Partner components (adapters not controlled by the Istio org) are now
called out as such on their page. Component authors have a chance to put
all sorts of info about their component to make it easy for customers
to find and use their component.
* Site improvements.
- For SVG images, authors no longer need to specify image ratios
(which is a constant source of errors)
- Move more icons into the new icons.svg file to further reduce
average page load times.
- Rationalize Istio logo file names.
- Improve underlining behavior for sidebar headers and the RSS feed
Subscribe link.
- Made the RSS feed subscribe link open in a new tab.
- Increase the constract ratio for some elements in dark mode
text blocks (namely, YAML field names)
- Reduce the "brightness" of the light bulb icon which helps it
not pop so much in dark mode.
- Optimize the fonts we load and the order we load them in so as to improve page load time and
reduce the initial render time.
* Sadly, embedding SVGs into the HTML results in duplicate element ids, which is invalid HTML :-(
- Use a new approach to managing icons. This has two primary benefits:
- It makes it possible to color the icons such that they look good in the
dark theme. Previously, the icons were rendered in black on dark grey when
using the dark theme.
- The average payload size for our web pages is reduced and we better use the
browser cache.
- The new icon approach makes it possible to remove our dependency on the fontawesome
package, which further slims down our payload requirement
- Refresh our iconography for a slightly lighter look.
- Remove the extra thick left-hand border of text blocks to lighten the
look.
- Added a "NN minutes to read" indication on top of each page. This is
only displayed if the count is > 1 minute.
- Added a calendar icon next to the blog post date.
- Exposed a bunch of strings that were buried in CSS/JS to translation.
- Add the 'keywords:' front-matter fields to the Hugo archetypes.
* Add docker-for-desktop installation note
A default istio helm install under kubernetes running in docker-for-desktop wasn't working because pilot was reserving too much memory. Added documentation to work around this
* Update index.md
* Create index.md
* Update index.md
* Update index.md
* Update index.md
* Rename content/docs/setup/kubernetes/platform-setup/index.md to content/docs/setup/kubernetes/platform-setup/docker-for-desktop/index.md
* Update index.md
* Update index.md
quoted memory allocation, capitalized Kubernetes
* check the logs of all the telemetry pods
* filter log entries
remove entries sent to pilot, telemetry, policy and unknown destinations
* use kubectl logs -l instead of applying kubectl logs on selected pods
* documentation for RBAC policy permissive mode
* update permissive mode sample for global RBAC config
* address comment
* move permissive section to the top
* add more words for expected user experience
* seperate two senarios to use permissive
1. turn on RBAC 0 -> 1
2. add new policy
* rename rbac->authorization, move to concept page
* address comment
* address comment
* initial version
* add the steps to Generate client and server certificates and keys section
* extend the description of the example
explain about the NGINX service
* add creating namespace, secrets and nginx configuration
* add creating of nginx-configmap
* add deployment of NGINX
* finalize the NGINX config
* move creating client certificates into the section of redeploying Egress gateway
* add instructions for generating and deploying istio-egressgateway.yaml
* update the description
* nginx.example.com -> my-nginx.mesh-external.svc.cluster.local
* change the title and description to mutual TLS to extrnal services
* add mTLS origination and cleanup
* change the port of nginx to 443
* update the output and the log with actual content
* add test NGINX deployment section
* add missing dot in page description
* Nginx -> NGINX
* change dots to semicolons before command blocks
* add volumes to the sleep deployment
* add sending requests to the NGINX server
* renamed the directory: mtls-egress-gateway -> egress-gateway-mtls-origination
* remove redundant whitespaces
* fix dead link (missing leading slash)
* change the name of the port 443 to be https and protocol HTTPS
* add endpoints section to the service entry
* replace internal kubernetes address with nginx.example.com
* change we to you
* expand the introduction to explain using NGINX and nginx.example.com
* remove before you begin section
* use sleep container in the default namespace to test both NGINX and egress gateway
* add port 80 to the ServiceEntry
* remove the second definition of the ServiceEntry
* use resolve option in testing mTLS
* change container name from egressgateway to istio-proxy
* simplify the introduction
* make Egress Gateway lower case
* make the introduction present tense
* replace pushd/popd with cd, since they are not POSIX
* add missing article
* remove cross referencing with regard to generating certificates/keys
* add "namely" to mesh-external namespace
* the NGINX -> the NGINX server
* sleep container -> sleep pod
* rephrase the text about --resolve option of curl
* rephrase the sentence about prompts
When prompted, select `y` for all the questions. ->
Select `y` for all prompts that appear.
