From e60a355d1213935603737d1e57942cd116f3e1ea Mon Sep 17 00:00:00 2001
From: Tao Li <taotao12@gmail.com>
Date: Tue, 3 Apr 2018 15:16:20 -0700
Subject: [PATCH] Remove $ sign in command since it breaks the copy button
 (#1143)

---
 _docs/tasks/security/https-overlay.md | 78 ++++++++++++++++++---------
 1 file changed, 53 insertions(+), 25 deletions(-)

diff --git a/_docs/tasks/security/https-overlay.md b/_docs/tasks/security/https-overlay.md
index 277f5f822c..e2a13e17b1 100644
--- a/_docs/tasks/security/https-overlay.md
+++ b/_docs/tasks/security/https-overlay.md
@@ -31,18 +31,22 @@ original https traffic. And this is the reason Istio can work on https services.
 You need to have openssl installed to run this command
 
 ```bash
-$ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /tmp/nginx.key -out /tmp/nginx.crt -subj "/CN=my-nginx/O=my-nginx"
+openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /tmp/nginx.key -out /tmp/nginx.crt -subj "/CN=my-nginx/O=my-nginx"
 ```
 
 ```bash
-$ kubectl create secret tls nginxsecret --key /tmp/nginx.key --cert /tmp/nginx.crt
+kubectl create secret tls nginxsecret --key /tmp/nginx.key --cert /tmp/nginx.crt
+```
+```bash
 secret "nginxsecret" created
 ```
 
 Create a configmap used for the https service
 
 ```bash
-$ kubectl create configmap nginxconfigmap --from-file=samples/https/default.conf
+kubectl create configmap nginxconfigmap --from-file=samples/https/default.conf
+```
+```bash
 configmap "nginxconfigmap" created
 ```
 
@@ -51,7 +55,9 @@ configmap "nginxconfigmap" created
 This section creates a nginx-based https service.
 
 ```bash
-$ kubectl apply -f samples/https/nginx-app.yaml
+kubectl apply -f samples/https/nginx-app.yaml
+```
+```bash
 ...
 service "my-nginx" created
 replicationcontroller "my-nginx" created
@@ -60,13 +66,15 @@ replicationcontroller "my-nginx" created
 Then, create another pod to call this service.
 
 ```bash
-$ kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/sleep/sleep.yaml)
+kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/sleep/sleep.yaml)
 ```
 
 Get the pods
 
 ```bash
-$ kubectl get pod
+kubectl get pod
+```
+```bash
 NAME                              READY     STATUS    RESTARTS   AGE
 my-nginx-jwwck                    2/2       Running   0          1h
 sleep-847544bbfc-d27jg            2/2       Running   0          18h
@@ -74,12 +82,14 @@ sleep-847544bbfc-d27jg            2/2       Running   0          18h
 
 Ssh into the istio-proxy container of sleep pod.
 ```bash
-$ kubectl exec -it sleep-847544bbfc-d27jg -c istio-proxy /bin/bash
+kubectl exec -it sleep-847544bbfc-d27jg -c istio-proxy /bin/bash
 ```
 
 Call my-nginx
 ```bash
-# curl https://my-nginx -k
+curl https://my-nginx -k
+```
+```bash
 ...
 <h1>Welcome to nginx!</h1>
 ...
@@ -88,7 +98,9 @@ Call my-nginx
 You can actually combine the above three command into one:
 
 ```bash
-$ kubectl exec $(kubectl get pod -l app=sleep -o jsonpath={.items..metadata.name}) -c istio-proxy -- curl https://my-nginx -k
+kubectl exec $(kubectl get pod -l app=sleep -o jsonpath={.items..metadata.name}) -c istio-proxy -- curl https://my-nginx -k
+```
+```bash
 ...
 <h1>Welcome to nginx!</h1>
 ...
@@ -101,19 +113,21 @@ disabled. So you only need to redeploy the nginx https service with sidecar.
 
