Merge minimal with helm install and simpify install paths (#3538)

* Merge minimal with helm install and simpify install paths

* circleci errors

* broken links

* fix broken link

content/about/feature-stages/index.md

@@ -81,14 +81,14 @@ Below is our list of existing features and their current phases. This informatio
 | [Attribute Expression Language](/docs/reference/config/policy-and-telemetry/expression-language/)        | Stable
 | [Mixer Adapter Authoring Model](/blog/2017/adapter-model/)        | Stable
 | [Helm](/docs/setup/kubernetes/install/helm/) | Beta
-| [Multicluster Mesh over VPN](/docs/setup/kubernetes/multicluster/) | Alpha
+| [Multicluster Mesh over VPN](/docs/setup/kubernetes/install/multicluster/) | Alpha
 | [Kubernetes: Istio Control Plane Upgrade](/docs/setup/kubernetes/) | Beta
 | [Consul Integration](/docs/setup/consul/quick-start/) | Alpha
 | Basic Configuration Resource Validation | Alpha
 | [Mixer Self Monitoring](/help/faq/mixer/#mixer-self-monitoring) | Alpha
 | [Custom Mixer Build Model](https://github.com/istio/istio/wiki/Mixer-Compiled-In-Adapter-Dev-Guide) | Alpha
 | [Out of Process Mixer Adapters (gRPC Adapters)](https://github.com/istio/istio/wiki/Mixer-Out-Of-Process-Adapter-Dev-Guide) | Alpha
-| [Istio CNI plugin](/docs/setup/kubernetes/install/cni/) | Alpha
+| [Istio CNI plugin](/docs/setup/kubernetes/additional-setup/cni/) | Alpha
 
 {{< idea >}}
 Please get in touch by joining our [community](/about/community/) if there are features you'd like to see in our future releases!

content/about/notes/1.0/index.md

@@ -94,7 +94,7 @@ be configured using [authentication policies](/docs/concepts/security/#authentic
   sidecars and turning off galley using the [Helm parameter](/docs/setup/kubernetes/install/helm)
   `--set galley.enabled=false`.
 
-- In a [multicluster deployment](/docs/setup/kubernetes/multicluster) the mixer-telemetry
+- In a [multicluster deployment](/docs/setup/kubernetes/install/multicluster) the mixer-telemetry
   and mixer-policy components do not connect to the Kubernetes API endpoints of any of the remote
   clusters.  This results in a loss of telemetry fidelity as some of the metadata associated
   with workloads on remote clusters is incomplete.

content/blog/2018/announcing-1.0/index.md

@@ -21,7 +21,7 @@ and [Styra](https://styra.com/) built extensions to our policy enforcement and n
 
 Since the 0.8 release we’ve added some important new features and more importantly marked many of our existing features as Beta signaling that they’re ready for production use. This is captured in more detail in the [release notes](/about/notes/1.0/)  but it’s worth calling out some highlights
 
-* Multiple Kubernetes clusters can now be [added to a single mesh](/docs/setup/kubernetes/multicluster/) and enabling cross-cluster communication and consistent policy enforcement. Multi-cluster support is now Beta.
+* Multiple Kubernetes clusters can now be [added to a single mesh](/docs/setup/kubernetes/install/multicluster/) and enabling cross-cluster communication and consistent policy enforcement. Multi-cluster support is now Beta.
 
 * Networking APIs that enable fine grained control over the flow of traffic through a mesh are now Beta. Explicitly modeling ingress and egress concerns using Gateways allows operators to [control the network topology](/blog/2018/v1alpha3-routing/) and meet access security requirements at the edge.
 

content/blog/2018/incremental-traffic-management/index.md

@@ -44,7 +44,7 @@ Fortunately, a standard Istio deployment already includes a [Gateway](/docs/conc
 
 ## In action: traffic routing with Istio
 
-A simple way to see this type of approach in action is to first setup your Kubernetes environment using the [Platform Setup](/docs/setup/kubernetes/platform-setup/) instructions, and then install Istio using [Helm](/docs/setup/kubernetes/install/minimal/), including only the traffic management components (ingress gateway, egress gateway, Pilot). The following example uses [Google Kubernetes Engine](https://cloud.google.com/gke).
+A simple way to see this type of approach in action is to first setup your Kubernetes environment using the [Platform Setup](/docs/setup/kubernetes/platform-setup/) instructions, and then install the **minimal** Istio profile using [Helm](/docs/setup/kubernetes/install/helm/), including only the traffic management components (ingress gateway, egress gateway, Pilot). The following example uses [Google Kubernetes Engine](https://cloud.google.com/gke).
 
