Remove old snippet examples (#7594)

examples/TestAuthorizationForHTTPServices.txt

@@ -1,153 +0,0 @@
-$snippet enabling_istio_authorization.sh syntax="bash"
-$ kubectl apply -f @samples/bookinfo/platform/kube/rbac/rbac-config-ON.yaml@
-$endsnippet
-
-$snippet enforcing_namespace_level_access_control_apply.sh syntax="bash"
-$ kubectl apply -f @samples/bookinfo/platform/kube/rbac/namespace-policy.yaml@
-$endsnippet
-
-$snippet enforcing_namespace_level_access_control_apply.sh_output
-servicerole.rbac.istio.io/service-viewer created
-servicerolebinding.rbac.istio.io/bind-service-viewer created
-$endsnippet
-
-$snippet enforcing_namespace_level_access_control_delete.sh syntax="bash"
-$ kubectl delete -f @samples/bookinfo/platform/kube/rbac/namespace-policy.yaml@
-$endsnippet
-
-$snippet enforcing_namespace_level_access_control_service_viewer.yaml syntax="yaml"
-apiVersion: "rbac.istio.io/v1alpha1"
-kind: ServiceRole
-metadata:
-  name: service-viewer
-  namespace: default
-spec:
-  rules:
-  - services: ["*"]
-    methods: ["GET"]
-    constraints:
-    - key: "destination.labels[app]"
-      values: ["productpage", "details", "reviews", "ratings"]
-$endsnippet
-
-$snippet enforcing_namespace_level_access_control_bind_service_viewer.yaml syntax="yaml"
-apiVersion: "rbac.istio.io/v1alpha1"
-kind: ServiceRoleBinding
-metadata:
-  name: bind-service-viewer
-  namespace: default
-spec:
-  subjects:
-  - properties:
-      source.namespace: "istio-system"
-  - properties:
-      source.namespace: "default"
-  roleRef:
-    kind: ServiceRole
-    name: "service-viewer"
-$endsnippet
-
-$snippet enforcing_service_level_access_control_step1_apply.sh syntax="bash"
-$ kubectl apply -f @samples/bookinfo/platform/kube/rbac/productpage-policy.yaml@
-$endsnippet
-
-$snippet enforcing_service_level_access_control_step1_productpage_viewer.yaml syntax="yaml"
-apiVersion: "rbac.istio.io/v1alpha1"
-kind: ServiceRole
-metadata:
-  name: productpage-viewer
-  namespace: default
-spec:
-  rules:
-  - services: ["productpage.default.svc.cluster.local"]
-    methods: ["GET"]
-$endsnippet
-
-$snippet enforcing_service_level_access_control_step1_bind_productpage_viewer.yaml syntax="yaml"
-apiVersion: "rbac.istio.io/v1alpha1"
-kind: ServiceRoleBinding
-metadata:
-  name: bind-productpage-viewer
-  namespace: default
-spec:
-  subjects:
-  - user: "*"
-  roleRef:
-    kind: ServiceRole
-    name: "productpage-viewer"
-$endsnippet
-
-$snippet enforcing_service_level_access_control_step2_apply.sh syntax="bash"
-$ kubectl apply -f @samples/bookinfo/platform/kube/rbac/details-reviews-policy.yaml@
-$endsnippet
-
-$snippet enforcing_service_level_access_control_step2_details_reviews_viewer.yaml syntax="yaml"
-apiVersion: "rbac.istio.io/v1alpha1"
-kind: ServiceRole
-metadata:
-  name: details-reviews-viewer
-  namespace: default
-spec:
-  rules:
-  - services: ["details.default.svc.cluster.local", "reviews.default.svc.cluster.local"]
-    methods: ["GET"]
-$endsnippet
-
-$snippet enforcing_service_level_access_control_step2_bind_details_reviews.yaml syntax="yaml"
-apiVersion: "rbac.istio.io/v1alpha1"
-kind: ServiceRoleBinding
-metadata:
-  name: bind-details-reviews
-  namespace: default
-spec:
-  subjects:
-  - user: "cluster.local/ns/default/sa/bookinfo-productpage"
-  roleRef:
-    kind: ServiceRole
-    name: "details-reviews-viewer"
-$endsnippet
-
-$snippet enforcing_service_level_access_control_step3_apply.sh syntax="bash"
-$ kubectl apply -f @samples/bookinfo/platform/kube/rbac/ratings-policy.yaml@
-$endsnippet
-
-$snippet enforcing_service_level_access_control_step3_ratings_viewer.yaml syntax="yaml"
-apiVersion: "rbac.istio.io/v1alpha1"
-kind: ServiceRole
-metadata:
-  name: ratings-viewer
-  namespace: default
-spec:
-  rules:
-  - services: ["ratings.default.svc.cluster.local"]
-    methods: ["GET"]
-$endsnippet
-
-$snippet enforcing_service_level_access_control_step3_bind_ratings.yaml syntax="yaml"
-apiVersion: "rbac.istio.io/v1alpha1"
-kind: ServiceRoleBinding
-metadata:
-  name: bind-ratings
-  namespace: default
-spec:
-  subjects:
-  - user: "cluster.local/ns/default/sa/bookinfo-reviews"
-  roleRef:
-    kind: ServiceRole
-    name: "ratings-viewer"
-$endsnippet
-
-$snippet remove_istio_authorization_policy.sh syntax="bash"
-$ kubectl delete -f @samples/bookinfo/platform/kube/rbac/ratings-policy.yaml@
-$ kubectl delete -f @samples/bookinfo/platform/kube/rbac/details-reviews-policy.yaml@
-$ kubectl delete -f @samples/bookinfo/platform/kube/rbac/productpage-policy.yaml@
-$endsnippet
-
-$snippet remove_istio_authorization_policy_alternative.sh syntax="bash"
-$ kubectl delete servicerole --all
-$ kubectl delete servicerolebinding --all
-$endsnippet
-
-$snippet disabling_istio_authorization.sh syntax="bash"
-$ kubectl delete -f @samples/bookinfo/platform/kube/rbac/rbac-config-ON.yaml@
-$endsnippet