* move egress-gateway-mtls-origination into advaanced gateway examples
* fixed links to the advanced gateways examples
* add "configuring NAT devices to drop packets that do not originate at the egress gateways"
* add Network Policy section
* make sentences present tense
* remove the labels
* rewrite the additional security considerations section
* Network Policy -> network policy
* add cleanup step for the configuring HTTPS egress gateway section
* a malicious application attacks -> attackers bypass
* egressgateway -> egress gateway
* kube-system DNS service -> the kube-system DNS service
* test-egress namespace -> the test-egress namespace
* no Istio sidecar was attached -> with no Istio sidecar attached
* must succeed -> will succeed
* by first enabling, then redeploy
* Add setup doc for ICP
* Modify the title "Upgrate and Rollback" to "Upgrate or Rollback"
* add diagrams to highlight action
* fix some spelling errors
* use consistent font for UI items and fix some grammatical mistake.
If mTLS is enabled we need an additional instruction in the
DestinationRule object, otherwise we break traffic to httpbin
service.
While on that, also change the Mirroring task note to be the same.
* Fixes: #2136
This is a first take at a table-creating tablegen that categorizes
the output of tablegen.py. Still needed is the actual text that
goes in the description field.
* Address review comments
- Remove the release-specific wording on the main release note page and on the docs page. This
ends up being hard to keep correct and not really useful.
- Add a full_version variable in args.yml which contains the 3 part release version
such as 1.0.1. When we release a new patch, we need to update this number in the current
release branch.
- Apply the full_version variable to the download button on the home page. It will now say "DOWNLOAD 1.0.1".
* Document DNS resolution requirements
Service names must be resolved to IP address in any cluster, regardless of endpoint location.
* document DNS requirements for multi-cluster services
* initial version
* remove deploying sleep, use the sidecar proxy of nginx itself
* add gateway configuration
* add "task" after Securing Gateways
* Secrets -> a Secret
* NGINX -> NGINX server
* add explanation of what the example will do, to the introduction
* add explanations of the output of curl (server's certificate)
* remove redundant empty line
* fix a tag
* fix a bare URL
* remove redundant whitespace
- Correct the use of OpenGraph annotations. I used the wrong attribute name, so the
annotations were never recognized.
- Added support for Twitter cards to our site, improving the experience of referencing
the site from Twitter posts.
- Added support for the twitter: front matter field for use in blog posts. Specifying this
front-matter entry will show the author's twitter address on the blog post, and will
add a Twitter card entry to the page noting the author's address.
- Renamed the page_icon front matter field to just icon to be consistent with other
entries.
- Made it so the subtitle front matter field can be used anywhere, not just on blog posts.
- Added a lint check to ensure subtitles don't end with a period.
- We now insert an "author" metadata entry whenever the attribution: front matter
field is used.
* Delete special chars and turn on HTML checking
- Refer to #2289 and issue #2290
- Delete the special chars in Chinese content
- Turn on HTML checking to highlight problems
* delete the redundant period
- Fixes the bug where not all of our files would get the right lastmod
time extracted from GitHub.
- Fixes most of the cases of bad HTML output around the use of {{<text>}}. There's
still a single bad case which I'll report to the Hugo folks.
- Use Hugo's new --minify option to minify HTML instead of having to use the
separate and slow html-minifier program.
- Fix some bad HTML on the landing page.
* generate certificates in httpbin.example.com directory
* add initial section for ingress for multiple hosts
* add a cleanup step for the directories related to certificates
* fix formatting
* add subsection: Redeploy istio-ingressgateway with the new certificates
* rename httpbin-gateway into mygateway
* add redeployment of Gateway for two hosts
* add -o /dev/null -s -w "%{http_code}\n" to the bookinfo's curl
* fix italics in sending a request to bookinfo
* add verify that httpbin.example.com is accessible as previously
* add -v to curl to bookinfo, show certificates printed
* remove -n istio-system from virtualservice bookinfo
* add Host header to curl requests
* put empty lines around the code blocks
* fix spell checker errors
* Prep for 1.0 release
* Fix typo for 1.0 announcement. (#2081)
* Updated kubect link for IBM Cloud Private. (#2083)
* Fix generated tablegen.py (needs backport) (#2084)
Original table was dreadfully wrong.
