* Updated with instructions for LightStep Tracing vs. LightStep [x]pm (#4203)
* Remove [x]PM unless necessary (#4405)
These instructions are now for both LightStep [x]PM and LightStep Tracing.
(cherry picked from commit 33d1d5dc12)
* Clarify auth variant
This makes it clear that sds-auth is already the 'auth' variant. It
also tries to be more specific about what it does, rather than just
saying 'auth by default'
* Add incompatibility between SDS and control plane auth
* Remove unneeded aside
* Clarify status of control plane security with SDS
No technical issues apparently, just timeline. Also moved to before the
table for clarity.
* Simplify additional security feature table
This improves the clarity of this table by:
* Removing default and minimal , since -auth doesn't add any security
features
* Labeling the first column as security feature
* Changing the names of the profiles to reflect the final profile name
including the -auth, instead of without
(cherry picked from commit fe33c33740)
Cat-ing the crds into a single file along with the istio mainfests
leads to a race to install the crds. This applies the crds as a
separate step to avoid this.
(cherry picked from commit 42de6cf3c0)
Update the installation options for release-1.2 and the installation
option changes between release 1.1 and release 1.2. These changes have
been generated by the updated changes to tablegen.py in the
PR: https://github.com/istio/istio.io/pull/4402Fixes: #4374
* prep release note 1.2
* create release note 1.2 based on draft from wiki
* add a diff
* tweaks
* fix lint
* fix lint
* fix lint
* fix lint
* reorg a bit
* add missing rewrite prob annotation
* addressed Martin's comment
* add a release note item for 12824
* various update
* 3 month window
* a pass review with louis and josh
* typo
* a few link update
* Apply suggestions from code review
Co-Authored-By: mandarjog <mandarjog@gmail.com>
* more feedback
* galley related changes
* Update content/boilerplates/notes/1.2.md
Co-Authored-By: mandarjog <mandarjog@gmail.com>
* more updates
* more updates
* update mandar's change
* add link to annotationn
* Update content/boilerplates/notes/1.2.md
Co-Authored-By: Oliver Liu <yonggangl@google.com>
* Update content/boilerplates/notes/1.2.md
Co-Authored-By: Ozben Evren <ozevren@users.noreply.github.com>
* Update content/boilerplates/notes/1.2.md
Co-Authored-By: Oliver Liu <yonggangl@google.com>
* remove jitter in CSR
since it is in 1.1 4550986e42
also limin confirmed NO RBAC channges in 1.2
* add a link to sidecar none
* add feature maturity
* typo
* field->flag
* add a link
* added CNI support
* added a few others item
* typo
* Update content/boilerplates/notes/1.2.md
Co-Authored-By: Oliver Liu <yonggangl@google.com>
* typos
* Update content/boilerplates/notes/1.2.md
Co-Authored-By: Oliver Liu <yonggangl@google.com>
* Update content/boilerplates/notes/1.2.md
Co-Authored-By: Oliver Liu <yonggangl@google.com>
* some tweak for sds and remove service tracing
* fix link and lint
* add words
* fix link
* Update content/boilerplates/notes/1.2.md
Co-Authored-By: Oliver Liu <yonggangl@google.com>
* Add new Traffic management concept.
Wrote a new "Traffic management" concept to include the latest developments.
Organized the content into smaller pages to make it easier to consume. The new
structure improves visibility and each page includes keywords to improve the
"See Also" pieces of suggested content and SEO. The new concept includes
diagrams and examples. Each section starts with the larger picture and then
moves to explain the specifics.
Signed-off-by: rcaballeromx <grca@google.com>
* Improved based on review comments.
Signed-off-by: rcaballeromx <grca@google.com>
* Fix Hugo front matter.
Signed-off-by: rcaballeromx <grca@google.com>
* Fix false positives in links test.
Signed-off-by: rcaballeromx <grca@google.com>
* Remove terms from exceptions file.
Signed-off-by: rcaballeromx <grca@google.com>
* Revert "Add new Traffic management concept."
This reverts commit de9d0e0225.
Having back-ticks at the beginning of the lines was causing Hugo not to generate
the pages at build time. Moved the content with backticks away from the start of
the lines seems to fix the issue.
