:
|
|||
attribution: Spike Curtis
|
||||
aliases:
|
||||
- /blog/using-network-policy-in-concert-with-istio.html
|
||||
target_release: 0.1
|
||||
---
|
||||
|
||||
The use of Network Policy to secure applications running on Kubernetes is a now a widely accepted industry best practice. Given that Istio also supports policy, we want to spend some time explaining how Istio policy and Kubernetes Network Policy interact and support each other to deliver your application securely.
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ attribution: Martin Taillefer
|
|||
keywords: [adapters,mixer,policies,telemetry]
|
||||
aliases:
|
||||
- /blog/mixer-adapter-model.html
|
||||
target_release: 0.2
|
||||
---
|
||||
|
||||
Istio 0.2 introduced a new Mixer adapter model which is intended to increase Mixer’s flexibility to address a varied set of infrastructure backends. This post intends to put the adapter model in context and explain how it works.
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ keywords: [adapters,mixer,policies,telemetry,availability,latency]
|
|||
aliases:
|
||||
- /blog/posts/2017/mixer-spof-myth.html
|
||||
- /blog/mixer-spof-myth.html
|
||||
target_release: 0.3
|
||||
---
|
||||
|
||||
As [Mixer](/docs/reference/config/policy-and-telemetry/) is in the request path, it is natural to question how it impacts
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ last_update: 2019-01-16
|
|||
subtitle: Ingress AWS Network Load Balancer
|
||||
attribution: Julien SENON
|
||||
keywords: [ingress,traffic-management,aws]
|
||||
target_release: 1.0
|
||||
---
|
||||
|
||||
{{< tip >}}
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ publishdate: 2018-07-30
|
|||
subtitle:
|
||||
attribution: Dinesh Subhraveti (AppOrbit and Columbia University)
|
||||
keywords: [appswitch,performance]
|
||||
target_release: 1.0
|
||||
---
|
||||
|
||||
{{< quote >}}
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ last_update: 2019-04-11
|
|||
subtitle: Mesh-external service entries for egress HTTPS traffic
|
||||
attribution: Vadim Eisenberg
|
||||
keywords: [traffic-management,egress,https]
|
||||
target_release: 1.1
|
||||
---
|
||||
|
||||
In many cases, not all the parts of a microservices-based application reside in a _service mesh_. Sometimes, the
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ last_update: 2019-04-18
|
|||
subtitle: Istio Egress Control Options for MongoDB traffic
|
||||
attribution: Vadim Eisenberg
|
||||
keywords: [traffic-management,egress,tcp,mongo]
|
||||
target_release: 1.1
|
||||
---
|
||||
|
||||
In the [Consuming External TCP Services](/blog/2018/egress-tcp/) blog post, I described how external services
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ publishdate: 2018-06-22
|
|||
last_update: 2019-03-04
|
||||
attribution: Vadim Eisenberg and Ronen Schaffer (IBM)
|
||||
keywords: [egress,traffic-management,access-control,monitoring]
|
||||
target_release: 1.1
|
||||
---
|
||||
|
||||
While Istio's main focus is management of traffic between microservices inside a service mesh, Istio can also manage
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ attribution: Vadim Eisenberg
|
|||
aliases:
|
||||
- /docs/tasks/traffic-management/egress-tcp/
|
||||
keywords: [traffic-management,egress,tcp]
|
||||
target_release: 1.0
|
||||
---
|
||||
|
||||
{{< tip >}}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ description: How to export Istio Access Logs to different sinks like BigQuery, G
|
|||
publishdate: 2018-07-09
|
||||
subtitle:
|
||||
attribution: Nupur Garg and Douglas Reid
|
||||
target_release: 0.8
|
||||
---
|
||||
|
||||
This post shows how to direct Istio logs to [Stackdriver](https://cloud.google.com/stackdriver/)
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ description: How HP is building its next-generation footwear personalization pla
|
|||
subtitle: How HP is building its next-generation footwear personalization platform on Istio
|
||||
publishdate: 2018-07-31
|
||||
attribution: Steven Ceuppens, Chief Software Architect @ HP FitStation, Open Source Advocate & Contributor
|
||||
target_release: 1.0
|
||||
---
|
||||
|
||||
The FitStation team at HP strongly believes in the future of Kubernetes, BPF and service-mesh as the next standards in cloud infrastructure. We are also very happy to see Istio coming to its official Istio 1.0 release -- thanks to the joint collaboration that started at Google, IBM and Lyft beginning in May 2017.
