* use the 443 port and host "*.local" for the gateway
* the Gateway -> a gateway, remote services -> services in cluster2
* rewrite instructions for setting the gateway's address
* add unsetting environment variables and removing files to cleanup
* put backticks around `istio` and `ConfigMap`
* add "i.e." before the Kubernetes DNS domain in parenthesis
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* the 443 port -> 443 port
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* add deleting n2-k8s-config in the cleanup
* set --set global.meshNetworks.network2.gateways[0].port to 443
* add unsetting CTX_CLUSTER1
* move unsetting CTX_CLUSTER1 before removing temporary files
for symmetry with CTX_CLUSTER2
* add unsetting CTX_CLUSTER2
* Change the gateway's address and port -> Update the gateway's address and port to reflect...
* wait for the pods to come up by checking their status -> wait for the pods to become ready:
* add output of get pods for cluster1
* do not check the status of the istio-ingressgateway on cluster2
before configuring watching of cluster2 by cluster1
* add waiting for istio-ingressgateway to become ready after setting watching cluster2
* combine printing ingress host and port into one line
With the upgrade of cert-manager to v0.6.2 two new CRDs are being
introduced. The total number of CRDs should now be `58`. Updating
the CRDs installation section of the documentation accordingly.
* initial version, copied from release-0.8, updated format
* remove the sentence about release 0.8
* remove mentioning namespaces
* fix a localhost:1313 link
* fix the links to the new examples instead of tasks
* extend the introduction into "Configure monitoring and access policies"
* fix format of the Logging section
* fix command format of "Access control by routing" section
* replace source.service with source.name
* remove 'tail -4' since the log can come from multiple mixer telemetry instances
* add subset cnn to the virtual services
* update the log output after access control by routing
* fix format of the command to send requests to cnn.com
in access control by routing
* fix format for "Access control by Mixer policy checks"
* change the error code from 404 to 403 in "Access control by Mixer policy checks"
* add 'with mutual authentication enabled'
* fix cleanup format, delete politics source
* use kubectl apply instead of istioctl/kubectl create
* add reporterUID and sourcePrincipal attributes to the log
remove source, sourceNamespace since they erroneously report egress-gateway as a source
remove user since it is unknown
document the parameters
* fix format of Access policies by mixer, part 2
* our organization -> the organization
* fix format in the Dashboard section, 404 -> 403, SOURCE_POD_IN_POLITICS -> SOURCE_POD_POLITICS
* remove the dashboard section since it does not show source
* from a certain namespace -> with a certain service account
* change future tense to present one
* add assumption about the container name being sleep
* remove additional future tense usages
* fix a link
* $SOURCE_POD -> SOURCE_POD
* remove another case of future tense
* remove the cleanup of grafana
* change summary
* fix links
* put backticks around Listchecker
* on the localhost -> inside the pod
* add 'SDKs' to .spelling
* fix another link
* more link fixing
* Egress Gateway task -> Egress Gateway example
* add the last_update field
* add IBM to attribution
* remove the weight attribute
* Update content/blog/2018/egress-monitoring-access-control/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/blog/2018/egress-monitoring-access-control/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* after you accomplish this -> after completing that example
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Remove note, must -> should
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* combine two sentences: "peformed before you begin" and "enabled traffic to edition.cnn.com"
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Now -> at this point, configure for monitoring -> configure to monitor
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* According to the scenario of this blog post -> according to our scenario
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* remove leftover from 27f2917884
* rewrite "Related tasks and examples" as a bulleted list
* extract additional bullet
- Make better use of html semantic elements to help
search & screen readers.
- Add or improve ARIA annotations for accessibility
- Improve print-time formatting.
* WIP Add Kubernetes Installation landing page.
This adds the landing page and organizes the content to make it easier to navigate.
Signed-off-by: rcaballeromx <grca@google.com>
* Apply initial feedback on landing page content.
Signed-off-by: rcaballeromx <grca@google.com>
* Rename and move files to enhance navigation.
Added aliases to redirect after filename changes.
Signed-off-by: rcaballeromx <grca@google.com>
* Harmonize all installation guide titles and intros.
Signed-off-by: rcaballeromx <grca@google.com>
* Fix all links affected by the restructure.
Fixed all internal links and added aliases to ensure external redirects.
Signed-off-by: rcaballeromx <grca@google.com>
* Fix paths of images on the ZH content.
Signed-off-by: rcaballeromx <grca@google.com>
* Fix additional links and apply feedback.
Signed-off-by: rcaballeromx <grca@google.com>
* Fix link error introduced by rebase.
Signed-off-by: rcaballeromx <grca@google.com>
* Remove redundant instances of "Istio" in titles.
Signed-off-by: rcaballeromx <grca@google.com>
- Add linter support to detect internal links to aliases. Those are now flagged as
bad links so the source needs to be updated to point to the real destination,
avoiding the user a redirect.
- Fixed occurences of links to aliases.
- Now only load popper.js on pages that use popups in order to improve
load times.
* Update mutual tls deepdive doc to reflect the new authn tls-check behavior
* Also update FAQ
* Correct grammar
* Update content/docs/tasks/security/mutual-tls/index.md
Co-Authored-By: diemtvu <25132401+diemtvu@users.noreply.github.com>
* Address comment
* Also include changes to fix#11825
* Change the example to show default DR to avoid confusion
* Correct change the example to show default DR to avoid confusion
* Update content/docs/tasks/security/mutual-tls/index.md
Co-Authored-By: diemtvu <25132401+diemtvu@users.noreply.github.com>
* Update content/docs/tasks/security/mutual-tls/index.md
Co-Authored-By: diemtvu <25132401+diemtvu@users.noreply.github.com>
* Update namespace for global destination rule
* Update content/docs/tasks/security/mutual-tls/index.md
Co-Authored-By: diemtvu <25132401+diemtvu@users.noreply.github.com>
* Reference helm install docs rather than duplicating
Multicluster gateway installation docs were out of sync from install docs. This changes them to just directly reference the main install docs to make things more clear.
* Fix syntax
* Kiali jaegerURL should use jaeger-query service.
Prior to change, while using the tracing service on port 90 for the jaegerURL, kiali would never get metrics to compose the service graphs.
Switching jaegerURL to jaeger-query service on port 16686 fixes the issue. After traffic is generated the service graphs are built and visible in kiali.
* Remove clusterIP Query for grafana and jaeger-query services
Vadim Eisenberg
Jimmy Chen
Phil Rud
Martin Taillefer
mtail
Frank Budinsky
SataQiu
Steven Dake
idouba
flydragon
Yangmin Zhu
Rigs Caballero
Diem Vu
lei-tang
Ozben Evren
Yossi Mesika
John Howard
Lin Sun
Yuchen Dai
Hiroshi Nasu
Daniel Linsley
Tao Li
Eric Van Norman
Brian Avery