When I tried testing the application with `curl`, I got `000` as response.
For my environment, escaping the braces results in the variable not being expanded.
But because of outputting to `/dev/null`, I didn't see the error message `curl: (6) Could not resolve host: ${GATEWAY_URL}`
I'm using zsh under macOS.
* Add initial doc changes related to tracing provider and support for zipkin backend
* Suggestion for way to incorporate more tracing backends - using text from lightstep PR #2844
* Update based on review comments. Moved lightstep content (from #2844 to subfolder
* Add more zipkin content and images
* Remove jaeger from dt page
* Updates following comments
* Updates to address comments
* initial version
* ServiceEntry -> service entry (in text)
* config map -> `ConfigMap`
* fix a link
* task -> example
* through such proxy -> through it
* elaborate what has been done after the proxy is deployed and tested
* split a long line
* explain why there is no need to define service entries for external services accessed through the proxy
* rewrite the sentence about simulating the proxy outside the cluster
* check the log and see your request -> check the log for your request
* HTTP CONNECT method -> the HTTP CONNECT method
* between the application and the proxies -> between the application and the proxy
* add explanation how this example is different from other egress examples
* update chart requirements
adding `helm dep up` which is required for the install to succeed
* note about relative refs
* remove redundant space
* grammer and passive voice
Co-Authored-By: itaysk <itay@itaysk.com>
* helm repo add
* documentation for end-user authencation on ingress-gateway (#2243)
* documentation for end-user authencation on ingress-gateway
* address comments
* address comments
* address comment
* Move end user authentication on Ingress section to securtity.
* Minor text change.
* Revert edit in traffic management doc.
* Remove Ingress example. Replace it with a single sentence.
* Addressed comment.
* adding new blog post on traffic mgmt
* updates to address PR feedback
* fixed spelling issues and adjusted weight
* added DestinationRule to linter spelling config
* removed DestinationRule, using backticks per instructions
* using backticks instead of custom spelling config
* sceleton of the post
* add creating and dropping bookinfo user
* use present tense
* add created/drop ratings collection
* add unsetting of MONGODB_HOST and MONGODB_PORT environment variables
* add a step to check that bookinfo user can get ratings
* fix command line bookinfo v2 deployment
* renamed externalMySQLRatings.png -> externalDBRatings.png
* set the ratings to 1 to provide a visual clue
* rewrite the "access the webpage" section
* add "Egress control for TLS" section
* add "Directing TLS Egress traffic through the egress gateway" section
* add the "Enable Egress MongoDB traffic to arbitrary wildcarded domains" section
* replace cat <<EOF | kubectl apply/create -f - with kubectl apply/create -f - <<EOF
* replace mysql with mongodb in the diagram
* add a section about TCP egress control
* add cleanup of egress entry for TCP
* add location: MESH_EXTERNAL to service entries
* if you have mTLS enabled -> if you want to enable mTLS
* add a section regarding TCP traffic through the egress gateway
* restructure the post to be devided into TCP and TLS sections
* removed mentioning Istio installed with Istio 1.0
* fix indentation
* extend the description of TCP egress control
* fix a link
* expand the explanation on the egress gateway, move the setting IP env variable to the common TCP section
* add unsetting MONGODB_IP to the cleanup section
* do not use a list for one entry
* bookinfo-ratings-v2-mysql-external.svg -> bookinfo-ratings-v2-mongodb-external.svg
* MySQL -> MongoDB
* fix the explanation about the DNS resolution of the TCP service entry
* add an explanation about directing TCP egress traffic thru the egress gateway
* remove future tense
* add a sentence about encrypting TCP traffic with mutual TLS
* application pods -> MongoDB clients
* add explanation about TCP egress without mutual TLS
* protocol is on top of -> protocol runs on top of
* add an explanation about the egress control for mongo protocol on TLS
* add a missing dot
* sidecar proxy directs the traffic to the host -> to the gateway
* remove redundant empty line
* add explanation about TLS through the egress gateway
* add explanation about sidecar proxy -> gateway -> mongo db routing
* subsection -> section
* HTTPS -> MongoDB
* add conclusion
* add a sentence about wildcarded domains to the conclusion
* add wildcarded to .spelling
* add 'wildcards' to .spelling
* fix a title (TCP -> TLS)
* remove a redundant empty line
* linting: do not use italics inside links
* fix the date of the blog post
* fix the weight of the blog post
* improve the titles
* controlling external services -> controlling traffic to external services
* to prevent the password being -> to prevent the password from being
* remove redundant comma
* MongoDB -> MongoDB service
* you deploy a version of ratings -> you will deploy a version... in the next subsection
* simplified description of deploying ratings v2
* simplifie TCP egress traffic alternatives description
* rewrite the motivation for egress gateway
* fix an internal link (direct egress traffic thru an egress gateway)
* to provide you -> to provide yourself
* remove redundant web page refresh instruction
* remove redundant 'to'
* remove redundant explanation about mTLS
* port for direct -> port for directing
* Revert "remove redundant web page refresh instruction"
This reverts commit 2c73a26497.
* MongoDB instance -> MongoDB service
* fix additional dead link
* add an expanation about the SNI proxy
* remove instructions for Istio before 1.0.1
* shorten a title
* our -> your
* organization security requirements -> organization's security requirements
* special -> custom, add a sentence about other TCP/TLS protocols
* move the blog post to advanced examples
* rewrite the blog post as example
* fix an internal link
* Revert "rewrite the blog post as example"
This reverts commit 5369927fd4.
* Revert "move the blog post to advanced examples"
This reverts commit 461c9f679a.
* move the "with mTLS section" after "without mTLS", for TCP egress gateway
* remove 'the' from TCP traffic
* update the date of the blog post
* add an explanation about *.com used in the example
* one per each -> one for each
* fix wording of egress traffic configuration for wildcarded domains
* for the cases -> for cases
* fix the wording of leaving multiple MongoDB hosts as an exercise for the reader
* add an explanation about TCP vs. Mongo protocols
* add "sometimes" in "sometimes the IP of the MongoDB host is not stable..."
* through an egress gateway -> from sidecars to the egress gateway
* capable to route -> capable of routing
* This removes the canned credentials in the instructions. So a user can't just copy-n-paste the instructions and always get the same credentials - they have to enter their own username and passphrase.
* remove reference to the helm readme
* use text-bash
* changes as per review
* need the -n option to echo to correctly base64 encode the creds
This adds a new Task under the Traffic Management module for showcasing
Istio's Weighted TCP Routing feature.
Signed-off-by: Venil Noronha <veniln@vmware.com>
l10xbin
Hendrik Purmann
Martin Taillefer
Xi Ning Wang
Gary Brown
Kuat
Vadim Eisenberg
Tao Li
John Mazzitelli
paassdc
cwocwo
mandarjog
Tiago Moreira Vieira
Itay Shakury
agmsb
Limin Wang
Sandeep Parikh
SataQiu
Venil Noronha
Jason Young
Frank Budinsky
Linus Li
Zack Butcher
Chunlin Yang
Julian Griggs
Douglas Reid
Shriram Rajagopalan
mtail