 First, setup and configure [GKE](/docs/setup/kubernetes/platform-setup/gke/):
 
@@ -56,7 +56,7 @@ $ kubectl create clusterrolebinding cluster-admin-binding \
    --user=$(gcloud config get-value core/account)
 {{< /text >}}
 
-Next, [install Helm](https://docs.helm.sh/using_helm/#installing-helm) and [generate a minimal Istio install](/docs/setup/kubernetes/install/minimal/) -- only traffic management components:
+Next, [install Helm](https://docs.helm.sh/using_helm/#installing-helm) and [generate a minimal Istio install](/docs/setup/kubernetes/install/helm/) -- only traffic management components:
 
 {{< text bash >}}
 $ helm template install/kubernetes/helm/istio \

content/blog/2019/multicluster-version-routing/index.md

@@ -36,7 +36,7 @@ running in one cluster, versions `v2` and `v3` running in a second cluster.
 To start, you'll need two Kubernetes clusters, both running a slightly customized configuration of Istio.
 
 * Set up a multicluster environment with two Istio clusters by following the
-    [multiple control planes with gateways](/docs/setup/kubernetes/multicluster/gateways/) instructions.
+    [multiple control planes with gateways](/docs/setup/kubernetes/install/multicluster/gateways/) instructions.
 
 * The `kubectl` command is used to access both clusters with the `--context` flag.
     Use the following command to list your contexts:
@@ -270,7 +270,7 @@ is running on `cluster1` and we have not yet configured access to `cluster2`.
 
 ## Create a service entry and destination rule on `cluster1` for the remote reviews service
 
-As described in the [setup instructions](/docs/setup/kubernetes/multicluster/gateways/#setup-dns),
+As described in the [setup instructions](/docs/setup/kubernetes/install/multicluster/gateways/#setup-dns),
 remote services are accessed with a `.global` DNS name. In our case, it's `reviews.default.global`,
 so we need to create a service entry and destination rule for that host.
 The service entry will use the `cluster2` gateway as the endpoint address to access the service.

content/docs/concepts/multicluster-deployments/index.md

@@ -76,7 +76,7 @@ that can be configured to handle service names of the form `<name>.<namespace>.g
 For example, calls from any cluster to `foo.ns1.global` will resolve to the `foo` service in
 namespace `ns1` of any cluster where it is running.
 To set up this kind of multicluster configuration, visit our
-[multiple control planes with gateways instructions](/docs/setup/kubernetes/multicluster/gateways/).
+[multiple control planes with gateways instructions](/docs/setup/kubernetes/install/multicluster/gateways/).
 
 ### Single control plane topology
 
@@ -100,7 +100,7 @@ that manages all of the Envoy's as a single mesh. The IP addresses on the variou
 overlap and note that DNS resolution for services on remote clusters is not automatic.
 Users need to replicate the services on every participating cluster.
 You can find detailed steps to set up this kind of multicluster topology
-in our [single control plane with VPN instructions](/docs/setup/kubernetes/multicluster/vpn/).
+in our [single control plane with VPN instructions](/docs/setup/kubernetes/install/multicluster/vpn/).
 
 #### Single control plane without VPN connectivity
 

content/docs/concepts/policies-and-telemetry/index.md

@@ -44,8 +44,8 @@ At a high level, Mixer provides:
 Beyond these purely functional aspects, Mixer also has [reliability and scalability](#reliability-and-latency) benefits as outlined below.
 
 Policy enforcement and telemetry collection are entirely driven from configuration.
-It's possible to [completely disable these features](/docs/setup/kubernetes/install/minimal/)
-and avoid the need to run the Mixer component in an Istio deployment.
+These features are completely disabled by default, avoiding the need to run the Mixer component.
+Refer to [Installation Options](/docs/reference/config/installation-options/) for more information.
 
 ## Adapters
 

content/docs/examples/multicluster/gateways/index.md

@@ -16,7 +16,7 @@ running in a second cluster.
 ## Before you begin
 
 * Set up a multicluster environment with two Istio clusters by following the
-    [multiple control planes with gateways](/docs/setup/kubernetes/multicluster/gateways/) instructions.
+    [multiple control planes with gateways](/docs/setup/kubernetes/install/multicluster/gateways/) instructions.
 
 {{< boilerplate kubectl-multicluster-contexts >}}
 

content/docs/examples/multicluster/gke/index.md

@@ -311,7 +311,7 @@ $ kubectl label secret ${CLUSTER_NAME} istio/multiCluster=true -n ${NAMESPACE}
 ## Uninstalling
 
 The following should be done in addition to the uninstall of Istio as described in the
-[VPN-based multicluster uninstall section](/docs/setup/kubernetes/multicluster/vpn/):
+[VPN-based multicluster uninstall section](/docs/setup/kubernetes/install/multicluster/vpn/):
 
 1.  Delete the Google Cloud firewall rule:
 

content/docs/examples/multicluster/icp/index.md

@@ -137,7 +137,7 @@ across all nodes in the two IBM Cloud Private Clusters.
 
