istio.io

Author SHA1 Message Date

Vadim Eisenberg 2423cbf495 add targetAverageUtilization to deployment of egress gateway with SNI proxy (#3017 ) 2019-01-02 10:22:16 -08:00

Author	SHA1	Message	Date
Vadim Eisenberg	2423cbf495	add targetAverageUtilization to deployment of egress gateway with SNI proxy (#3017 )	2019-01-02 10:22:16 -08:00
Frank Budinsky	fdb69a2da3	Fix wildcard example description (#2901 ) * Fix wildcard example description * Fix broken link	2018-11-19 13:37:35 -05:00
Vadim Eisenberg	42c4e21235	Consuming External MongoDB Services (#2347 ) * sceleton of the post * add creating and dropping bookinfo user * use present tense * add created/drop ratings collection * add unsetting of MONGODB_HOST and MONGODB_PORT environment variables * add a step to check that bookinfo user can get ratings * fix command line bookinfo v2 deployment * renamed externalMySQLRatings.png -> externalDBRatings.png * set the ratings to 1 to provide a visual clue * rewrite the "access the webpage" section * add "Egress control for TLS" section * add "Directing TLS Egress traffic through the egress gateway" section * add the "Enable Egress MongoDB traffic to arbitrary wildcarded domains" section * replace cat <<EOF \| kubectl apply/create -f - with kubectl apply/create -f - <<EOF * replace mysql with mongodb in the diagram * add a section about TCP egress control * add cleanup of egress entry for TCP * add location: MESH_EXTERNAL to service entries * if you have mTLS enabled -> if you want to enable mTLS * add a section regarding TCP traffic through the egress gateway * restructure the post to be devided into TCP and TLS sections * removed mentioning Istio installed with Istio 1.0 * fix indentation * extend the description of TCP egress control * fix a link * expand the explanation on the egress gateway, move the setting IP env variable to the common TCP section * add unsetting MONGODB_IP to the cleanup section * do not use a list for one entry * bookinfo-ratings-v2-mysql-external.svg -> bookinfo-ratings-v2-mongodb-external.svg * MySQL -> MongoDB * fix the explanation about the DNS resolution of the TCP service entry * add an explanation about directing TCP egress traffic thru the egress gateway * remove future tense * add a sentence about encrypting TCP traffic with mutual TLS * application pods -> MongoDB clients * add explanation about TCP egress without mutual TLS * protocol is on top of -> protocol runs on top of * add an explanation about the egress control for mongo protocol on TLS * add a missing dot * sidecar proxy directs the traffic to the host -> to the gateway * remove redundant empty line * add explanation about TLS through the egress gateway * add explanation about sidecar proxy -> gateway -> mongo db routing * subsection -> section * HTTPS -> MongoDB * add conclusion * add a sentence about wildcarded domains to the conclusion * add wildcarded to .spelling * add 'wildcards' to .spelling * fix a title (TCP -> TLS) * remove a redundant empty line * linting: do not use italics inside links * fix the date of the blog post * fix the weight of the blog post * improve the titles * controlling external services -> controlling traffic to external services * to prevent the password being -> to prevent the password from being * remove redundant comma * MongoDB -> MongoDB service * you deploy a version of ratings -> you will deploy a version... in the next subsection * simplified description of deploying ratings v2 * simplifie TCP egress traffic alternatives description * rewrite the motivation for egress gateway * fix an internal link (direct egress traffic thru an egress gateway) * to provide you -> to provide yourself * remove redundant web page refresh instruction * remove redundant 'to' * remove redundant explanation about mTLS * port for direct -> port for directing * Revert "remove redundant web page refresh instruction" This reverts commit `2c73a26497`. * MongoDB instance -> MongoDB service * fix additional dead link * add an expanation about the SNI proxy * remove instructions for Istio before 1.0.1 * shorten a title * our -> your * organization security requirements -> organization's security requirements * special -> custom, add a sentence about other TCP/TLS protocols * move the blog post to advanced examples * rewrite the blog post as example * fix an internal link * Revert "rewrite the blog post as example" This reverts commit `5369927fd4`. * Revert "move the blog post to advanced examples" This reverts commit `461c9f679a`. * move the "with mTLS section" after "without mTLS", for TCP egress gateway * remove 'the' from TCP traffic * update the date of the blog post * add an explanation about .com used in the example one per each -> one for each * fix wording of egress traffic configuration for wildcarded domains * for the cases -> for cases * fix the wording of leaving multiple MongoDB hosts as an exercise for the reader * add an explanation about TCP vs. Mongo protocols * add "sometimes" in "sometimes the IP of the MongoDB host is not stable..." * through an egress gateway -> from sidecars to the egress gateway * capable to route -> capable of routing	2018-11-15 16:01:38 -05:00