(cherry picked from commit b3fa64fa41)
* add a VirtualService for external HTTPS ServiceEntry (#2080)
* add a VirtualService for external HTTPS ServiceEntry
* a VirtualService -> the VirtualService
(cherry picked from commit 9e57d4a5b7)
* egress gateway: use subsets for cnn in destination rules and virtual services (#1942)
* use subsets for cnn in destination rules and virtual services
* remove trailing spaces
* separate virtual services for traffic to and from egress gateway
to egress gateway: TLS match
from egress gateway: TCP match
* put back tls match for HTTPS egress for Istio without Auth
combine defining the Gateway and the VirtualServices
* use ISTIO_MUTUAL with sni in destination rules
* update the log message to print HTTP/2 as the protocol
* make two VirtualServices into one
* remove redundant explanation about SNI setting in a destination rule
* use different virtual service matches for Istio with and without SNI
* fix the case of HTTP traffic for Istio without Auth
(cherry picked from commit 81baa2e939)
* Disable Mesh Expansion page.
(cherry picked from commit dc4da48042)
* Blog fix.
* adding juspay (#2092)
* Update homepage and what is istio page (#2085)
- update the two pages
- make the links point to the Chinese document
(cherry picked from commit 993231abeb)
* Chinese: announcing istio 1.0 (#2088)
(cherry picked from commit 5301d4ea13)
* Move advanced egress tasks to examples, Advanced egress traffic control, release 1.0 (#2093)
* add advanced-egress subsection in Examples
* move egress gateway and egress tls origination tasks into advanced examples
* rename task to example and fix the links
* Tweak the HP blog post a tad.
* Another blog tweak.
* Update index.md (#2096)
Removing VM support until it's fixed
(cherry picked from commit c2e529212b)
* Make the site work when it's published to a subdirectory (for the archive) (#2095)
(cherry picked from commit 137e1d13f4)
* Change "Testing mutual TLS" tutorial to "Mutual TLS deep dive" (#1972)
(cherry picked from commit 0662e413f1)
* fix kubectl output (#2100)
fixes https://github.com/istio/istio.github.io/issues/2066
(cherry picked from commit 2a852d1408)
* Another blog tweak.
* Add section to tracing task to cover sampling. (#2097)
* Add section to tracing task to cover sampling.
* Lint fix
* Review comments.
* Review comments.
* Review comments.
* Add documentation for redisquota adapter in rate limiting doc (#2098)
* fix multicluster doc issues. (#2104)
* remove unnecessary gateway spec (#2091)
* Clarify and correct distributed tracing task (#2115)
* Cherry-pick latest changes from master (#2118)
* Translate fix zh links (#2105)
* zh: all linkes without '#' had been replaced
* translate: rewrite links to zh version if it exists.
(cherry picked from commit c4daa73dee)
* Translate Istio 1.0 canary into Chinese (#2110)
(cherry picked from commit 4d6eec754c)
* Fix typo in "Delayering Istio" blog post (#2102)
(cherry picked from commit 6bdb4605f4)
* Minikube settings (#2082)
(cherry picked from commit 9f6ebe9eeb)
* Fix single word in command (#2112)
It returned this:
```
kubectl get svc istio-ingress -n istio-system
Error from server (NotFound): services "istio-ingress" not found
```
Now it works correctly
(cherry picked from commit 2bbe9eef03)
* add initial galley intro to "what is istio" concept page (#2113)
(cherry picked from commit 2db7f5648d)
* make cmd/result match (#2117)
* make cmd/result match
* address comment
* Add Rigs to the English content owners file. (#2119)
(cherry picked from commit bd577696bf)
* Cherry-picks from master (#2122)
* Add Istio security vulnerabilities disclosure and handling page (#2114)
(cherry picked from commit dfee9b8ec0)
* Fix an error in faq page (#2120)
(cherry picked from commit d3c04a5ba7)
* More work to fix use of the site in a subdirectory. (#2123) (#2124)
(cherry picked from commit 5bd9c0f0bd)
* Cherry-pick latest changes from master (#2128)
* Add a couple entries to our prefered vocab list.
