istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,049 Commits 97 Branches 0 Tags 907 MiB
Commit Graph

78 Commits

Author SHA1 Message Date
jacob-delgado 7cf02b617d
Update Authentication page (#7198) 
Fixes https://github.com/istio/istio.io/issues/7194
 2020-04-30 10:58:57 -07:00
Frank Budinsky 1fe7056ffa
Partial convert mirror test to new model (#7153) 
Reverted the actual mirror test script, because mirror test seems to have some subtle failure when running with what seems to be the exact same commands via snips. Will investigate further in followup PR. Merging this one to get the generator changes.
 2020-04-25 12:34:24 -04:00
Mitch Connors e1b4de48f0
Fix cleanup to delete authorization policy (#7142) 
Fixes https://github.com/istio/istio/issues/23190
 2020-04-23 11:18:12 -07:00
Frank Budinsky a7107678f5
Convert TCP traffic shifting test (#7131) 
* Convert TCP traffic shifting test

* lint errors

* regen

* test disable spellcheck

* temporary disable gen-check

* disable inappropriate bash lint errors

* disable gen check

* one more regen

* reenable gen check

* remove -it options

* revert commands

* fix app health check outdated
 2020-04-22 18:26:27 -07:00
Frank Budinsky f2cf780bfb
Update doc test README (#7080) 
* Update doc test README

* add sh

* tweaks

* formatting

* format

* fix comment

* wording

* convert mtls migration task

* Update tests/README.md

Co-Authored-By: Eric Van Norman <ericvn@us.ibm.com>

* Update tests/README.md

Co-Authored-By: Eric Van Norman <ericvn@us.ibm.com>

Co-authored-by: Eric Van Norman <ericvn@us.ibm.com>
 2020-04-15 08:44:18 -07:00
Frank Budinsky 3b59501872
Generate test snippets from md files POC (#7044) 
* Generate test snippets from md POC

* fixes

* fix python lint

* fix snip source

* improvements

* update snip calls

* add copyright header

* lint errors

* lint error in md instructions

* better default snip_id

* run test without snippet gen

* gofmt

* fixes

* fix path

* fixes

* fix verify
 2020-04-14 07:13:44 -07:00
Eric Van Norman 1290482b63
Fix privildeged (#6997) 2020-04-02 08:12:33 -07:00
Jianfei Hu 8dc367d9fd
Add a tcpdump verification FAQ entry for mutual TLS effect proof. (#6922) 
* add a tcpdump verification for mtls

* add period

* move to the migration doc.

* lint fixing

* address cmt.

* Apply suggestions from code review

Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>

Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
 2020-03-24 13:30:11 -04:00
Diem Vu 055f5e480c
[Release-1.5] Delete auto-mTLS task (#6591) 
* Delete auto-mTLS task

* Fix links

* Fix links

* Fix links on 1.5

* Fix links
 2020-03-05 18:01:06 -08:00
Istio Automation 2edbaeaf4b
Remove deep dive mtls taks. (#6706) 
* remove deep dive

* update links

* lint fixing egs gw

* more removal

* link 1.0.3 lint
 2020-03-04 13:15:26 -08:00
Istio Automation b5a4efb064
Another clean up for global.mtls.enable (#6611) 
* Another clean up for global.mtl.enable

* Update text

* Lint

* Use --set values.grafana.enabled=true as overriding operator value example

* Revert change in content/en/docs/reference/commands/istioctl/index.html

* Change example istioctl command to override grafana settings

* Lint

* Change to --set addonComponents.grafana.enabled=true

* Remove global.mtls.enable in authn task

* Update content/en/docs/setup/install/istioctl/index.md

Co-Authored-By: Rigs Caballero <grca@google.com>

* Update content/en/docs/setup/install/multicluster/shared-vpn/index.md

Co-Authored-By: Rigs Caballero <grca@google.com>

* Update content/en/docs/tasks/security/authentication/authn-policy/index.md

Co-Authored-By: Rigs Caballero <grca@google.com>

* Update content/en/docs/tasks/security/citadel-config/plugin-ca-cert/index.md

Co-Authored-By: Rigs Caballero <grca@google.com>

* Update content/en/docs/setup/install/multicluster/shared-vpn/index.md

Co-Authored-By: Rigs Caballero <grca@google.com>

* Update content/en/docs/tasks/security/citadel-config/plugin-ca-cert/index.md

Co-Authored-By: Rigs Caballero <grca@google.com>

Co-authored-by: Rigs Caballero <grca@google.com>
 2020-03-04 13:15:19 -08:00
Diem Vu dde9ed9258
Fix per-port peer authentication command (#6682) 
* Fix command

* Correct commands for mtls migration tasks

* Lint

* Lint
 2020-03-02 14:43:03 -08:00
Jianfei Hu 6fb12b9c8e
Rewrite mtls migration instructions. (#6589) 
* rewrite mtls migration doc.

* migrate out the comment out ones

* more service/wl swap, one level title up

* Update content/en/docs/tasks/security/authentication/mtls-migration/index.md

Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>

* lint fix, lockdown

* refer ns in lckdown

* reworded beginnig  sec

* remove the global.mtls.enabled.