 ## Install Istio for multicluster
 
-[Follow the VPN-based multicluster installation steps](/docs/setup/kubernetes/multicluster/vpn/) to install and configure
+[Follow the VPN-based multicluster installation steps](/docs/setup/kubernetes/install/multicluster/vpn/) to install and configure
 local Istio control plane and Istio remote on `cluster-1` and `cluster-2`.
 
 This example uses `cluster-1` as the local Istio control plane and `cluster-2` as the Istio remote.

content/docs/examples/multicluster/iks-icp/index.md

@@ -85,7 +85,7 @@ Since these two clusters are in isolated network environments we need to set up
 
 ## Install Istio for multicluster
 
-[Follow the VPN-based multicluster installation steps](/docs/setup/kubernetes/multicluster/vpn/) to install and configure
+[Follow the VPN-based multicluster installation steps](/docs/setup/kubernetes/install/multicluster/vpn/) to install and configure
 the local Istio control plane and Istio remote on IBM Cloud Private and IBM Cloud Kubernetes Service.
 
 This example uses IBM Cloud Private as the Istio local control plane and IBM Cloud Kubernetes Service as the Istio remote.

content/docs/reference/config/policy-and-telemetry/adapters/kubernetesenv/index.html

@@ -76,7 +76,7 @@ This controls how frequently the complete resync occurs.</p>
 
 <p>Details on multicluster and the Kubernetes secret required to
 access the remote cluster&rsquo;s credentials can be found in
-<a href="/docs/setup/kubernetes/multicluster/">multicluster install</a>.</p>
+<a href="/docs/setup/kubernetes/install/multicluster/">multicluster install</a>.</p>
 
 <p>NOTE: If <code>cluster_registries_namespace</code> is not set then the environment
 variable <code>POD_NAMESPACE</code> is checked/used. If <code>POD_NAMESPACE</code> is not

content/docs/setup/kubernetes/_index.md

@@ -36,7 +36,7 @@ which installation to perform.
 To quickly test Istio's features, you can:
 
 - Install Istio [on Kubernetes without Helm](/docs/setup/kubernetes/install/kubernetes/)
-- Perform Istio's [minimal installation](/docs/setup/kubernetes/install/minimal/)
+- Configure Istio's **minimal** profile using the [helm installation guide](/docs/setup/kubernetes/install/helm/)
 
 ## Installing Istio for production
 
@@ -46,15 +46,15 @@ We recommend you install Istio for production using the
 If you run Kubernetes on a supported platform, you can follow the instructions
 specific to your Kubernetes platform:
 
-- [Alibaba Cloud Kubernetes Container Service](/docs/setup/kubernetes/install/alicloud/)
-- [Google Kubernetes Engine](/docs/setup/kubernetes/install/gke/)
-- [IBM Cloud](/docs/setup/kubernetes/install/ibm/)
+- [Alibaba Cloud Kubernetes Container Service](/docs/setup/kubernetes/install/platform/alicloud/)
+- [Google Kubernetes Engine](/docs/setup/kubernetes/install/platform/gke/)
+- [IBM Cloud](/docs/setup/kubernetes/install/platform/ibm/)
 
-If you want to install and use Istio through a Container Network Interface
-(CNI), visit our [CNI guide](/docs/setup/kubernetes/install/cni/).
+If you want your installation to use Istio's Container Network Interface
+(CNI) plugin, visit our [CNI guide](/docs/setup/kubernetes/additional-setup/cni/).
 
 If you want to perform a multicluster setup, visit our
-[Multicluster installation documents](/docs/setup/kubernetes/multicluster/).
+[Multicluster installation documents](/docs/setup/kubernetes/install/multicluster/).
 
 ## Adding services to your mesh
 

content/docs/setup/kubernetes/additional-setup/cni/index.md

@@ -2,6 +2,8 @@
 title: Install Istio with the Istio CNI plugin
 description: Instructions to install and use Istio with the Istio CNI plugin, allowing operators to deploy services with lower privilege.
 weight: 70
+aliases:
+    - /docs/setup/kubernetes/install/cni
 keywords: [kubernetes,cni,sidecar,proxy,network,helm]
 ---
 

content/docs/setup/kubernetes/additional-setup/requirements/index.md

@@ -39,5 +39,5 @@ cluster must satisfy the following requirements:
 
 * _**Application UIDs**_: Do **not** run applications as a user with the user ID (UID) value of **1337**.
 