 Delete the https service.
 ```bash
-$ kubectl delete -f nginx-app.yaml
+kubectl delete -f nginx-app.yaml
 ```
 
 Deploy it with sidecar
 
 ```bash
-$ kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/https/nginx-app.yaml)
+kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/https/nginx-app.yaml)
 ```
 
 Make sure the pod is up and running
 
 ```bash
-$ kubectl get pod
+kubectl get pod
+```
+```bash
 NAME                              READY     STATUS    RESTARTS   AGE
 my-nginx-6svcc                    2/2       Running   0          1h
 sleep-847544bbfc-d27jg            2/2       Running   0          18h
@@ -121,7 +135,9 @@ sleep-847544bbfc-d27jg            2/2       Running   0          18h
 
 And run
 ```bash
-$ kubectl exec sleep-847544bbfc-d27jg -c sleep -- curl https://my-nginx -k
+kubectl exec sleep-847544bbfc-d27jg -c sleep -- curl https://my-nginx -k
+```
+```bash
 ...
 <h1>Welcome to nginx!</h1>
 ...
@@ -129,7 +145,9 @@ $ kubectl exec sleep-847544bbfc-d27jg -c sleep -- curl https://my-nginx -k
 
 If you run from istio-proxy container, it should work as well
 ```bash
-$ kubectl exec sleep-847544bbfc-d27jg -c istio-proxy -- curl https://my-nginx -k
+kubectl exec sleep-847544bbfc-d27jg -c istio-proxy -- curl https://my-nginx -k
+```
+```bash
 ...
 <h1>Welcome to nginx!</h1>
 ...
@@ -143,25 +161,29 @@ You need to deploy Istio control plane with mTLS enabled. If you have istio
 control plane with mTLS disabled installed, please delete it:
 
 ```bash
-$ kubectl delete -f install/kubernetes/istio.yaml
+kubectl delete -f install/kubernetes/istio.yaml
 ```
 
 And wait for everything is down, i.e., there is no pod in control plane namespace (istio-system).
 
 ```bash
-$ kubectl get pod -n istio-system
+kubectl get pod -n istio-system
+```
+```bash
 No resources found.
 ```
 
 Then deploy the Istio control plane with mTLS enabled:
 
 ```bash
-$ kubectl apply -f install/kubernetes/istio-auth.yaml
+kubectl apply -f install/kubernetes/istio-auth.yaml
 ```
 
 Make sure everything is up and running:
 ```bash
-$ kubectl get po -n istio-system
+kubectl get po -n istio-system
+```
+```bash
 NAME                             READY     STATUS    RESTARTS   AGE
 istio-ca-58c5856966-k6nm4        1/1       Running   0          2m
 istio-ingress-5789d889bc-xzdg2   1/1       Running   0          2m
@@ -172,16 +194,18 @@ istio-pilot-6954dcd96d-phh5z     2/2       Running   0          2m
 Then redeploy the https service and sleep service
 
 ```bash
-$ kubectl delete -f <(bin/istioctl kube-inject --debug -f samples/sleep/sleep.yaml)
-$ kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/sleep/sleep.yaml)
-$ kubectl delete -f <(bin/istioctl kube-inject --debug -f samples/https/nginx-app.yaml)
-$ kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/https/nginx-app.yaml)
+kubectl delete -f <(bin/istioctl kube-inject --debug -f samples/sleep/sleep.yaml)
+kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/sleep/sleep.yaml)
+kubectl delete -f <(bin/istioctl kube-inject --debug -f samples/https/nginx-app.yaml)
+kubectl apply -f <(bin/istioctl kube-inject --debug -f samples/https/nginx-app.yaml)
 ```
 
 Make sure the pod is up and running
 
 ```bash
-$ kubectl get pod
+kubectl get pod
+```
+```bash
 NAME                              READY     STATUS    RESTARTS   AGE
 my-nginx-9dvet                    2/2       Running   0          1h
 sleep-77f457bfdd-hdknx            2/2       Running   0          18h
@@ -189,7 +213,9 @@ sleep-77f457bfdd-hdknx            2/2       Running   0          18h
 
 And run
 ```bash
-$ kubectl exec sleep-77f457bfdd-hdknx -c sleep -- curl https://my-nginx -k
+kubectl exec sleep-77f457bfdd-hdknx -c sleep -- curl https://my-nginx -k
+```
+```bash
 ...
 <h1>Welcome to nginx!</h1>
 ...
@@ -200,7 +226,9 @@ and nginx-proxy. In this case, everthing works fine.
 
 However, if you run this command from istio-proxy container, it will not work.
 ```bash
-$ kubectl exec sleep-77f457bfdd-hdknx -c istio-proxy -- curl https://my-nginx -k
+kubectl exec sleep-77f457bfdd-hdknx -c istio-proxy -- curl https://my-nginx -k
+```
+```bash
 ...
 curl: (35) gnutls_handshake() failed: Handshake failed
 command terminated with exit code 35