* add Advanced Egress Control section in Examples
* move egress gateway and egress tls origination tasks to advanced egress examples
* fix the links and replace task with example
* use subsets for cnn in destination rules and virtual services
* remove trailing spaces
* separate virtual services for traffic to and from egress gateway
to egress gateway: TLS match
from egress gateway: TCP match
* put back tls match for HTTPS egress for Istio without Auth
combine defining the Gateway and the VirtualServices
* use ISTIO_MUTUAL with sni in destination rules
* update the log message to print HTTP/2 as the protocol
* make two VirtualServices into one
* remove redundant explanation about SNI setting in a destination rule
* use different virtual service matches for Istio with and without SNI
* fix the case of HTTP traffic for Istio without Auth
Remove a bunch of entries that shouldn't have been in the spelling dictionary
and correct content aoocrdingly.
I'm disabling the Chinese spell checking for now, since I'm not able to fix the
spelling errors that emerged there. Once this PR is in, I'll file an issue to get
those spelling errors addressed and checking reenabled.
* use kubectl consistently throughout for Istio API resource C.R.U.D operations
xref: https://github.com/istio/istio.github.io/issues/1843
* fix typo
* review comments
* remove unnecessary instructions to use `replace` instead of `create`
* fix linter in `zh` content
- Increase the size of the Copy button in preformatted blocks to make it stand out since it is the
most common used button.
- Shift the copy/download/print buttons in PRE blocks towards the left so they don't overlap the
scroll bar in large text blocks.
- Switch to new fonts.
- Instead of underlining <H2> headers, we now draw a blue bar above them.
- Add an "up level" button at the top of pages.
- Streamline the appearance of the next/previous page links at the bottom of most pages.
- Remove the right pointing arrows from index pages and see also sections. They were just
confusing.
- Add icons to the main pages.
- Slightly change the layout of the glossary page, more to come here.
* initial version of Egress Gateway for 1.0
* use HTTPS protocol for the egress gateway ports
* change troubleshouting section regarding mutual TLS
just direct users to read the mutual TLS page regarding troubleshooting
* add egressgateway to .spelling
* remove "let's" prevent the "we language"
* fix lint errors
* rename Cleanup section names to more detailed names, to prevent lint errors
* add a section about directing HTTPS traffic thru egress gateway
* remove istio-system namespace from the HTTPS-related artifacts
* add a section for mutual TLS over HTTPS
* disable mTLS on Istio with mTLS between a sidecar and the egress gateway
* use * as a host in the gateway's definition
* clarify the fact that in HTTPS the original traffic is already encrypted
* use mTLS between sidecar and egress gateway
* use explicit host in gateways instead of *
* add subjectAltNames to the upstream of the sidecar proxy
* unite creating a gateway for mTLS and a destination to set SNI
* add a missing dot
* add destination rule for setting SNI for mTLS to all cases
* add deleting the destination rule for mTLS
* split a long line
* Rewrite the steps to create a service entry in a separate step
* use port 80 in the destionation rule for direct HTTP traffic without TLS origination
* remove redundant ServiceEntry definition
* mention DestinationRule for TLS origination
* rename port tls to tls-cnn
for future definition of multiple servers on the same port
* describe getting Envoy's stastics of istio-egressgateway
Update "Collecting Metrics and Logs" task with new source and destination attributes
Updated based on reviews and added tcp metrics changes too
Update Prometheus Task
Update Using-Istio-Dashboard task
Updated fluentd and servicegraph tasks.
Also update distributed tracing and using-istio-dashboards tasks based
on feedback
Add new picture for servicegraph and indent using-istio-dashboard again
Fixed Linting Errors
Updating based on review
Updating based on review
Adding destination-rule-all-mtls for tcp metrics routing too
Add explanation for Inbound Workloads and Outbound Services for Workload Dashboards
* Update authentication concept doc.
* Fix lint errors.
* Address comments and fixed some links.
* Remove feature stages change from this PR.
I will make a separate PR for it.
* Chinese community translation and fix a markdown error
- Translate community page into Chinese
- Fix https overlay markdown style check error
* fix CI errors
- update Quick Start with Kubernetes
- update Prerequisites and Installation steps
- fix some broken links
* Delete "basic access control" and "secure access control" pages.
These pages were there before Istio RBAC was introduced. We should
remove them now to avoid confusion.
* Added aliases for deleted pages.
* add ./ to the script to generate certificates
* add a step to verify the subject of the ingress gateway certificate
* add a step to verify the subject of the CA certificate
put the mutual TLS troubleshooting into a separate subsection
* fix the level of the mutual TLS troubleshooting
* remove redundant empty lines
* verify the subject is correct -> verify that the subject is correct
* another case: verify the subject is correct -> verify that the subject is correct
* Consolidate the security concept pages into a single page.
- This updates the security concept material to be on a single page, which matches the
change done last week for the rest of the concept material. This ends up being a less clicky
more directed introduction for newcomers to the platform.
- While I was there, I moved the redundant What is Istio page from our about section and stuck
the content at the top of the What is Istio page in the Concepts section.
- Add <github_file> <github_blob> and <github_tree> to make it simpler to link to the right
place on GitHub.
- Use these new sequences throughout the docs.
- Also, fix bad HTML generated for the TOC in certain cirsumstances.
- Fix extra blank line inserted at the bottom of indented code blocks.
- Remove What's next sections since we now have auto-generated See also sections
- Fix a few incorrectly capitalized headers, "istio", "kubernetes", "sidecar"
Vadim Eisenberg
Diem Vu
Oliver Liu
Frank Budinsky
mandarjog
Martin Taillefer
Limin Wang
Andra Cismaru
Jason Young
Tao Li
Gregory Hanson
mtail
lei-tang
Kent Rancourt
gargnupur
imgbot[bot]
Vincent
Yangmin
Jimmy Song
Spike Curtis
Douglas Reid
Axel Siebenborn
Yossi Mesika
Daneyon Hansen
Will Witman
Dmitri Dolguikh
navinger
Stephen Gilson
Jianfei Hu
Gary Brown
Steven Dake
LillyWu
danielmenezesbr
Arshdeep Singh Chimni