Frank Budinsky

fdb69a2da3

Fix wildcard example description (#2901 )

* Fix wildcard example description

* Fix broken link

2018-11-19 13:37:35 -05:00

Vadim Eisenberg

42c4e21235

Consuming External MongoDB Services (#2347 )

* sceleton of the post

* add creating and dropping bookinfo user

* use present tense

* add created/drop ratings collection

* add unsetting of MONGODB_HOST and MONGODB_PORT environment variables

* add a step to check that bookinfo user can get ratings

* fix command line bookinfo v2 deployment

* renamed externalMySQLRatings.png -> externalDBRatings.png

* set the ratings to 1 to provide a visual clue

* rewrite the "access the webpage" section

* add "Egress control for TLS" section

* add "Directing TLS Egress traffic through the egress gateway" section

* add the "Enable Egress MongoDB traffic to arbitrary wildcarded domains" section

* replace cat <<EOF | kubectl apply/create -f - with kubectl apply/create -f - <<EOF

* replace mysql with mongodb in the diagram

* add a section about TCP egress control

* add cleanup of egress entry for TCP

* add location: MESH_EXTERNAL to service entries

* if you have mTLS enabled -> if you want to enable mTLS

* add a section regarding TCP traffic through the egress gateway

* restructure the post to be devided into TCP and TLS sections

* removed mentioning Istio installed with Istio 1.0

* fix indentation

* extend the description of TCP egress control

* fix a link

* expand the explanation on the egress gateway, move the setting IP env variable to the common TCP section

* add unsetting MONGODB_IP to the cleanup section

* do not use a list for one entry

* bookinfo-ratings-v2-mysql-external.svg -> bookinfo-ratings-v2-mongodb-external.svg

* MySQL -> MongoDB

* fix the explanation about the DNS resolution of the TCP service entry

* add an explanation about directing TCP egress traffic thru the egress gateway

* remove future tense

* add a sentence about encrypting TCP traffic with mutual TLS

* application pods -> MongoDB clients

* add explanation about TCP egress without mutual TLS

* protocol is on top of -> protocol runs on top of

* add an explanation about the egress control for mongo protocol on TLS

* add a missing dot

* sidecar proxy directs the traffic to the host -> to the gateway

* remove redundant empty line

* add explanation about TLS through the egress gateway

* add explanation about sidecar proxy -> gateway -> mongo db routing

* subsection -> section

* HTTPS -> MongoDB

* add conclusion

* add a sentence about wildcarded domains to the conclusion

* add wildcarded to .spelling

* add 'wildcards' to .spelling

* fix a title (TCP -> TLS)

* remove a redundant empty line

* linting: do not use italics inside links

* fix the date of the blog post

* fix the weight of the blog post

* improve the titles

* controlling external services -> controlling traffic to external services

* to prevent the password being -> to prevent the password from being

* remove redundant comma

* MongoDB -> MongoDB service

* you deploy a version of ratings -> you will deploy a version... in the next subsection

* simplified description of deploying ratings v2

* simplifie TCP egress traffic alternatives description

* rewrite the motivation for egress gateway

* fix an internal link (direct egress traffic thru an egress gateway)

* to provide you -> to provide yourself

* remove redundant web page refresh instruction

* remove redundant 'to'

* remove redundant explanation about mTLS

* port for direct -> port for directing

* Revert "remove redundant web page refresh instruction"

This reverts commit 2c73a26497.

* MongoDB instance -> MongoDB service

* fix additional dead link

* add an expanation about the SNI proxy

* remove instructions for Istio before 1.0.1

* shorten a title

* our -> your

* organization security requirements -> organization's security requirements

* special -> custom, add a sentence about other TCP/TLS protocols

* move the blog post to advanced examples

* rewrite the blog post as example

* fix an internal link

* Revert "rewrite the blog post as example"

This reverts commit 5369927fd4.

* Revert "move the blog post to advanced examples"

This reverts commit 461c9f679a.

* move the "with mTLS section" after "without mTLS", for TCP egress gateway

* remove 'the' from TCP traffic

* update the date of the blog post

* add an explanation about *.com used in the example

* one per each -> one for each

* fix wording of egress traffic configuration for wildcarded domains

* for the cases -> for cases

* fix the wording of leaving multiple MongoDB hosts as an exercise for the reader

* add an explanation about TCP vs. Mongo protocols

* add "sometimes" in "sometimes the IP of the MongoDB host is not stable..."

* through an egress gateway -> from sidecars to the egress gateway

* capable to route -> capable of routing

2018-11-15 16:01:38 -05:00

3 Commits