examples/examples__bookinfo.snippets.txt

@@ -1,39 +0,0 @@
-# Created by TestBookinfo. DO NOT EDIT THIS FILE MANUALLY!
-
-$snippet automatic_sidecar_injection.sh syntax="bash"
-$ kubectl label namespace default istio-injection=enabled
-$endsnippet
-
-$snippet deploy_bookinfo_application.sh syntax="bash"
-$ kubectl apply -f @samples/bookinfo/platform/kube/bookinfo.yaml@
-$endsnippet
-
-$snippet verify_service.sh syntax="bash"
-$ kubectl get services
-$endsnippet
-
-$snippet verify_service.sh_output.txt syntax="text"
-NAME          TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
-details       ClusterIP   10.96.60.64      <none>        9080/TCP   0s
-kubernetes    ClusterIP   10.96.0.1        <none>        443/TCP    7m50s
-productpage   ClusterIP   10.111.146.105   <none>        9080/TCP   0s
-ratings       ClusterIP   10.104.124.247   <none>        9080/TCP   0s
-reviews       ClusterIP   10.105.106.39    <none>        9080/TCP   0s
-
-$endsnippet
-
-$snippet verify_pods.sh syntax="bash"
-$ kubectl get pods
-$endsnippet
-
-$snippet verify_pods.sh_output.txt syntax="text"
-NAME                              READY   STATUS    RESTARTS   AGE
-details-v1-74f858558f-2ttbx       2/2     Running   0          39s
-productpage-v1-76589d9fdc-gvvmf   2/2     Running   0          38s
-ratings-v1-7855f5bcb9-lss29       2/2     Running   0          39s
-reviews-v1-64bc5454b9-6rzvb       2/2     Running   0          39s
-reviews-v2-76c64d4bdf-kbgqd       2/2     Running   0          39s
-reviews-v3-5545c7c78f-q8zf9       2/2     Running   0          39s
-
-$endsnippet
-

