* Correct telemetry for prometheus doc
Signed-off-by: Chun Lin Yang <clyang@cn.ibm.com>
* Add galley,polit and policy
Signed-off-by: Chun Lin Yang <clyang@cn.ibm.com>
* update zh doc
Signed-off-by: Chun Lin Yang <clyang@cn.ibm.com>
* Address review comments
Signed-off-by: Chun Lin Yang <clyang@cn.ibm.com>
* mesh to metrics
Signed-off-by: Chun Lin Yang <clyang@cn.ibm.com>
Force merge because circleci errors are unrelated.
* which will be used -> which you will use
* note that any pod ... will do -> note that you can use any pod that ...
* add missing "example" word
* Create a shell variable to hold -> Create the `SOURCE_POD` environment variable to store
* remove "if you use the sleep sample"
* For this example -> For the sake of this example only
* by a Kubernetes service -> by the domain name of a Kubernetes service
* showed how you can -> shows how to
* Update content/docs/examples/advanced-gateways/http-proxy/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* cases when you must use -> cases require
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Simplify the sentence about using any pod with curl
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* simplify the sentence about creating SOURCE_POD
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Remove "for the sake of"
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* the pod of the proxy -> the proxy's pod
* TCP (!) -> TCP (not HTTP!)
* rewrite the sentence about Squid and HTTPS proxy
* clarify the automatic sidecar injection for the new namespace
* clarify the sentence about the IP address of the pod
* variable to hold -> variable to store
* clarified the summary after the deployment and testing of HTTPS proxy
* its traffic is controlled by Istio -> Istio controls its traffic
* by a Kubernetes service -> by the domain name of a Kubernetes service
* shows how you to -> shows how to
* remove a leftover from a previous editing
* split a long line
* though -> through
* outside the cluster -> outside of the cluster
* remove redundant whitespace
* rewrite the sentence about starting sleep sample
* HTTP CONNECT -> HTTP Connect
* rewrite the motivation for TCP service entry instead of HTTP
* rewrite another case of passive voice related to using HTTP CONNECT
* In this example -> in this case, hold -> store
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* proxy outside the cluster -> proxy being outside the cluster
* The next step is to -> Next, you must
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* has sidecar injected -> has a sidecar
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* rewrite understanding what happend section to make it as a list
* simplify Understanding what happened section
make it more high level
* remove a trailing whitespace
* rewrite the sentence about creating a namespace without labeling
* combine the sentences about not labeling for sidecar injection
When I tried testing the application with `curl`, I got `000` as response.
For my environment, escaping the braces results in the variable not being expanded.
But because of outputting to `/dev/null`, I didn't see the error message `curl: (6) Could not resolve host: ${GATEWAY_URL}`
I'm using zsh under macOS.
* Add initial doc changes related to tracing provider and support for zipkin backend
* Suggestion for way to incorporate more tracing backends - using text from lightstep PR #2844
* Update based on review comments. Moved lightstep content (from #2844 to subfolder
* Add more zipkin content and images
* Remove jaeger from dt page
* Updates following comments
* Updates to address comments
* initial version
* ServiceEntry -> service entry (in text)
* config map -> `ConfigMap`
* fix a link
* task -> example
* through such proxy -> through it
* elaborate what has been done after the proxy is deployed and tested
* split a long line
* explain why there is no need to define service entries for external services accessed through the proxy
* rewrite the sentence about simulating the proxy outside the cluster
* check the log and see your request -> check the log for your request
* HTTP CONNECT method -> the HTTP CONNECT method
* between the application and the proxies -> between the application and the proxy
* add explanation how this example is different from other egress examples
* update chart requirements
adding `helm dep up` which is required for the install to succeed
* note about relative refs
* remove redundant space
* grammer and passive voice
Co-Authored-By: itaysk <itay@itaysk.com>
* helm repo add
* documentation for end-user authencation on ingress-gateway (#2243)
* documentation for end-user authencation on ingress-gateway
* address comments
* address comments
* address comment
* Move end user authentication on Ingress section to securtity.
* Minor text change.
* Revert edit in traffic management doc.
* Remove Ingress example. Replace it with a single sentence.
* Addressed comment.
