From ac3967eb8d3c2ed9671b3e658ba80cd41bc92ea5 Mon Sep 17 00:00:00 2001 From: merusso Date: Wed, 15 Jun 2022 05:34:14 -0500 Subject: [PATCH] Fix ServiceEntry example in concepts/traffic-management (#11398) * Fix ServiceEntry example in concepts/traffic-management (#11396) This change replaces the incorrect mTLS egress example with a simpler, valid example that adjusts the TCP connection timeout. Page: Documentation / Concepts / Traffic Management Section: Service entry example URL: https://istio.io/latest/docs/concepts/traffic-management/#service-entry-example * Revert apiVersion change in DestinationRule example Change back to v1alpha3 to be consistent with rest of page Co-authored-by: John Howard Co-authored-by: John Howard --- content/en/docs/concepts/traffic-management/index.md | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/content/en/docs/concepts/traffic-management/index.md b/content/en/docs/concepts/traffic-management/index.md index 11d168a545..b42670b9c1 100644 --- a/content/en/docs/concepts/traffic-management/index.md +++ b/content/en/docs/concepts/traffic-management/index.md @@ -557,8 +557,8 @@ fully or use a wildcard prefixed domain name. You can configure virtual services and destination rules to control traffic to a service entry in a more granular way, in the same way you configure traffic for any other service in the mesh. For example, the following destination rule -configures the traffic route to use mutual TLS to secure the connection to the -`ext-svc.example.com` external service that we configured using the service entry: +adjusts the TCP connection timeout for requests to the `ext-svc.example.com` +external service that we configured using the service entry: {{< text yaml >}} apiVersion: networking.istio.io/v1alpha3 @@ -568,11 +568,9 @@ metadata: spec: host: ext-svc.example.com trafficPolicy: - tls: - mode: MUTUAL - clientCertificate: /etc/certs/myclientcert.pem - privateKey: /etc/certs/client_private_key.pem - caCertificates: /etc/certs/rootcacerts.pem + connectionPool: + tcp: + connectTimeout: 1s {{< /text >}} See the