examples/tasks__security__mututal_tls_migration.snippets.txt

@@ -1,78 +0,0 @@
-# Created by TestMutualTLSMigration. DO NOT EDIT THIS FILE MANUALLY!
-
-$snippet create_ns_foo_bar_legacy.sh syntax="bash"
-$ kubectl create ns foo
-$ kubectl apply -f <(istioctl kube-inject -f @samples/httpbin/httpbin.yaml@) -n foo
-$ kubectl apply -f <(istioctl kube-inject -f @samples/sleep/sleep.yaml@) -n foo
-$ kubectl create ns bar
-$ kubectl apply -f <(istioctl kube-inject -f @samples/httpbin/httpbin.yaml@) -n bar
-$ kubectl apply -f <(istioctl kube-inject -f @samples/sleep/sleep.yaml@) -n bar
-$ kubectl create ns legacy
-$ kubectl apply -f samples/sleep/sleep.yaml -n legacy
-$endsnippet
-
-$snippet curl_foo_bar_legacy.sh syntax="bash" outputis="text"
-$ for from in "foo" "bar" "legacy"; do kubectl exec $(kubectl get pod -l app=sleep -n ${from} -o jsonpath={.items..metadata.name}) -c sleep -n ${from} -- curl http://httpbin.foo:8000/ip -s -o /dev/null -w "sleep.${from} to httpbin.foo: %{http_code}\n"; done
-sleep.foo to httpbin.foo: 200
-sleep.bar to httpbin.foo: 200
-sleep.legacy to httpbin.foo: 200
-$endsnippet
-
-$snippet verify_initial_policies.sh syntax="bash" outputis="text"
-$ kubectl get policies.authentication.istio.io --all-namespaces
-NAMESPACE      NAME                          AGE
-istio-system   grafana-ports-mtls-disabled   2m8s
-$endsnippet
-
-$snippet configure_mtls_destinationrule.sh syntax="bash"
-$ cat <<EOF | kubectl apply -n foo -f -
-apiVersion: "networking.istio.io/v1alpha3"
-kind: "DestinationRule"
-metadata:
-  name: "example-httpbin-istio-client-mtls"
-spec:
-  host: httpbin.foo.svc.cluster.local
-  trafficPolicy:
-    tls:
-      mode: ISTIO_MUTUAL
-EOF
-$endsnippet
-
-$snippet curl_foo_bar_legacy_post_dr.sh syntax="bash" outputis="text"
-$ for from in "foo" "bar" "legacy"; do kubectl exec $(kubectl get pod -l app=sleep -n ${from} -o jsonpath={.items..metadata.name}) -c sleep -n ${from} -- curl http://httpbin.foo:8000/ip -s -o /dev/null -w "sleep.${from} to httpbin.foo: %{http_code}\n"; done
-sleep.foo to httpbin.foo: 200
-sleep.bar to httpbin.foo: 200
-sleep.legacy to httpbin.foo: 200
-$endsnippet
-
-$snippet httpbin_foo_mtls_only.sh syntax="bash"
-$ cat <<EOF | kubectl apply -n foo -f -
-apiVersion: "authentication.istio.io/v1alpha1"
-kind: "Policy"
-metadata:
-  name: "example-httpbin-strict"
-  namespace: foo
-spec:
-  targets:
-  - name: httpbin
-  peers:
-  - mtls:
-      mode: STRICT
-EOF
-$endsnippet
-
-$snippet curl_foo_bar_legacy_httpbin_foo_mtls.sh syntax="bash" outputis="text"
-$ for from in "foo" "bar" "legacy"; do kubectl exec $(kubectl get pod -l app=sleep -n ${from} -o jsonpath={.items..metadata.name}) -c sleep -n ${from} -- curl http://httpbin.foo:8000/ip -s -o /dev/null -w "sleep.${from} to httpbin.foo: %{http_code}\n"; done
-sleep.foo to httpbin.foo: 200
-sleep.bar to httpbin.foo: 200
-sleep.legacy to httpbin.foo: 000
-command terminated with exit code 56
-$endsnippet
-
-$snippet cleanup.sh syntax="bash" outputis="text"
-$ kubectl delete ns foo bar legacy
-namespace "foo" deleted
-namespace "bar" deleted
-namespace "legacy" deleted
-$endsnippet
-