-* _**`NET_ADMIN` capability**:_ If pod security policies are enforced in your cluster and unless you use the [Istio CNI Plugin](/docs/setup/kubernetes/install/cni/), your pods must have the `NET_ADMIN` capability allowed.
+* _**`NET_ADMIN` capability**:_ If pod security policies are enforced in your cluster and unless you use the [Istio CNI Plugin](/docs/setup/kubernetes/additional-setup/cni/), your pods must have the `NET_ADMIN` capability allowed.
 See [Required Pod Capabilities](/help/ops/setup/required-pod-capabilities/).

content/docs/setup/kubernetes/install/helm/index.md

@@ -1,5 +1,5 @@
 ---
-title: Install with Helm
+title: Customizable Install with Helm
 description: Instructions to install Istio using a Helm chart.
 weight: 20
 keywords: [kubernetes,helm]
@@ -10,11 +10,27 @@ aliases:
 icon: helm
 ---
 
-Follow this path to install and configure an Istio mesh using Helm.
+Follow this path to install and configure an Istio mesh for in-depth evaluation or production use.
 
-**This path is recommended for production environments.** This path offers rich
-customization of the Istio control plane and of the sidecars for the Istio data
-plane.
+These instructions use [Helm](https://github.com/helm/helm) charts that provide rich
+customization of the Istio control plane and of the sidecars for the Istio data plane.
+You can start with one of Istio's built-in configuration profiles and then further customize
+the configuration for your specific needs.
+The following built-in configuration profiles are currently available:
+
+1. **minimal**: the minimal set of components necessary to use Istio's [traffic management](/docs/tasks/traffic-management/) features.
+
+1. **demo**: configuration suitable to run the [Bookinfo](/docs/examples/bookinfo/) application and associated tasks.
+    This is the same configuration that is installed with the [Quick Start](/docs/setup/kubernetes/install/kubernetes/) instructions, only using helm has the advantage
+    that you can more easily enable additional features if you wish to explore more advanced tasks.
+
+1. **default**: enables components according to the default [Installation Options](/docs/reference/config/installation-options/)
+    (recommend for production deployments).
+
+To further customize Istio and install addons, you can add one or more `--set <key>=<value>` options in the
+`helm template` or `helm install` command in the instructions, below.
+The [Installation Options](/docs/reference/config/installation-options/) lists the complete set of supported
+installation key and value pairs.
 
 ## Prerequisites
 
@@ -29,6 +45,13 @@ plane.
    instead with the flags `--set gateways.istio-ingressgateway.type=NodePort`
    appended to the end of the Helm instructions in the installation steps below.
 
+{{< tip >}}
+These instructions assume the `istio-init` container will be used to setup `iptables` to redirect network traffic
+to/from Envoy sidecars. If you plan to customize the configuration to use `--set istio_cni.enabled=true`, you also
+need to ensure that a CNI plugin is enabled. Refer to [CNI Setup](/docs/setup/kubernetes/additional-setup/cni/)
+for details.
+{{< /tip >}}
+
 ## Installation steps
 
 The following commands may be run from any directory. We use Helm to obtain the charts via a secure
@@ -53,10 +76,6 @@ the appropriate snapshot.  For example, if you want to run with snapshot 6, use
     - To deploy Istio without using Tiller, follow the instructions for [option 1](/docs/setup/kubernetes/install/helm/#option-1-install-with-helm-via-helm-template).
     - To use [Helm's Tiller pod](https://helm.sh/) to manage your Istio release, follow the instructions for [option 2](/docs/setup/kubernetes/install/helm/#option-2-install-with-helm-and-tiller-via-helm-install).
 
-    {{< tip >}}
-    To customize Istio and install addons, use the `--set <key>=<value>` option in the helm template or install command. [Installation Options](/docs/reference/config/installation-options/) references supported installation key and value pairs.
-    {{< /tip >}}
-
 ### Option 1: Install with Helm via `helm template`
 
 Choose this option if your cluster doesn't have [Tiller](https://github.com/kubernetes/helm/blob/master/docs/architecture.md#components) deployed and you don't want to install it.
@@ -118,19 +137,43 @@ $ kubectl -n istio-system edit deployment istio-galley
     58
     {{< /text >}}
 
-1. Render and apply Istio's core components. For a production environment use the recommended Helm values or customize as needed:
-
-    {{< text bash >}}
-    $ helm template $HOME/istio-fetch/istio --name istio --namespace istio-system | kubectl apply -f -
-    {{< /text >}}
+1. Render and apply Istio's core components corresponding to your chosen profile.
+    The **default** profile is recommended for production deployments:
 
     {{< tip >}}
-    To try the `bookinfo` demo, use the Helm values customized for the `bookinfo` application:
+    You can further customize the configuration by adding `--set <key>=<value>`
+    [Installation Options](/docs/reference/config/installation-options/) to the commands.
     {{< /tip >}}
 
