Automator: update istio.io@ reference docs (#14011)

content/en/docs/reference/config/networking/sidecar/index.html

@@ -423,6 +423,77 @@ spec:
 </code></pre>
 <p>{{</tab>}}
 {{</tabset>}}</p>
+<p>In addition to configuring traffic capture and how traffic is forwarded to the app,
+it&rsquo;s possible to control inbound connection pool settings. By default, Istio pushes
+connection pool settings from <code>DestinationRules</code> to both clients (for outbound
+connections to the service) as well as servers (for inbound connections to a service
+instance). Using the <code>InboundConnectionPool</code> and per-port <code>ConnectionPool</code> settings
+in a <code>Sidecar</code> allow you to control those connection pools for the server separately
+from the settings pushed to all clients.</p>
+<p>{{<tabset category-name="example">}}
+{{<tab name="v1alpha3" category-value="v1alpha3">}}</p>
+<pre><code class="language-yaml">apiVersion: networking.istio.io/v1alpha3
+kind: Sidecar
+metadata:
+  name: connection-pool-settings
+  namespace: prod-us1
+spec:
+  workloadSelector:
+    labels:
+      app: productpage
+  inboundConnectionPool:
+      http:
+        http1MaxPendingRequests: 1024
+        http2MaxRequests: 1024
+        maxRequestsPerConnection: 1024
+        maxRetries: 100
+  ingress:
+  - port:
+      number: 80
+      protocol: HTTP
+      name: somename
+    connectionPool:
+      http:
+        http1MaxPendingRequests: 1024
+        http2MaxRequests: 1024
+        maxRequestsPerConnection: 1024
+        maxRetries: 100
+      tcp:
+        maxConnections: 100
+</code></pre>
+<p>{{</tab>}}</p>
+<p>{{<tab name="v1beta1" category-value="v1beta1">}}</p>
+<pre><code class="language-yaml">apiVersion: networking.istio.io/v1beta1
+kind: Sidecar
+metadata:
+  name: connection-pool-settings
+  namespace: prod-us1
+spec:
+  workloadSelector:
+    labels:
+      app: productpage
+  inboundConnectionPool:
+      http:
+        http1MaxPendingRequests: 1024
+        http2MaxRequests: 1024
+        maxRequestsPerConnection: 1024
+        maxRetries: 100
+  ingress:
+  - port:
+      number: 80
+      protocol: HTTP
+      name: somename
+    connectionPool:
+      http:
+        http1MaxPendingRequests: 1024
+        http2MaxRequests: 1024
+        maxRequestsPerConnection: 1024
+        maxRetries: 100
+      tcp:
+        maxConnections: 100
+</code></pre>
+<p>{{</tab>}}
+{{</tabset>}}</p>
 
 <h2 id="Sidecar">Sidecar</h2>
 <section>
@@ -478,6 +549,39 @@ outbound traffic from the attached workload instance to other
 services in the mesh. If not specified, inherits the system
 detected defaults from the namespace-wide or the global default Sidecar.</p>
 
+</td>
+<td>
+No
+</td>
+</tr>
+<tr id="Sidecar-inbound_connection_pool">
+<td><code>inboundConnectionPool</code></td>
+<td><code><a href="/docs/reference/config/networking/destination-rule/#ConnectionPoolSettings">ConnectionPoolSettings</a></code></td>
+<td>
+<p>Settings controlling the volume of connections Envoy will accept from the network.
+This default will apply for all inbound listeners and can be overridden per-port
+in the <code>Ingress</code> field. This configuration mirrors the <code>DestinationRule</code>&rsquo;s
+<a href="/docs/reference/config/networking/destination-rule/#ConnectionPoolSettings"><code>connectionPool</code></a> field.</p>
+<p>By default, Istio applies a service&rsquo;s <code>DestinationRule</code> to client sidecars
+for outbound traffic directed at the service &ndash; the usual case folks think
+of when configuring a <code>DestinationRule</code> &ndash; but also to the server&rsquo;s inbound
+sidecar. The <code>Sidecar</code>&rsquo;s connection pool configures the server&rsquo;s inbound
+sidecar directly, so its settings can be different than clients&rsquo;. This is
+valuable, for example, when you have many clients calling few servers: a
+<code>DestinationRule</code> can limit the concurrency of any single client, while
+the <code>Sidecar</code> allows you to configure much higher concurrency on the server
+side.</p>
+<p>Connection pool settings for a server&rsquo;s inbound sidecar are configured in the
+following precedence, highest to lowest:</p>
+<ul>
+<li>per-port <code>ConnectionPool</code> from the <code>Sidecar</code></li>
+<li>top level <code>InboundConnectionPool</code> from the <code>Sidecar</code></li>
+<li>per-port <code>TrafficPolicy.ConnectionPool</code> from the <code>DestinationRule</code></li>
+<li>top level <code>TrafficPolicy.ConnectionPool</code> from the <code>DestinationRule</code></li>
+<li>default connection pool settings (essentially unlimited)</li>
+</ul>
+<p>In every case, the connection pool settings are overriden, not merged.</p>
+
 </td>
 <td>
 No
@@ -583,6 +687,23 @@ No
 sidecar for requests originating from outside the mesh.
 Currently supports only SIMPLE and MUTUAL TLS modes.</p>
 