examples/tasks__traffic_management__mirroring.snippets.txt

@@ -1,214 +0,0 @@
-# Created by TestMirror. DO NOT EDIT THIS FILE MANUALLY!
-
-$snippet httpbin_deployment_v1.sh syntax="bash"
-$ cat <<EOF | istioctl kube-inject -f - | kubectl -n istio-io-mirror create -f -
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: httpbin-v1
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: httpbin
-      version: v1
-  template:
-    metadata:
-      labels:
-        app: httpbin
-        version: v1
-    spec:
-      containers:
-      - image: docker.io/kennethreitz/httpbin
-        imagePullPolicy: IfNotPresent
-        name: httpbin
-        command: ["gunicorn", "--access-logfile", "-", "-b", "0.0.0.0:80", "httpbin:app"]
-        ports:
-        - containerPort: 80
-EOF
-$endsnippet
-
-$snippet httpbin_deployment_v2.sh syntax="bash"
-$ cat <<EOF | istioctl kube-inject -f - | kubectl -n istio-io-mirror create -f -
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: httpbin-v2
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: httpbin
-      version: v2
-  template:
-    metadata:
-      labels:
-        app: httpbin
-        version: v2
-    spec:
-      containers:
-      - image: docker.io/kennethreitz/httpbin
-        imagePullPolicy: IfNotPresent
-        name: httpbin
-        command: ["gunicorn", "--access-logfile", "-", "-b", "0.0.0.0:80", "httpbin:app"]
-        ports:
-        - containerPort: 80
-EOF
-$endsnippet
-
-$snippet httpbin_service.sh syntax="bash"
-$ kubectl -n istio-io-mirror create -f - <<EOF
-apiVersion: v1
-kind: Service
-metadata:
-  name: httpbin
-  labels:
-    app: httpbin
-spec:
-  ports:
-  - name: http
-    port: 8000
-    targetPort: 80
-  selector:
-    app: httpbin
-EOF
-$endsnippet
-
-$snippet sleep_deployment.sh syntax="bash"
-$ cat <<EOF | istioctl kube-inject -f - | kubectl -n istio-io-mirror create -f -
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: sleep
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: sleep
-  template:
-    metadata:
-      labels:
-        app: sleep
-    spec:
-      containers:
-      - name: sleep
-        image: tutum/curl
-        command: ["/bin/sleep","infinity"]
-        imagePullPolicy: IfNotPresent
-EOF
-$endsnippet
-
-$snippet httpbin_policy.sh syntax="bash"
-$ kubectl -n istio-io-mirror apply -f - <<EOF
-apiVersion: networking.istio.io/v1alpha3
-kind: VirtualService
-metadata:
-  name: httpbin
-spec:
-  hosts:
-    - httpbin
-  http:
-  - route:
-    - destination:
-        host: httpbin
-        subset: v1
-      weight: 100
----
-apiVersion: networking.istio.io/v1alpha3
-kind: DestinationRule
-metadata:
-  name: httpbin
-spec:
-  host: httpbin
-  subsets:
-  - name: v1
-    labels:
-      version: v1
-  - name: v2
-    labels:
-      version: v2
-EOF
-$endsnippet
-
-$snippet generate_traffic_1.sh syntax="bash"
-$ export SLEEP_POD=$(kubectl -n istio-io-mirror get pod -l app=sleep -o jsonpath={.items..metadata.name})
-$ kubectl -n istio-io-mirror exec ${SLEEP_POD} -c sleep -- curl -o /dev/null -s -w "%{http_code}\n" http://httpbin:8000/ISTIO_IO_MIRROR_TEST_1
-$endsnippet
-
-$snippet check_logs_v1_1.sh syntax="bash" outputis="text"
-$ export V1_POD=$(kubectl -n istio-io-mirror get pod -l app=httpbin,version=v1 -o jsonpath={.items..metadata.name})
-$ kubectl -n istio-io-mirror logs ${V1_POD} -c httpbin
-[2019-11-14 14:32:22 +0000] [1] [INFO] Starting gunicorn 19.9.0