-    {{< text bash >}}
-    $ helm template $HOME/istio-fetch/istio --name istio --values install/kubernetes/helm/istio/values-istio-demo.yaml --namespace istio-system | kubectl apply -f -
-    {{< /text >}}
+{{< tabset cookie-name="helm_profile" >}}
+
+{{% tab name="default" cookie-value="default" %}}
+
+{{< text bash >}}
+$ helm template $HOME/istio-fetch/istio --name istio --namespace istio-system | kubectl apply -f -
+{{< /text >}}
+
+{{% /tab %}}
+
+{{% tab name="demo" cookie-value="demo" %}}
+
+{{< text bash >}}
+$ helm template $HOME/istio-fetch/istio --name istio --namespace istio-system \
+    --values install/kubernetes/helm/istio/values-istio-demo.yaml | kubectl apply -f -
+{{< /text >}}
+
+{{% /tab %}}
+
+{{% tab name="minimal" cookie-value="minimal" %}}
+
+{{< text bash >}}
+$ helm template $HOME/istio-fetch/istio --name istio --namespace istio-system \
+      --values install/kubernetes/helm/istio/values-istio-minimal.yaml | kubectl apply -f -
+{{< /text >}}
+
+{{% /tab %}}
+
+{{< /tabset >}}
 
 ### Option 2: Install with Helm and Tiller via `helm install`
 
@@ -163,19 +206,43 @@ to manage the lifecycle of Istio.
     58
     {{< /text >}}
 
-1. Install the `istio` chart. For a production environment use the recommended Helm values or customize as needed:
-
-    {{< text bash >}}
-    $ helm install istio.io/istio --name istio --namespace istio-system
-    {{< /text >}}
+1. Install the `istio` chart corresponding to your chosen profile.
+    The **default** profile is recommended for production deployments:
 
     {{< tip >}}
-    To try the `bookinfo` demo, use Helm values customized for the `bookinfo` application:
+    You can further customize the configuration by adding `--set <key>=<value>`
+    [Installation Options](/docs/reference/config/installation-options/) to the commands.
     {{< /tip >}}
 
-    {{< text bash >}}
-    $ helm install istio --name istio --values install/kubernetes/helm/istio/values-istio-demo.yaml --namespace istio-system
-    {{< /text >}}
+{{< tabset cookie-name="helm_profile" >}}
+
+{{% tab name="default" cookie-value="default" %}}
+
+{{< text bash >}}
+$ helm install istio.io/istio --name istio --namespace istio-system
+{{< /text >}}
+
+{{% /tab %}}
+
+{{% tab name="demo" cookie-value="demo" %}}
+
+{{< text bash >}}
+$ helm install istio.io/istio --name istio --namespace istio-system \
+    --values install/kubernetes/helm/istio/values-istio-demo.yaml
+{{< /text >}}
+
+{{% /tab %}}
+
+{{% tab name="minimal" cookie-value="minimal" %}}
+
+{{< text bash >}}
+$ helm install istio.io/istio --name istio --namespace istio-system \
+    --values install/kubernetes/helm/istio/values-istio-minimal.yaml
+{{< /text >}}
+
+{{% /tab %}}
+
+{{< /tabset >}}
 
 ## Uninstall
 

content/docs/setup/kubernetes/install/kubernetes/index.md

@@ -1,7 +1,7 @@
 ---
 title: Quick Start Evaluation Install
 description: Instructions to install and configure an Istio mesh in a Kubernetes cluster for evaluation.
-weight: 55
+weight: 10
 keywords: [kubernetes]
 aliases:
     - /docs/setup/kubernetes/quick-start/
@@ -50,7 +50,7 @@ This permits customization of Istio to operator specific requirements.
     $ for i in install/kubernetes/helm/istio-init/files/crd*yaml; do kubectl apply -f $i; done
     {{< /text >}}
 
-1. Install one of the following variants of the **demo profile**:
+1. Install one of the following variants of the `demo profile`:
 
 {{< tabset cookie-name="profile" >}}
 
@@ -117,7 +117,7 @@ $ kubectl apply -f install/kubernetes/istio-demo-auth.yaml
     {{< tip >}}
     If your cluster is running in an environment that does not
     support an external load balancer (e.g., minikube), the
-    `EXTERNAL-IP` of `istio-ingressgateway` will
+    `EXTERNAL-IP` of `istio-ingressgateway` will say
     `<pending>`. To access the gateway, use the service's
     `NodePort`, or use port-forwarding instead.
     {{< /tip >}}