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ subtitle:
|
|||
attribution: Sandeep Parikh
|
||||
twitter: crcsmnky
|
||||
keywords: [traffic-management,gateway]
|
||||
target_release: 1.0
|
||||
---
|
||||
|
||||
Traffic management is one of the critical benefits provided by Istio. At the heart of Istio’s traffic management is the ability to decouple traffic flow and infrastructure scaling. This lets you control your traffic in ways that aren’t possible without a service mesh like Istio.
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ publishdate: 2018-07-20
|
|||
subtitle:
|
||||
attribution: Limin Wang
|
||||
keywords: [authorization,rbac,security]
|
||||
target_release: 0.8
|
||||
---
|
||||
|
||||
Micro-segmentation is a security technique that creates secure zones in cloud deployments and allows organizations to
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ subtitle:
|
|||
description: Istio hosting an all day Twitch stream to celebrate the 1.0 release.
|
||||
publishdate: 2018-08-03
|
||||
attribution: Spencer Krum, IBM
|
||||
target_release: 1.0
|
||||
---
|
||||
|
||||
To celebrate the 1.0 release and to promote the software to a wider audience, the Istio community is hosting an all day live stream on Twitch on August 17th.
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ publishdate: 2018-04-19
|
|||
subtitle: Using multiple Istio control planes and RBAC to create multi-tenancy
|
||||
attribution: John Joyce and Rich Curran
|
||||
keywords: [tenancy]
|
||||
target_release: 0.7
|
||||
---
|
||||
|
||||
Multi-tenancy is commonly used in many environments across many different applications,
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ publishdate: 2018-02-08
|
|||
subtitle: Routing rules for HTTP traffic
|
||||
attribution: Christian Posta
|
||||
keywords: [traffic-management,mirroring]
|
||||
target_release: 0.5
|
||||
---
|
||||
|
||||
Trying to enumerate all the possible combinations of test cases for testing services in non-production/test environments can be daunting. In some cases, you'll find that all of the effort that goes into cataloging these use cases doesn't match up to real production use cases. Ideally, we could use live production use cases and traffic to help illuminate all of the feature areas of the service under test that we might miss in more contrived testing environments.
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ publishdate: 2018-04-25
|
|||
subtitle:
|
||||
attribution: Frank Budinsky (IBM) and Shriram Rajagopalan (VMware)
|
||||
keywords: [traffic-management]
|
||||
target_release: 0.7
|
||||
---
|
||||
|
||||
Up until now, Istio has provided a simple API for traffic management using four configuration resources:
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ description: Using Istio to secure multi-cloud Kubernetes applications with zero
|
|||
publishdate: 2019-09-18
|
||||
attribution: Anton Aleksandrov (IBM)
|
||||
keywords: [security,oidc,jwt,policies]
|
||||
target_release: 1.3
|
||||
---
|
||||
|
||||
If you are running your containerized applications on Kubernetes, you can benefit from using the App Identity and Access Adapter for an abstracted level of security with zero code changes or redeploys.
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ publishdate: 2019-01-14
|
|||
subtitle:
|
||||
attribution: Dinesh Subhraveti (AppOrbit and Columbia University)
|
||||
keywords: [appswitch,performance]
|
||||
target_release: 1.0
|
||||
---
|
||||
|
||||
We are going through an interesting cycle of application decomposition and recomposition. While the microservice paradigm is driving monolithic applications to be broken into separate individual services, the service mesh approach is helping them to be connected back together into well-structured applications. As such, microservices are logically separate but not independent. They are usually closely interdependent and taking them apart introduces many new concerns such as need for mutual authentication between services. Istio directly addresses most of those issues.
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ subtitle: Custom ingress gateway
|
|||
publishdate: 2019-01-10
|
||||
keywords: [ingress,traffic-management]
|
||||
attribution: Julien Senon
|
||||
target_release: 1.0
|
||||
---
|
||||
|
||||
This post provides instructions to manually create a custom ingress [gateway](/docs/reference/config/networking/v1alpha3/gateway/) with automatic provisioning of certificates based on cert-manager.