* adding new blog post on traffic mgmt
* updates to address PR feedback
* fixed spelling issues and adjusted weight
* added DestinationRule to linter spelling config
* removed DestinationRule, using backticks per instructions
* using backticks instead of custom spelling config
* sceleton of the post
* add creating and dropping bookinfo user
* use present tense
* add created/drop ratings collection
* add unsetting of MONGODB_HOST and MONGODB_PORT environment variables
* add a step to check that bookinfo user can get ratings
* fix command line bookinfo v2 deployment
* renamed externalMySQLRatings.png -> externalDBRatings.png
* set the ratings to 1 to provide a visual clue
* rewrite the "access the webpage" section
* add "Egress control for TLS" section
* add "Directing TLS Egress traffic through the egress gateway" section
* add the "Enable Egress MongoDB traffic to arbitrary wildcarded domains" section
* replace cat <<EOF | kubectl apply/create -f - with kubectl apply/create -f - <<EOF
* replace mysql with mongodb in the diagram
* add a section about TCP egress control
* add cleanup of egress entry for TCP
* add location: MESH_EXTERNAL to service entries
* if you have mTLS enabled -> if you want to enable mTLS
* add a section regarding TCP traffic through the egress gateway
* restructure the post to be devided into TCP and TLS sections
* removed mentioning Istio installed with Istio 1.0
* fix indentation
* extend the description of TCP egress control
* fix a link
* expand the explanation on the egress gateway, move the setting IP env variable to the common TCP section
* add unsetting MONGODB_IP to the cleanup section
* do not use a list for one entry
* bookinfo-ratings-v2-mysql-external.svg -> bookinfo-ratings-v2-mongodb-external.svg
* MySQL -> MongoDB
* fix the explanation about the DNS resolution of the TCP service entry
* add an explanation about directing TCP egress traffic thru the egress gateway
* remove future tense
* add a sentence about encrypting TCP traffic with mutual TLS
* application pods -> MongoDB clients
* add explanation about TCP egress without mutual TLS
* protocol is on top of -> protocol runs on top of
* add an explanation about the egress control for mongo protocol on TLS
* add a missing dot
* sidecar proxy directs the traffic to the host -> to the gateway
* remove redundant empty line
* add explanation about TLS through the egress gateway
* add explanation about sidecar proxy -> gateway -> mongo db routing
* subsection -> section
* HTTPS -> MongoDB
* add conclusion
* add a sentence about wildcarded domains to the conclusion
* add wildcarded to .spelling
* add 'wildcards' to .spelling
* fix a title (TCP -> TLS)
* remove a redundant empty line
* linting: do not use italics inside links
* fix the date of the blog post
* fix the weight of the blog post
* improve the titles
* controlling external services -> controlling traffic to external services
* to prevent the password being -> to prevent the password from being
* remove redundant comma
* MongoDB -> MongoDB service
* you deploy a version of ratings -> you will deploy a version... in the next subsection
* simplified description of deploying ratings v2
* simplifie TCP egress traffic alternatives description
* rewrite the motivation for egress gateway
* fix an internal link (direct egress traffic thru an egress gateway)
* to provide you -> to provide yourself
* remove redundant web page refresh instruction
* remove redundant 'to'
* remove redundant explanation about mTLS
* port for direct -> port for directing
* Revert "remove redundant web page refresh instruction"
This reverts commit 2c73a26497.
* MongoDB instance -> MongoDB service
* fix additional dead link
* add an expanation about the SNI proxy
* remove instructions for Istio before 1.0.1
* shorten a title
* our -> your
* organization security requirements -> organization's security requirements
* special -> custom, add a sentence about other TCP/TLS protocols
* move the blog post to advanced examples
* rewrite the blog post as example
* fix an internal link
* Revert "rewrite the blog post as example"
This reverts commit 5369927fd4.
* Revert "move the blog post to advanced examples"
This reverts commit 461c9f679a.
* move the "with mTLS section" after "without mTLS", for TCP egress gateway
* remove 'the' from TCP traffic
* update the date of the blog post
* add an explanation about *.com used in the example
* one per each -> one for each
* fix wording of egress traffic configuration for wildcarded domains
* for the cases -> for cases
* fix the wording of leaving multiple MongoDB hosts as an exercise for the reader
* add an explanation about TCP vs. Mongo protocols
* add "sometimes" in "sometimes the IP of the MongoDB host is not stable..."
* through an egress gateway -> from sidecars to the egress gateway
* capable to route -> capable of routing
Martin Taillefer
Chunlin Yang
Vadim Eisenberg
Frank Budinsky
l10xbin
Hendrik Purmann
Xi Ning Wang
Gary Brown
Kuat
Tao Li
John Mazzitelli
paassdc
cwocwo
mandarjog
Tiago Moreira Vieira
Itay Shakury
agmsb
Limin Wang
Sandeep Parikh
SataQiu
Venil Noronha
Jason Young
Linus Li
Zack Butcher
Julian Griggs
Douglas Reid