content/docs/setup/kubernetes/install/minimal/index.md

@@ -1,126 +0,0 @@
----
-title: Minimal Istio Installation
-description: Instructions to perform the minimal install of Istio using Helm.
-weight: 30
-keywords: [kubernetes,helm, minimal]
-aliases:
-    - /docs/setup/kubernetes/minimal-install/
-icon: helm
----
-
-Follow this path to perform the minimal install and configuration of an Istio
-mesh using Helm.
-
-This minimal install provides traffic management features of Istio.
-
-## Prerequisites
-
-Refer to the [prerequisites](/docs/setup/kubernetes/install/kubernetes/#prerequisites) described in the Quick Start guide.
-
-## Installation steps
-
-You have two mutually exclusive options to install Istio:
-- To use Kubernetes manifests to deploy Istio, follow the instructions for [option #1](#option-1).
-- To use [Helm's Tiller pod](https://helm.sh/) to manage your Istio release, follow the instructions for [option #2](#option-2).
-
-### Option 1: Install with Helm via `helm template` {#option-1}
-
-Choose this option if your cluster doesn't have [Tiller](https://github.com/kubernetes/helm/blob/master/docs/architecture.md#components) deployed and you don't want to install it.
-
-1. Install all the Istio's [Custom Resource Definitions or CRDs for short](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/#customresourcedefinitions) via `kubectl apply`, and wait a few seconds for the CRDs to be committed in the Kube api-server:
-
-    {{< text bash >}}
-    $ for i in install/kubernetes/helm/istio-init/files/crd*yaml; do kubectl apply -f $i; done
-    {{< /text >}}
-
-1. Render Istio's core components to a Kubernetes manifest called `istio-minimal.yaml`:
-
-    {{< text bash >}}
-    $ cat @install/kubernetes/namespace.yaml@ > $HOME/istio-minimal.yaml
-    $ helm template install/kubernetes/helm/istio --name istio --namespace istio-system \
-      --values install/kubernetes/helm/istio/values-istio-minimal.yaml >> $HOME/istio-minimal.yaml
-    {{< /text >}}
-
-1. Install the Pilot component via the manifest:
-
-    {{< text bash >}}
-    $ kubectl apply -f $HOME/istio-minimal.yaml
-    {{< /text >}}
-
-### Option 2: Install with Helm and Tiller via `helm install` {#option-2}
-
-This option allows Helm and
-[Tiller](https://github.com/kubernetes/helm/blob/master/docs/architecture.md#components)
-to manage the lifecycle of Istio.
-
-1. If a service account has not already been installed for Tiller, install one:
-
-    {{< text bash >}}
-    $ kubectl apply -f @install/kubernetes/helm/helm-service-account.yaml@
-    {{< /text >}}
-
-1. Install Tiller on your cluster with the service account:
-
-    {{< text bash >}}
-    $ helm init --service-account tiller
-    {{< /text >}}
-
-1. Install the `istio-init` chart to bootstrap all the Istio's CRDs:
-
-    {{< text bash >}}
-    $ helm install install/kubernetes/helm/istio-init --name istio-init --namespace istio-system
-    {{< /text >}}
-
-1. Verify that all `58` Istio CRDs were committed to the Kubernetes api-server using the following command:
-
-    {{< text bash >}}
-    $ kubectl get crds | grep 'istio.io\|certmanager.k8s.io' | wc -l
-    58
-    {{< /text >}}
-
-1. Install the `istio` chart:
-
-    {{< text bash >}}
-    $ helm install install/kubernetes/helm/istio --name istio-minimal --namespace istio-system \
-      --values install/kubernetes/helm/istio/values-istio-minimal.yaml
-    {{< /text >}}
-
-1. Ensure the `istio-pilot-*` Kubernetes pod is deployed and its container is up and running:
-
-{{< text bash >}}
-$ kubectl get pods -n istio-system
-NAME                                     READY     STATUS    RESTARTS   AGE
-istio-pilot-58c65f74bc-2f5xn             1/1       Running   0          1m
-{{< /text >}}
-
-## Uninstall
-
-* For option 1, uninstall using `kubectl`:
-
-    {{< text bash >}}
-    $ kubectl delete -f $HOME/istio-minimal.yaml
-    {{< /text >}}
-
-* For option 2, uninstall using Helm:
-
-    {{< warning >}}
-    Uninstalling this chart does not delete Istio's registered CRDs. Istio, by design, expects
-    CRDs to leak into the Kubernetes environment. As CRDs contain all the runtime configuration
-    data needed to configure Istio. Because of this, we consider it better for operators to
-    explicitly delete the runtime configuration data rather than unexpectedly lose it.
-    {{< /warning >}}
-
-    {{< text bash >}}
-    $ helm delete --purge istio-minimal
-    $ helm delete --purge istio-init
-    {{< /text >}}
-
-* If desired, run the following command to delete all CRDs:
-
-    {{< warning >}}
-    Deleting CRDs deletes any configuration changes that you have made to Istio.
-    {{< /warning >}}
-
-    {{< text bash >}}
-    $ for i in install/kubernetes/helm/istio-init/files/crd*yaml; do kubectl delete -f $i; done
-    {{< /text >}}

content/docs/setup/kubernetes/install/multicluster/_index.md

@@ -1,10 +1,11 @@
 ---
 title: Multicluster Installation
 description: Configure an Istio mesh spanning multiple Kubernetes clusters.
-weight: 4
+weight: 30
 type: section-index
 aliases:
     - /docs/setup/kubernetes/multicluster-install/
+    - /docs/setup/kubernetes/multicluster/
 keywords: [kubernetes,multicluster]
 ---
 Refer to the [multicluster service mesh](/docs/concepts/multicluster-deployments/) concept documentation

content/docs/setup/kubernetes/install/platform/_index.md

@@ -0,0 +1,6 @@
+---
+title: Platform-specific Instructions
+description: Additional installation instructions for supported Kubernetes platforms.
+weight: 40
+icon: setup
+---

content/help/faq/distributed-tracing/minimal-requirements.md

@@ -3,4 +3,4 @@ title: What is the minimal Istio configuration required for distributed tracing?
 weight: 13
 ---
 