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ subtitle:
|
|||
attribution: Manish Chugtu
|
||||
twitter: chugtum
|
||||
keywords: [kubernetes,sidecar-injection, traffic-management]
|
||||
|
||||
target_release: 1.0
|
||||
---
|
||||
A simple overview of an Istio service-mesh architecture always starts with describing the control-plane and data-plane.
|
||||
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ publishdate: 2019-01-31
|
|||
subtitle: An Istio Egress Gateway performance assessment
|
||||
attribution: Jose Nativio, IBM
|
||||
keywords: [performance,traffic-management,egress,mongo]
|
||||
target_release: 1.0
|
||||
---
|
||||
|
||||
The main objective of this investigation was to determine the impact on performance and resource utilization when an egress gateway is added in the service mesh to access an external service (MongoDB, in this case). The steps to configure an egress gateway for an external MongoDB are described in the blog [Consuming External MongoDB Services](/blog/2018/egress-mongo/).
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ description: Attacks involving egress traffic and requirements for egress traffi
|
|||
publishdate: 2019-05-22
|
||||
attribution: Vadim Eisenberg (IBM)
|
||||
keywords: [traffic-management,egress,security]
|
||||
target_release: 1.1
|
||||
---
|
||||
|
||||
This is part 1 in a new series about secure control of egress traffic in Istio that I am going to publish.
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ description: Use Istio Egress Traffic Control to prevent attacks involving egres
|
|||
publishdate: 2019-07-10
|
||||
attribution: Vadim Eisenberg (IBM)
|
||||
keywords: [traffic-management,egress,security,gateway,tls]
|
||||
target_release: 1.2
|
||||
---
|
||||
|
||||
Welcome to part 2 in our new series about secure control of egress traffic in Istio.
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ description: Comparison of alternative solutions to control egress traffic inclu
|
|||
publishdate: 2019-07-22
|
||||
attribution: Vadim Eisenberg (IBM)
|
||||
keywords: [traffic-management,egress,security,gateway,tls]
|
||||
target_release: 1.2
|
||||
---
|
||||
|
||||
Welcome to part 3 in our series about secure control of egress traffic in Istio.
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ description: "The design principles behind Istio's APIs and how those APIs are e
|
|||
publishdate: 2019-08-05
|
||||
attribution: Louis Ryan (Google), Sandeep Parikh (Google)
|
||||
keywords: [apis,composability,evolution]
|
||||
target_release: 1.2
|
||||
---
|
||||
|
||||
One of Istio’s main goals has always been, and continues to be, enabling teams to develop abstractions that work best for their specific organization and workloads. Istio provides robust and powerful building blocks for service-to-service networking. Since [Istio 0.1](/news/2017/announcing-0.1), the Istio team has been learning from production users about how they map their own architectures, workloads, and constraints to Istio’s capabilities, and we’ve been evolving Istio’s APIs to make them work better for you.
|
||||
|
|
|
|||
|
|
@ -5,7 +5,9 @@ description: Deploy environments that require isolation into separate meshes and
|
|||
publishdate: 2019-10-02
|
||||
attribution: Vadim Eisenberg (IBM)
|
||||
keywords: [traffic-management,multicluster,security,gateway,tls]
|
||||
target_release: 1.3
|
||||
---
|
||||
|
||||
Various compliance standards require protection of sensitive data environments. Some of the important standards and the
|
||||
types of sensitive data they protect appear in the following table:
|
||||
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ publishdate: 2019-03-19
|
|||
subtitle: An overview of Istio 1.1 performance improvements
|
||||
attribution: Surya V Duggirala (IBM), Mandar Jog (Google), Jose Nativio (IBM)
|
||||
keywords: [performance,scalability,scale,benchmarks]
|
||||
target_release: 1.1
|
||||
---
|
||||
|
||||
Hyper-scale, microservice-based cloud environments have been exciting to build but challenging to manage. Along came Kubernetes (container orchestration) in 2014, followed by Istio (container service management) in 2017. Both open-source projects enable developers to scale container-based applications without spending too much time on administration tasks.