+</td>
+<td>
+No
+</td>
+</tr>
+<tr id="IstioIngressListener-connection_pool">
+<td><code>connectionPool</code></td>
+<td><code><a href="/docs/reference/config/networking/destination-rule/#ConnectionPoolSettings">ConnectionPoolSettings</a></code></td>
+<td>
+<p>Settings controlling the volume of connections Envoy will accept from the network.
+This setting overrides the top-level default <code>inboundConnectionPool</code> to configure
+specific settings for this port. This configuration mirrors the <code>DestinationRule</code>&rsquo;s
+<a href="/docs/reference/config/networking/destination-rule/#TrafficPolicy-PortTrafficPolicy"><code>PortTrafficPolicy.connectionPool</code></a> field.
+This port level connection pool has the highest precedence in configuration,
+overriding both the <code>Sidecar</code>&rsquo;s top level <code>InboundConnectionPool</code> as well as any
+connection pooling settings from the <code>DestinationRule</code>.</p>
+
 </td>
 <td>
 No

content/zh/docs/reference/config/networking/sidecar/index.html

@@ -423,6 +423,77 @@ spec:
 </code></pre>
 <p>{{</tab>}}
 {{</tabset>}}</p>
+<p>In addition to configuring traffic capture and how traffic is forwarded to the app,
+it&rsquo;s possible to control inbound connection pool settings. By default, Istio pushes
+connection pool settings from <code>DestinationRules</code> to both clients (for outbound
+connections to the service) as well as servers (for inbound connections to a service
+instance). Using the <code>InboundConnectionPool</code> and per-port <code>ConnectionPool</code> settings
+in a <code>Sidecar</code> allow you to control those connection pools for the server separately
+from the settings pushed to all clients.</p>
+<p>{{<tabset category-name="example">}}
+{{<tab name="v1alpha3" category-value="v1alpha3">}}</p>
+<pre><code class="language-yaml">apiVersion: networking.istio.io/v1alpha3
+kind: Sidecar
+metadata:
+  name: connection-pool-settings
+  namespace: prod-us1
+spec:
+  workloadSelector:
+    labels:
+      app: productpage
+  inboundConnectionPool:
+      http:
+        http1MaxPendingRequests: 1024
+        http2MaxRequests: 1024
+        maxRequestsPerConnection: 1024
+        maxRetries: 100
+  ingress:
+  - port:
+      number: 80
+      protocol: HTTP
+      name: somename
+    connectionPool:
+      http:
+        http1MaxPendingRequests: 1024
+        http2MaxRequests: 1024
+        maxRequestsPerConnection: 1024
+        maxRetries: 100
+      tcp:
+        maxConnections: 100
+</code></pre>
+<p>{{</tab>}}</p>
+<p>{{<tab name="v1beta1" category-value="v1beta1">}}</p>
+<pre><code class="language-yaml">apiVersion: networking.istio.io/v1beta1
+kind: Sidecar
+metadata:
+  name: connection-pool-settings
+  namespace: prod-us1
+spec:
+  workloadSelector:
+    labels:
+      app: productpage
+  inboundConnectionPool:
+      http:
+        http1MaxPendingRequests: 1024
+        http2MaxRequests: 1024
+        maxRequestsPerConnection: 1024
+        maxRetries: 100
+  ingress:
+  - port:
+      number: 80
+      protocol: HTTP
+      name: somename
+    connectionPool:
+      http:
+        http1MaxPendingRequests: 1024
+        http2MaxRequests: 1024
+        maxRequestsPerConnection: 1024
+        maxRetries: 100
+      tcp:
+        maxConnections: 100
+</code></pre>
+<p>{{</tab>}}
+{{</tabset>}}</p>
 