-The [Istio minimal profile](/docs/setup/kubernetes/install/minimal/) with tracing enabled is all that is required for Istio to integrate with Zipkin-compatible backends.
+The [Istio minimal profile](/docs/setup/kubernetes/install/helm/) with tracing enabled is all that is required for Istio to integrate with Zipkin-compatible backends.

content_zh/docs/setup/kubernetes/additional-setup/requirements/index.md

@@ -17,5 +17,5 @@ keywords: [kubernetes,sidecar,sidecar-injection]
 
 * _**Application UID**_：**不要**使用 ID（UID）值为 **1337** 的用户来运行应用。
 
-* _**`NET_ADMIN` 功能**:_ 如果您的群集中实施了 pod 安全策略，除非您使用 [Istio CNI 插件](/docs/setup/kubernetes/install/cni/)，您的 pod 必须具有`NET_ADMIN`功能。
+* _**`NET_ADMIN` 功能**:_ 如果您的群集中实施了 pod 安全策略，除非您使用 [Istio CNI 插件](/docs/setup/kubernetes/additional-setup/cni/)，您的 pod 必须具有`NET_ADMIN`功能。
                                 请参阅[必需的 Pod 功能](/help/ops/setup/required-pod-capabilities/)。

content_zh/docs/setup/kubernetes/install/alicloud/index.md

@@ -39,7 +39,7 @@ $ helm init --service-account tiller
 - 在左侧的导航栏中点击 **应用程序目录** 。
 - 在右侧的导航栏总选择 **ack-istio** 。
 
-{{< image link="/docs/setup/kubernetes/install/alicloud/app-catalog-istio-1.0.0.png" caption="Istio" >}}
+{{< image link="/docs/setup/kubernetes/install/platform/alicloud/app-catalog-istio-1.0.0.png" caption="Istio" >}}
 
 ### 使用参数自定义安装
 

content_zh/docs/setup/kubernetes/install/gke/index.md

@@ -22,11 +22,11 @@ keywords: [kubernetes,gke,google]
 
 `projectNumber-compute@developer.gserviceaccount.com`，缺省情况下，它只包含 `Editor` 角色。对角色进行编辑，在“角色”下拉框中查找 `Kubernetes Engine` 分组，选择角色 `Kubernetes Engine Admin`。
 
-{{< image link="/docs/setup/kubernetes/install/gke/dm_gcp_iam.png" caption="GKE-IAM Service" >}}
+{{< image link="/docs/setup/kubernetes/install/platform/gke/dm_gcp_iam.png" caption="GKE-IAM Service" >}}
 
 加入 `Kubernetes Engine Admin` 角色：
 
-{{< image width="70%" link="/docs/setup/kubernetes/install/gke/dm_gcp_iam_role.png" caption="GKE-IAM Role" >}}
+{{< image width="70%" link="/docs/setup/kubernetes/install/platform/gke/dm_gcp_iam_role.png" caption="GKE-IAM Role" >}}
 
 ## 在 GKE 上设置 Istio
 

content_zh/docs/setup/kubernetes/install/ibm/index.md

@@ -140,27 +140,27 @@ keywords: [kubernetes,ibm,icp]
 - 点击搜索框右侧的 `Filter` 并选中 `ibm-charts` 复选框。
 - 点击左侧导航窗格的 `Operations`。
 
-{{< image link="/docs/setup/kubernetes/install/ibm/istio-catalog-1.png" caption="IBM 私有云 - Istio 目录" >}}
+{{< image link="/docs/setup/kubernetes/install/platform/ibm/istio-catalog-1.png" caption="IBM 私有云 - Istio 目录" >}}
 
 - 点击右侧面板中的 `ibm-istio`。
 
-{{< image link="/docs/setup/kubernetes/install/ibm/istio-catalog-2.png" caption="IBM 私有云 - Istio 目录" >}}
+{{< image link="/docs/setup/kubernetes/install/platform/ibm/istio-catalog-2.png" caption="IBM 私有云 - Istio 目录" >}}
 
 - （可选的）使用 `CHART VERSION` 的下拉功能修改 Istio 版本。
 - 点击 `Configure` 按钮。
 
-{{< image link="/docs/setup/kubernetes/install/ibm/istio-installation-1.png" caption="IBM 私有云 - 安装 Istio" >}}
+{{< image link="/docs/setup/kubernetes/install/platform/ibm/istio-installation-1.png" caption="IBM 私有云 - 安装 Istio" >}}
 
