Remove $ sign in command since it breaks the copy button (#1143)

2018-04-03 15:16:20 -07:00 · 2018-04-03 15:16:20 -07:00 · e60a355d12
parent 9e36999841
commit e60a355d12
1 changed files with 53 additions and 25 deletions
--- a/_docs/tasks/security/https-overlay.md
+++ b/_docs/tasks/security/https-overlay.md
@ -31,18 +31,22 @@ original https traffic. And this is the reason Istio can work on https services.
 You need to have openssl installed to run this command

 ```bash
-$ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /tmp/nginx.key -out /tmp/nginx.crt -subj "/CN=my-nginx/O=my-nginx"
+openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /tmp/nginx.key -out /tmp/nginx.crt -subj "/CN=my-nginx/O=my-nginx"
 ```

 ```bash
-$ kubectl create secret tls nginxsecret --key /tmp/nginx.key --cert /tmp/nginx.crt
+kubectl create secret tls nginxsecret --key /tmp/nginx.key --cert /tmp/nginx.crt
+```
+```bash
 secret "nginxsecret" created
 ```

 Create a configmap used for the https service

 ```bash
-$ kubectl create configmap nginxconfigmap --from-file=samples/https/default.conf
+kubectl create configmap nginxconfigmap --from-file=samples/https/default.conf
+```
+```bash
 configmap "nginxconfigmap" created
 ```

@ -51,7 +55,9 @@ configmap "nginxconfigmap" created
 This section creates a nginx-based https service.

 ```bash
-$ kubectl apply -f samples/https/nginx-app.yaml
+kubectl apply -f samples/https/nginx-app.yaml
+```
+```bash
 ...
 service "my-nginx" created
 replicationcontroller "my-nginx" created
@ -60,13 +66,15 @@ replicationcontroller "my-nginx" created
 Then, create another pod to call this service.

 ```bash
-$ kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/sleep/sleep.yaml)
+kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/sleep/sleep.yaml)
 ```

 Get the pods

 ```bash
-$ kubectl get pod
+kubectl get pod
+```
+```bash
 NAME                              READY     STATUS    RESTARTS   AGE
 my-nginx-jwwck                    2/2       Running   0          1h
 sleep-847544bbfc-d27jg            2/2       Running   0          18h
@ -74,12 +82,14 @@ sleep-847544bbfc-d27jg            2/2       Running   0          18h

 Ssh into the istio-proxy container of sleep pod.
 ```bash
-$ kubectl exec -it sleep-847544bbfc-d27jg -c istio-proxy /bin/bash
+kubectl exec -it sleep-847544bbfc-d27jg -c istio-proxy /bin/bash
 ```

 Call my-nginx
 ```bash
-# curl https://my-nginx -k
+curl https://my-nginx -k
+```
+```bash
 ...
 <h1>Welcome to nginx!</h1>
 ...
@ -88,7 +98,9 @@ Call my-nginx
 You can actually combine the above three command into one:

 ```bash
-$ kubectl exec $(kubectl get pod -l app=sleep -o jsonpath={.items..metadata.name}) -c istio-proxy -- curl https://my-nginx -k
+kubectl exec $(kubectl get pod -l app=sleep -o jsonpath={.items..metadata.name}) -c istio-proxy -- curl https://my-nginx -k
+```
+```bash
 ...
 <h1>Welcome to nginx!</h1>
 ...
@ -101,19 +113,21 @@ disabled. So you only need to redeploy the nginx https service with sidecar.

 Delete the https service.
 ```bash
-$ kubectl delete -f nginx-app.yaml
+kubectl delete -f nginx-app.yaml
 ```

 Deploy it with sidecar

 ```bash
-$ kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/https/nginx-app.yaml)
+kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/https/nginx-app.yaml)
 ```