 <h2 id="Sidecar">Sidecar</h2>
 <section>
@@ -478,6 +549,39 @@ outbound traffic from the attached workload instance to other
 services in the mesh. If not specified, inherits the system
 detected defaults from the namespace-wide or the global default Sidecar.</p>
 
+</td>
+<td>
+No
+</td>
+</tr>
+<tr id="Sidecar-inbound_connection_pool">
+<td><code>inboundConnectionPool</code></td>
+<td><code><a href="/zh/docs/reference/config/networking/destination-rule/#ConnectionPoolSettings">ConnectionPoolSettings</a></code></td>
+<td>
+<p>Settings controlling the volume of connections Envoy will accept from the network.
+This default will apply for all inbound listeners and can be overridden per-port
+in the <code>Ingress</code> field. This configuration mirrors the <code>DestinationRule</code>&rsquo;s
+<a href="/latest/docs/reference/config/networking/destination-rule/#ConnectionPoolSettings"><code>connectionPool</code></a> field.</p>
+<p>By default, Istio applies a service&rsquo;s <code>DestinationRule</code> to client sidecars
+for outbound traffic directed at the service &ndash; the usual case folks think
+of when configuring a <code>DestinationRule</code> &ndash; but also to the server&rsquo;s inbound
+sidecar. The <code>Sidecar</code>&rsquo;s connection pool configures the server&rsquo;s inbound
+sidecar directly, so its settings can be different than clients&rsquo;. This is
+valuable, for example, when you have many clients calling few servers: a
+<code>DestinationRule</code> can limit the concurrency of any single client, while
+the <code>Sidecar</code> allows you to configure much higher concurrency on the server
+side.</p>
+<p>Connection pool settings for a server&rsquo;s inbound sidecar are configured in the
+following precedence, highest to lowest:</p>
+<ul>
+<li>per-port <code>ConnectionPool</code> from the <code>Sidecar</code></li>
+<li>top level <code>InboundConnectionPool</code> from the <code>Sidecar</code></li>
+<li>per-port <code>TrafficPolicy.ConnectionPool</code> from the <code>DestinationRule</code></li>
+<li>top level <code>TrafficPolicy.ConnectionPool</code> from the <code>DestinationRule</code></li>
+<li>default connection pool settings (essentially unlimited)</li>
+</ul>
+<p>In every case, the connection pool settings are overriden, not merged.</p>
+
 </td>
 <td>
 No
@@ -583,6 +687,23 @@ No
 sidecar for requests originating from outside the mesh.
 Currently supports only SIMPLE and MUTUAL TLS modes.</p>
 
+</td>
+<td>
+No
+</td>
+</tr>
+<tr id="IstioIngressListener-connection_pool">
+<td><code>connectionPool</code></td>
+<td><code><a href="/zh/docs/reference/config/networking/destination-rule/#ConnectionPoolSettings">ConnectionPoolSettings</a></code></td>
+<td>
+<p>Settings controlling the volume of connections Envoy will accept from the network.
+This setting overrides the top-level default <code>inboundConnectionPool</code> to configure
+specific settings for this port. This configuration mirrors the <code>DestinationRule</code>&rsquo;s
+<a href="/latest/docs/reference/config/networking/destination-rule/#TrafficPolicy-PortTrafficPolicy"><code>PortTrafficPolicy.connectionPool</code></a> field.
+This port level connection pool has the highest precedence in configuration,
+overriding both the <code>Sidecar</code>&rsquo;s top level <code>InboundConnectionPool</code> as well as any
+connection pooling settings from the <code>DestinationRule</code>.</p>
+
 </td>
 <td>
 No