 - 输入 Helm 部署实例的名称（例如：`istio-1.0.3`），并选择 `istio-system` 作为目标 namespace。
 - 同意许可条款。
 - （可选的）点击 `All parameters` 自定义安装参数。
 - 点击 `Install` 按钮。
 
-{{< image link="/docs/setup/kubernetes/install/ibm/istio-installation-2.png" caption="IBM 私有云 - 安装 Istio" >}}
+{{< image link="/docs/setup/kubernetes/install/platform/ibm/istio-installation-2.png" caption="IBM 私有云 - 安装 Istio" >}}
 
 安装完成后，你可以在 **Helm Releases** 页通过搜索实例名找到它。
 
-{{< image link="/docs/setup/kubernetes/install/ibm/istio-release.png" caption="IBM 私有云 - 安装 Istio" >}}
+{{< image link="/docs/setup/kubernetes/install/platform/ibm/istio-release.png" caption="IBM 私有云 - 安装 Istio" >}}
 
 ### 升级或回滚
 
@@ -170,9 +170,9 @@ keywords: [kubernetes,ibm,icp]
 - 通过实例名找到已安装的 Istio。
 - 点击 `Action` 然后选择 `upgrade` 或 `rollback`。
 
-{{< image link="/docs/setup/kubernetes/install/ibm/istio-upgrade-1.png" caption="IBM 私有云 - Istio 升级或回滚" >}}
+{{< image link="/docs/setup/kubernetes/install/platform/ibm/istio-upgrade-1.png" caption="IBM 私有云 - Istio 升级或回滚" >}}
 
-{{< image link="/docs/setup/kubernetes/install/ibm/istio-upgrade-2.png" caption="IBM 私有云 - Istio 升级或回滚" >}}
+{{< image link="/docs/setup/kubernetes/install/platform/ibm/istio-upgrade-2.png" caption="IBM 私有云 - Istio 升级或回滚" >}}
 
 ### 卸载
 
@@ -182,4 +182,4 @@ keywords: [kubernetes,ibm,icp]
 - 通过实例名找到已安装的 Istio。
 - 点击 `Action` 并选择 `delete`。
 
-{{< image link="/docs/setup/kubernetes/install/ibm/istio-deletion.png" caption="IBM 私有云 - 卸载 Istio" >}}
+{{< image link="/docs/setup/kubernetes/install/platform/ibm/istio-deletion.png" caption="IBM 私有云 - 卸载 Istio" >}}

content_zh/docs/setup/kubernetes/multicluster/gateways/index.md

@@ -13,7 +13,7 @@ keywords: [kubernetes,multicluster,federation,gateway]
 跨集群通信发生在相应集群的 Istio Gateway 上。
 
 {{< image width="80%"
-    link="/docs/setup/kubernetes/multicluster/gateways/multicluster-with-gateways.svg"
+    link="/docs/setup/kubernetes/install/multicluster/gateways/multicluster-with-gateways.svg"
     caption="Istio 网格使用 Istio Gateway 跨越多个 Kubernetes 集群访问远程 Pod"
     >}}
 
@@ -43,13 +43,7 @@ keywords: [kubernetes,multicluster,federation,gateway]
 
     {{< text bash >}}
     $ helm template install/kubernetes/helm/istio --name istio --namespace istio-system \
-<<<<<<< HEAD
         -f @install/kubernetes/helm/istio/values-istio-multicluster-gateways.yaml@ > $HOME/istio.yaml
-=======
-        -f install/kubernetes/helm/istio/example-values/values-istio-multicluster-gateways.yaml > $HOME/istio.yaml
-    $ kubectl create namespace istio-system
-    $ kubectl apply -f $HOME/istio.yaml
->>>>>>> master
     {{< /text >}}
 
     要了解更多细节以及参数定制方法，请阅读：[用 Helm 进行安装](/zh/docs/setup/kubernetes/install/helm)。

content_zh/docs/setup/kubernetes/multicluster/vpn/index.md

@@ -12,7 +12,7 @@ aliases:
 在此配置中，运行远程配置的多个 Kubernetes 控制平面将连接到**单个** Istio 控制平面。一旦一个或多个远程 Kubernetes 集群连接到 Istio 控制平面，Envoy 就可以与单个控制平面通信并形成跨多个集群的服务网格。
 
 {{< image width="80%"
-    link="/docs/setup/kubernetes/multicluster/vpn/multicluster-with-vpn.svg"
+    link="/docs/setup/kubernetes/install/multicluster/vpn/multicluster-with-vpn.svg"
     caption="通过 VPN 直连远程 pod 的多 Kubernetes 集群 Istio 网格"
     >}}