 Make sure the pod is up and running

 ```bash
-$ kubectl get pod
+kubectl get pod
+```
+```bash
 NAME                              READY     STATUS    RESTARTS   AGE
 my-nginx-6svcc                    2/2       Running   0          1h
 sleep-847544bbfc-d27jg            2/2       Running   0          18h
@ -121,7 +135,9 @@ sleep-847544bbfc-d27jg            2/2       Running   0          18h

 And run
 ```bash
-$ kubectl exec sleep-847544bbfc-d27jg -c sleep -- curl https://my-nginx -k
+kubectl exec sleep-847544bbfc-d27jg -c sleep -- curl https://my-nginx -k
+```
+```bash
 ...
 <h1>Welcome to nginx!</h1>
 ...
@ -129,7 +145,9 @@ $ kubectl exec sleep-847544bbfc-d27jg -c sleep -- curl https://my-nginx -k

 If you run from istio-proxy container, it should work as well
 ```bash
-$ kubectl exec sleep-847544bbfc-d27jg -c istio-proxy -- curl https://my-nginx -k
+kubectl exec sleep-847544bbfc-d27jg -c istio-proxy -- curl https://my-nginx -k
+```
+```bash
 ...
 <h1>Welcome to nginx!</h1>
 ...
@ -143,25 +161,29 @@ You need to deploy Istio control plane with mTLS enabled. If you have istio
 control plane with mTLS disabled installed, please delete it:

 ```bash
-$ kubectl delete -f install/kubernetes/istio.yaml
+kubectl delete -f install/kubernetes/istio.yaml
 ```

 And wait for everything is down, i.e., there is no pod in control plane namespace (istio-system).

 ```bash
-$ kubectl get pod -n istio-system
+kubectl get pod -n istio-system
+```
+```bash
 No resources found.
 ```

 Then deploy the Istio control plane with mTLS enabled:

 ```bash
-$ kubectl apply -f install/kubernetes/istio-auth.yaml
+kubectl apply -f install/kubernetes/istio-auth.yaml
 ```

 Make sure everything is up and running:
 ```bash
-$ kubectl get po -n istio-system
+kubectl get po -n istio-system
+```
+```bash
 NAME                             READY     STATUS    RESTARTS   AGE
 istio-ca-58c5856966-k6nm4        1/1       Running   0          2m
 istio-ingress-5789d889bc-xzdg2   1/1       Running   0          2m
@ -172,16 +194,18 @@ istio-pilot-6954dcd96d-phh5z     2/2       Running   0          2m
 Then redeploy the https service and sleep service

 ```bash
-$ kubectl delete -f <(bin/istioctl kube-inject --debug -f samples/sleep/sleep.yaml)
-$ kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/sleep/sleep.yaml)
-$ kubectl delete -f <(bin/istioctl kube-inject --debug -f samples/https/nginx-app.yaml)
-$ kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/https/nginx-app.yaml)
+kubectl delete -f <(bin/istioctl kube-inject --debug -f samples/sleep/sleep.yaml)
+kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/sleep/sleep.yaml)
+kubectl delete -f <(bin/istioctl kube-inject --debug -f samples/https/nginx-app.yaml)
+kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/https/nginx-app.yaml)
 ```

 Make sure the pod is up and running

 ```bash
-$ kubectl get pod
+kubectl get pod
+```
+```bash
 NAME                              READY     STATUS    RESTARTS   AGE
 my-nginx-9dvet                    2/2       Running   0          1h
 sleep-77f457bfdd-hdknx            2/2       Running   0          18h
@ -189,7 +213,9 @@ sleep-77f457bfdd-hdknx            2/2       Running   0          18h

 And run
 ```bash
-$ kubectl exec sleep-77f457bfdd-hdknx -c sleep -- curl https://my-nginx -k
+kubectl exec sleep-77f457bfdd-hdknx -c sleep -- curl https://my-nginx -k
+```
+```bash
 ...
 <h1>Welcome to nginx!</h1>
 ...
@ -200,7 +226,9 @@ and nginx-proxy. In this case, everthing works fine.

 However, if you run this command from istio-proxy container, it will not work.
 ```bash
-$ kubectl exec sleep-77f457bfdd-hdknx -c istio-proxy -- curl https://my-nginx -k
+kubectl exec sleep-77f457bfdd-hdknx -c istio-proxy -- curl https://my-nginx -k
+```
+```bash
 ...
 curl: (35) gnutls_handshake() failed: Handshake failed
 command terminated with exit code 35