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ description: Demonstrates a Mixer out-of-process adapter which implements the Kn
|
|||
publishdate: 2019-09-18
|
||||
attribution: Idan Zach (IBM)
|
||||
keywords: [mixer,adapter,knative,scale-from-zero]
|
||||
target_release: 1.3
|
||||
---
|
||||
|
||||
This post demonstrates how you can use [Mixer](/faq/mixer/) to push application logic
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ description: "How can you use Istio to monitor blocked and passthrough external
|
|||
publishdate: 2019-09-28
|
||||
attribution: Neeraj Poddar (Aspen Mesh)
|
||||
keywords: [monitoring,blackhole,passthrough]
|
||||
target_release: 1.3
|
||||
---
|
||||
|
||||
Understanding, controlling and securing your external service access is one
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ publishdate: 2019-02-07
|
|||
subtitle:
|
||||
attribution: Frank Budinsky (IBM)
|
||||
keywords: [traffic-management,multicluster]
|
||||
target_release: 1.0
|
||||
---
|
||||
|
||||
If you've spent any time looking at Istio, you've probably noticed that it includes a lot of features that
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ last_update: 2019-09-05
|
|||
subtitle:
|
||||
attribution: Megan O'Keefe (Google), John Howard (Google), Mandar Jog (Google)
|
||||
keywords: [performance,scalability,scale,benchmarks]
|
||||
target_release: 1.2
|
||||
---
|
||||
|
||||
Service meshes add a lot of functionality to application deployments, including [traffic policies](/docs/concepts/what-is-istio/#traffic-management), [observability](/docs/concepts/what-is-istio/#observability), and [secure communication](/docs/concepts/what-is-istio/#security). But adding a service mesh to your environment comes at a cost, whether that's time (added latency) or resources (CPU cycles). To make an informed decision on whether a service mesh is right for your use case, it's important to evaluate how your application performs when deployed with a service mesh.
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ description: Learn how to extend the lifetime of Istio self-signed root certific
|
|||
publishdate: 2019-06-07
|
||||
attribution: Oliver Liu
|
||||
keywords: [security, PKI, certificate, Citadel]
|
||||
target_release: 1.1
|
||||
---
|
||||
|
||||
Istio self-signed certificates have historically had a 1 year default lifetime.
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ publishdate: 2019-02-05
|
|||
last_update: 2019-09-27
|
||||
attribution: Rigs Caballero, Google
|
||||
keywords: [community,blog,contribution,guide,guideline,event]
|
||||
target_release: 1.3
|
||||
---
|
||||
|
||||
Welcome to the Istio blog!
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ description: Taking advantage of Kubernetes trustworthy JWTs to issue certificat
|
|||
publishdate: 2019-09-10
|
||||
attribution: Phillip Quy Le (Google)
|
||||
keywords: [security, PKI, certificate, nodeagent, sds]
|
||||
target_release: 1.2
|
||||
---
|
||||
|
||||
In Istio 1.3, we are taking advantage of improvements in Kubernetes to issue certificates for workload instances more securely.
|
||||
|
|
|
|||
|
|
@ -204,3 +204,6 @@ other = "Description"
|
|||
|
||||
[analysis_level]
|
||||
other = "Level"
|
||||
|
||||
[target_release]
|
||||
other = "This blog post was written a while ago and assumed Istio %v. Be aware that there have been many improvements to Isito since then and so some of this content may now be outdated."
|
||||
|
|
|
|||
|
|
@ -111,3 +111,28 @@
|
|||
</div>
|
||||
</nav>
|
||||
{{ end }}
|
||||
|
||||
{{ if .Page.Params.target_release }}
|
||||
{{ $page_parts := split .Page.Params.target_release "." }}
|
||||
{{ $page_version := int (index $page_parts 0) }}
|
||||
{{ $page_revision := int (index $page_parts 1) }}
|
||||
{{ $page_normalized_version := add (add (mul $page_version 1000000) (mul $page_revision 1000)) 0 }}
|
||||
|
||||
{{ $site_parts := split .Site.Data.args.version "." }}
|
||||
{{ $site_version := int (index $site_parts 0) }}
|
||||
{{ $site_revision := int (index $site_parts 1) }}
|
||||
{{ $site_normalized_version := add (add (mul $site_version 1000000) (mul $site_revision 1000)) 0 }}
|
||||
|
||||
{{ if gt $site_normalized_version $page_normalized_version }}
|
||||
<div>
|
||||
<aside class="callout warning">
|
||||
<div class="type">
|
||||
{{- partial "large_icon.html" "callout-warning" -}}
|
||||
</div>
|
||||
<div class="content">
|
||||
{{ printf (i18n "target_release") .Page.Params.target_release }}
|
||||
</div>
|
||||
</aside>
|
||||
</div>
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
Loading…
Reference in New Issue