Remove unnecessary section to turn on permissive (#3382)

* Remove unnecessary section to turn on permissive * Delete obsoleted file * Add alias * Fix comment
2019-02-26 11:35:30 -08:00 · 2019-02-26 11:35:30 -08:00 · c4b714ec99
parent edcedada30
commit c4b714ec99
3 changed files with 1 additions and 38 deletions
--- a/content/docs/tasks/security/mtls-migration/index.md
+++ b/content/docs/tasks/security/mtls-migration/index.md
@ -72,36 +72,6 @@ down once the migration is done.
    istio-system   istio-telemetry   25m
    {{< /text >}}

-## Configure the server to accept both mutual TLS and plain text traffic
-
-In authentication policy, we have a `PERMISSIVE` mode which makes the server accept both mutual TLS and plain text traffic.
-We need to configure the server to this mode.
-
-{{< text bash >}}
-$ cat <<EOF | kubectl apply -n foo -f -
-apiVersion: "authentication.istio.io/v1alpha1"
-kind: "Policy"
-metadata:
-  name: "example-httpbin-permissive"
-  namespace: foo
-spec:
-  targets:
-  - name: httpbin
-  peers:
-  - mtls:
-      mode: PERMISSIVE
-EOF
-{{< /text >}}
-
-Now send traffic to `httpbin.foo` again to ensure all requests can still succeed.
-
-{{< text bash >}}
-$ for from in "foo" "bar" "legacy"; do kubectl exec $(kubectl get pod -l app=sleep -n ${from} -o jsonpath={.items..metadata.name}) -c sleep -n ${from} -- curl http://httpbin.foo:8000/ip -s -o /dev/null -w "sleep.${from} to httpbin.foo: %{http_code}\n"; done
-200
-200
-200
-{{< /text >}}
-
 ## Configure clients to send mutual TLS traffic

 Configure Istio services to send mutual TLS traffic by setting `DestinationRule`.
--- a/content/help/ops/security/health-checks-and-mtls/index.md
+++ b/content/help/ops/security/health-checks-and-mtls/index.md
@ -1,8 +0,0 @@
---
-title: Health Checks and Mutual TLS
-description: How to get health checks working when mutual TLS is enabled.
-weight: 40
---
-You can enable a PERMISSIVE mode for your service to take both mutual TLS and plain-text traffic.
-To configure your service to accept both mutual TLS and plain-text traffic for health checking, please refer to the
-[PERMISSIVE mode configuration documentation](/docs/tasks/security/mtls-migration/#configure-the-server-to-accept-both-mutual-tls-and-plain-text-traffic).
--- a/content/help/ops/setup/app-health-check/index.md
+++ b/content/help/ops/setup/app-health-check/index.md
@ -4,6 +4,7 @@ description: Shows how to do health checking for Istio services.
 weight: 65
 aliases:
  - /docs/tasks/traffic-management/app-health-check/
+  - /help/ops/security/health-checks-and-mtls/
 keywords: [security,health-check]
 ---