* lint fix

* Apply suggestions from code review

Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>

* suggestion batch2.

Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>

* address turn3

Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>

* ns create separtae.

Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
 2020-02-27 07:20:59 -08:00
Diem Vu bfb8eb0fb3
Remove https overlay task (#6596) 
* Remove https overlay

* Remove ref
 2020-02-26 13:22:59 -08:00
Diem Vu e59a1998bf
Modernize authn tasks for 1.5 API and auto-mTLS by default (#6546) 
* Modernize authn tasks for 1.5 API and auto-mTLS by default

* Also remove auto-mtls task as merge with the main task, as this mode is by default and having separate task is uneccessary

* Lint

* Update content/en/docs/tasks/security/authentication/authn-policy/index.md

Co-Authored-By: Rigs Caballero <grca@google.com>

* Update content/en/docs/tasks/security/authentication/authn-policy/index.md

Co-Authored-By: Rigs Caballero <grca@google.com>

* Update content/en/docs/tasks/security/authentication/authn-policy/index.md

Co-Authored-By: Rigs Caballero <grca@google.com>

* Address first round comments

* Lint

* Lint

* Address more review comments

* Lint

* Update content/en/docs/tasks/security/authentication/authn-policy/index.md

Co-Authored-By: Rigs Caballero <grca@google.com>

* Update content/en/docs/tasks/security/authentication/authn-policy/index.md

Co-Authored-By: Rigs Caballero <grca@google.com>

* Address comments and revert delete files to fix lint. Will remove in another PR

* Fix links

* More review

* Update content/en/faq/security/accessing-non-istio-services.md

Co-Authored-By: Rigs Caballero <grca@google.com>

* Update content/en/docs/tasks/security/authentication/authn-policy/index.md

Co-Authored-By: Rigs Caballero <grca@google.com>

Co-authored-by: Rigs Caballero <grca@google.com>
 2020-02-25 10:13:25 -08:00
Oliver Liu 7e225624b8 Improve the MTLS migration task. (#6255) 
* Improve the MTLS migration task.

* Small fix.

* More improvements.

* Small fix.

* Small fix.

* Small fix.

* Small fix.

* Small fix.

* Lint fix.

* Copy edits

* Apply suggestions from code review

Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>

Co-authored-by: Adam Miller <1402860+adammil2000@users.noreply.github.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
 2020-01-06 08:58:25 -08:00
Lin Sun c285372359 update with correct output (#6186) 
* update with correct output

shows source and destination service

* Update index.md
 2019-12-31 08:14:22 -08:00
Lin Sun 4601017961 remove bin reference to istioctl (#6154) 
* remove bin reference to istioctl

as all of our other tasks assume istioctl is on the path already.  Having it cause me an alert on my mac:

“istioctl” can’t be opened because Apple cannot check it for malicious software.

* fix istioctl path
 2019-12-19 13:55:05 -08:00
Lin Sun 9bf0d55b26 update the cmd to retrieve token correctly (#6128) 
* update the cmd to retrieve token correctly

* update to remove empty char only

* remove tab also

* Update content/en/docs/tasks/security/authentication/authn-policy/index.md

Co-Authored-By: Eric Van Norman <ericvn@us.ibm.com>
 2019-12-18 06:24:23 -08:00
Jianfei Hu f2e87724f3 remove optional wording in title (#6089) 2019-12-16 09:20:05 -05:00
Shamsher Ansari 5c269c0340 Improve Mutual TLS migration example (#6035) 
As with version v1.4.0, Experimental multi-cluster setup has been added to istioctl

The following command also provides istio-multicluster-destinationrule and host information

kubectl get destinationrule --all-namespaces
 2019-12-10 13:06:43 -08:00
Shamsher Ansari ae81fe9cec Fix setting up Automatic mutual TLS example (#6010) 2019-12-06 07:12:48 -08:00
John Zheng 3d7011c31b Improve index.md (#5646) 
Suggest to add this commit, to improve user experience.

Already be merged into release-1.3, FYI
https://github.com/istio/istio.io/pull/5489/commits
 2019-11-14 05:49:31 -08:00
Frank Budinsky f5ce9feb70
Consolidate getting started instructions (#5642) 
* Consolidate getting started instructions

* review comments

* fix broken links

* add istioctl link

* Fix spelling

* more broken links

* one more
 2019-11-12 23:04:33 -05:00
Diem Vu 822701661d Fix tls-check output example (#5608) 
* Fix tls-check output example

* Fix spacing
 2019-11-11 15:54:54 -08:00
Frank Budinsky 823e85b69a
Reorganize reference docs (#5595) 
* Reorganize reference docs

* aliases

* corrections

* fix broken links

* fix broken link

* another broken link

* another broken link
 2019-11-11 17:46:27 -05:00
Jianfei Hu 16d07b0483 Update the egrep and service accounts. (#5523) 
* Update the egrep and service accounts.

* fix the lint.
 2019-11-09 06:20:52 -08:00
Frank Budinsky a6a5769f12
Organize security tasks (#5474) 
* Organize security tasks

* lint errors

* fixes

* more fixes
 2019-11-07 15:54:27 -05:00