-[2019-11-14 14:32:22 +0000] [1] [INFO] Listening at: http://0.0.0.0:80 (1)
-[2019-11-14 14:32:22 +0000] [1] [INFO] Using worker: sync
-[2019-11-14 14:32:22 +0000] [9] [INFO] Booting worker with pid: 9
-127.0.0.1 - - [14/Nov/2019:14:32:49 +0000] "GET /ISTIO_IO_MIRROR_TEST_1 HTTP/1.1" 404 233 "-" "curl/7.35.0"
-$endsnippet
-
-$snippet check_logs_v2_1.sh syntax="bash" outputis="text"
-$ export V2_POD=$(kubectl -n istio-io-mirror get pod -l app=httpbin,version=v2 -o jsonpath={.items..metadata.name})
-$ kubectl -n istio-io-mirror logs ${V2_POD} -c httpbin
-[2019-11-14 14:32:22 +0000] [1] [INFO] Starting gunicorn 19.9.0
-[2019-11-14 14:32:22 +0000] [1] [INFO] Listening at: http://0.0.0.0:80 (1)
-[2019-11-14 14:32:22 +0000] [1] [INFO] Using worker: sync
-[2019-11-14 14:32:22 +0000] [8] [INFO] Booting worker with pid: 8
-$endsnippet
-
-$snippet mirror_vs.sh syntax="bash"
-$ kubectl -n istio-io-mirror apply -f - <<EOF
-apiVersion: networking.istio.io/v1alpha3
-kind: VirtualService
-metadata:
-  name: httpbin
-spec:
-  hosts:
-    - httpbin
-  http:
-  - route:
-    - destination:
-        host: httpbin
-        subset: v1
-      weight: 100
-    mirror:
-      host: httpbin
-      subset: v2
-    mirror_percent: 100
-EOF
-$endsnippet
-
-$snippet generate_traffic_2.sh syntax="bash"
-$ export SLEEP_POD=$(kubectl -n istio-io-mirror get pod -l app=sleep -o jsonpath={.items..metadata.name})
-$ kubectl -n istio-io-mirror exec ${SLEEP_POD} -c sleep -- curl --retry 3 -o /dev/null -s -w "%{http_code}\n" http://httpbin:8000/ISTIO_IO_MIRROR_TEST_2
-$endsnippet
-
-$snippet check_logs_v1_2.sh syntax="bash" outputis="text"
-$ export V1_POD=$(kubectl -n istio-io-mirror get pod -l app=httpbin,version=v1 -o jsonpath={.items..metadata.name})
-$ kubectl -n istio-io-mirror logs ${V1_POD} -c httpbin
-[2019-11-14 14:32:22 +0000] [1] [INFO] Starting gunicorn 19.9.0
-[2019-11-14 14:32:22 +0000] [1] [INFO] Listening at: http://0.0.0.0:80 (1)
-[2019-11-14 14:32:22 +0000] [1] [INFO] Using worker: sync
-[2019-11-14 14:32:22 +0000] [9] [INFO] Booting worker with pid: 9
-127.0.0.1 - - [14/Nov/2019:14:32:49 +0000] "GET /ISTIO_IO_MIRROR_TEST_1 HTTP/1.1" 404 233 "-" "curl/7.35.0"
-127.0.0.1 - - [14/Nov/2019:14:33:00 +0000] "GET /ISTIO_IO_MIRROR_TEST_2 HTTP/1.1" 404 233 "-" "curl/7.35.0"
-$endsnippet
-
-$snippet check_logs_v2_2.sh syntax="bash" outputis="text"
-$ export V2_POD=$(kubectl -n istio-io-mirror get pod -l app=httpbin,version=v2 -o jsonpath={.items..metadata.name})
-$ kubectl -n istio-io-mirror logs ${V2_POD} -c httpbin
-[2019-11-14 14:32:22 +0000] [1] [INFO] Starting gunicorn 19.9.0
-[2019-11-14 14:32:22 +0000] [1] [INFO] Listening at: http://0.0.0.0:80 (1)
-[2019-11-14 14:32:22 +0000] [1] [INFO] Using worker: sync
-[2019-11-14 14:32:22 +0000] [8] [INFO] Booting worker with pid: 8
-127.0.0.1 - - [14/Nov/2019:14:33:00 +0000] "GET /ISTIO_IO_MIRROR_TEST_2 HTTP/1.1" 404 233 "-" "curl/7.35.0"
-$endsnippet
-
-$snippet remove_rules.sh syntax="bash"
-$ kubectl delete virtualservice httpbin
-$ kubectl delete destinationrule httpbin
-$endsnippet
-
-$snippet remove_httpbin.sh syntax="bash"
-$ kubectl delete deploy httpbin-v1 httpbin-v2 sleep
-$ kubectl delete svc httpbin
-$endsnippet
-

test/snippet_example.txt

@@ -9,7 +9,7 @@ on two lines
 This is chunk 2
 # $endsnippet
 
-# $snippet SNIP1
+# $snippet SNIP3
 This is chunk 3
 # $endsnippet