Signed-off-by: rcaballeromx <grca@google.com>
* Update feature stages for 1.2 release.
* Adjust stability of security features in consultatin with diemtvu and liminw.
* SNI multi cert now stable.
* Update feature stages based on feedback.
* Respond to code review feedback.
* add missing cleanup step for authn policy task section 1
The "*.local" rule created in "Globally enabling Istio mutual TLS"
was not removed during the cleanup section, leading to unexpected
503s for users continuing on to the next section (enabling
per-namespace).
* Note that jwcrypto needs to be present to run gen_jwt.py
* Apply suggestions from code review
Co-Authored-By: Rigs Caballero <grca@google.com>
* Fix the flow and language of the Getting started doc.
Signed-off-by: rcaballeromx <grca@google.com>
* Add cross-reference on the k8s install guide.
Signed-off-by: rcaballeromx <grca@google.com>
* Rework concluding paragraph to clarify timeline.
Signed-off-by: rcaballeromx <grca@google.com>
* Move cross-reference to landing page.
Signed-off-by: rcaballeromx <grca@google.com>
* Add new Traffic management concept.
Wrote a new "Traffic management" concept to include the latest developments.
Organized the content into smaller pages to make it easier to consume. The new
structure improves visibility and each page includes keywords to improve the
"See Also" pieces of suggested content and SEO. The new concept includes
diagrams and examples. Each section starts with the larger picture and then
moves to explain the specifics.
* fix the egress gateway example
need to change static because one address was host the other was ip.
* update to make it cleaner
* minor typo
* minor tweaks
* fix lint
* format change
* fix lint
* fix lint
* clean up tips per frank and shriram's suggestion
* fix lint
* Remove links to outdated code
The code for this was removed in:
https://github.com/istio/istio/pull/14678/files
I don't read/speak ZH, so struggle to understand how to properly
reword the text. In the interim, just remove the links from the ZH
pages.
* Fix a envoy doc link failures
The fonts used in arch.svg were incorrect and didn't match the
rest of the website. In addition, there was some stray text.
I produced this file based upon the svg in 1.1 - after changing
"service A" to "service B" on the right side of the diagram. Somewhere
in 1.2, this error was fixed, but the font regression was introduced.
Fixes: #4375
GDB is no longer shipped in the containers. Whether it should be or not
is not relevant for 1.2 (its too late to add GDB to 1.2). Remove
GDB from the documentaiton. We don't really expect operators would
use GDB in production. If GDB were reintroduced to the containers,
it may make sense to document GDB in the developer wiki.
Fixes: #4361
* rbac: simplify and make authorization HTTP/TCP tasks consistent
* Simplify the Bookinfo deployment, the service accounts could just be
added with the default Bookinfo deployment.
* Make the `Before you begin` section more consistent for HTTP and TCP
tasks
* address comments
* fix link
* Refine the multicluster gateways installation documentation
Change all occurances of we to you.
Use the kubernetes version macro instead of hard-coding.
Refinements to the wording in various places.
Improvements to the workflow, so it works 100% of the time instead of most of the time.
Add the a warning flag related to the samples certs.
Add more information about stubbing a domain for cloud provides that have specific unique procedures.
* refinements
* Fix shortcode error
* Fix linting problems
* Apply review comments.
- Rename "Operations Guide" to "Operations" so it fits better in the sidebar.
- Rename the main kubernetes install page to "Installing on Kubernetes" rather than
just "Kubernetes" which was a bit odd when landing there. Links to the page in the
sidebar and elsewhere still say "Kubernetes" since these usually appear in context.
Romain Lenglet
Martin Taillefer
Joshua Blatt
Francois Pesce
mergify[bot]
Frank Budinsky
Rigs Caballero
Lin Sun
Tao Li
Rick-Manarauskis
Douglas Reid
Yangmin Zhu
mtail
Dan Ciruli
Steven Dake
Martin Ostrowski
Matthew Wringe
Mariam John
Chris Wilson
Oliver Liu
Jianfei Hu
Phil Rud
John Howard
Morven Cao
Ozben Evren
Eric Van Norman
Jimmy Chen
Brian Avery
imgbot[bot]
Rachael Graham
Ram Vennam
lei-tang