* Improve DestinationRule Security Best Practices
* Add instructions for improving security using subjectAltNames which is
not checked by default.
* Add instructions to turn on VERIFY_CERTIFICATE_AT_CLIENT to decrease
friction of checking certificates against a CA.
* Escalate certificate validation that is not being done to a warning to
increase visibility.
* Add Clarification to certificate validation.
* Add explanation of using system to enable OS CA certificate usage.
* Clarify subjectAltName usage and why it is important
* Fix linter error
* Clarify CA cert used and user need for an sni value
This allows to override the default istio/api Git repo URL
(https://github.com/istio/api.git) with something else, for example, a
local directory, hence we can check how the documentation generated from
*.proto is rendered and layouted.
Signed-off-by: Dhi Aurrahman <dio@rockybars.com>
* revise author info to pass google cla
* revise the tip content in bookinfo page
* run make gen
* Update content/en/docs/examples/bookinfo/index.md
Co-authored-by: Eric Van Norman <ericvn@us.ibm.com>
* remove extra setup faq to consistent with the EN version
Co-authored-by: Xiaopeng Han <hanxiaop@google.com>
Co-authored-by: Eric Van Norman <ericvn@us.ibm.com>
* Fix in attribute "name" on "metadata".
Missing tab in attribute "name" at section "Define the external authorizer" in ServiceEntry example.
* command make gen
Co-authored-by: Igor Agueme <igoragueme@outlook.com>
* Update test reference to latest istio
* Update helm output
* Update install/operator test to allow <pending> IP for running locally.
* fix lint
* Gateway changes
* Fix gateway
* Remove remaining webhook to make tests pass
* Change to use istioctl tag remove
This updates the trust-domain reference link. The spiffe docs site is
updated and this fix the direct link to the trust-domain anchor.
Signed-off-by: Dhi Aurrahman <dio@rockybars.com>
* minor improvements in the Reporting Bugs page
- Adds recommendation to obtain output of istioctl analyze in the case of manual dump (I think it is great to collect this if bug-report is not possible)
- Adds commands to obtain gateways and sidecar logs
- Adds a note on using `--include` if the bug-report is failing to complete in the case of large clusters linking to reference docs for other options.
* apply suggestions form review and fix lint error
* Fixes lint errors
* move analyze to the beginning, logs examples
* Update content/en/docs/releases/bugs/index.md
removing space
Co-authored-by: Eric Van Norman <ericvn@us.ibm.com>
* Adds missing period and fix identation
* Fixes identation for components and sidecar logs.
* Fixes MD004 with lists
* Fix MD007 Unordered list indentation
Co-authored-by: Cynthia Lopes do Sacramento <clsacramento@google.com>
Co-authored-by: Eric Van Norman <ericvn@us.ibm.com>
John Howard
Yangmin Zhu
Frank Budinsky
Istio Automation
Pengyuan Bian
Kenan O'Neal
Eric Van Norman
Dhi Aurrahman
Ryan King
Avi Miller
Xiaopeng Han
youhonglian
Ihor Sychevskyi
craigbox
Dhi Aurrahman
Jonathan Meyers
Cynthia Lopes do Sacramento
Sungyun Hur
YoKv
Ashish Malik