(cherry picked from commit 2cbe43aea7)
* Translate attribute-vocabulary (#2101)
* translate attribute-vocabulary
* fix Chinese link
* fix Chinese style & translate table header
(cherry picked from commit 056bf27879)
* fix the virtual-services fault injection error in the YAML (#2109)
fix the virtual-services fault injection error in the YAML
(cherry picked from commit 453012d3ab)
* Add an item to check whether mTLS is enabled for a service (#2062)
(cherry picked from commit 384f6cd8be)
* Chinese content was aliasing English content. (#2126)
Page aliases are intended to redirect users from a page old's location to a new location.
As it was, the Chinese content pages were redirect old English locations to Chinese, which
made Chinese show up on English systems that were using the old links.
(cherry picked from commit c86d357f2e)
* Fix formatting glitch in a few glossary entries.
(cherry picked from commit a6420a4475)
* Cherry pick latest changes from master (#2138)
* Translate into Chinese: docs/examples/multicluster/icp/index.md (#2129)
* Translate into Chinese: docs/examples/multicluster/icp/index.md
* fix link anchor
(cherry picked from commit eca46893fe)
* Add an icon for the security vulnerabilities page (#2132)
(cherry picked from commit 11ce2b3924)
* Fix security concept figure captions etc. (#2087)
(cherry picked from commit f83bb8ada0)
* Translate into Chinese: blog/2018/aws-nlb/index.md (#2130)
(cherry picked from commit 9e77fa4cd0)
* Translate: all keywords in front matters (#2135)
* Translate: all keywords
* fixed typo
* remvoed from terms: vm, config->configuration
(cherry picked from commit 02392ff87e)
* Initial checkin of the setup ops guide. (#2078) (#2139)
(cherry picked from commit 3b529341a1)
* Document DestinationRule mTLS conflict (#2131)
* Document TLS conflict in DRs
* spelling errors
* lint errors
* tweak title
* tweak title
* address review comments
* Cherry-pick latest changes from master (#2143)
* Add twitch livestream blog post (#2140)
This is for the all-day istio livestream on August 17th.
(cherry picked from commit 41d3caa211)
* Make the big boxes on the home page clickable.
(cherry picked from commit 387e54c299)
* Cherry-pick latest changes from master. (#2159)
* Fix broken Mixer Adapter Dev Guide links (#2144)
Signed-off-by: Venil Noronha <veniln@vmware.com>
(cherry picked from commit 5342ab2a80)
* Fix some more stale wiki links. (#2145)
(cherry picked from commit b641486002)
* translate tasks/traffic-management/egress-gateway to Chinese (#2146)
* translate tasks/traffic-management/egress-gateway to Chinese
* 修改内部链接路径
* 去掉空格
* 删除空格
(cherry picked from commit 75baef98ec)
* Improve linting (#2148)
- We now detect text blocks that are incorrectly indented.
- We now detect image captions that end in a period.
- We now detect page descriptions that don't end in a period.
- CircleCi now runs linting without minifying HTML first, improving perf and
improving error output.
- In CircleCi, we now have a per-build cache for HTML proofer output. This
helps reduce the frequency of link timeout errors.
- Fix errors flagged by the above new lint checks.
(cherry picked from commit fd290dc73e)
* translate:setup-kubernetes-requirments (#2147)
(cherry picked from commit 0d98eee9c4)
* Translate into Chinese: blog/2017/0.2-announcement/index.md (#2150)
(cherry picked from commit a34cfc063d)
* Translate into Chinese: content/blog/2018/aws-nlb/index.md Sync/Update (#2153)
* Translate into Chinese: blog/2017/0.2-announcement/index.md
* Update index.md
* Update _index.md
(cherry picked from commit 4ee8e44cb6)
* re translate /zh/blog/2018/egress-tcp/ page (#2151)
* re translate /zh/blog/2018/egress-tcp/, for changes of content/blog/2018/egress-tcp/index.md file between commit fd290dc73e and 82eb2c21a3
* fix unaviable link (#2151)
(cherry picked from commit 0b313e373b)
* Flip conditional polarity to remove useless work when linting.
(cherry picked from commit 4424563918)
* Enable extra lint stuff (#2158)
(cherry picked from commit 0b2ea1d38e)
* Fix indent, given new linting rules.
- We now detect text blocks that are incorrectly indented.
- We now detect image captions that end in a period.
- We now detect page descriptions that don't end in a period.
- CircleCi now runs linting without minifying HTML first, improving perf and
improving error output.
- In CircleCi, we now have a per-build cache for HTML proofer output. This
helps reduce the frequency of link timeout errors.
- Fix errors flagged by the above new lint checks.
It returned this:
```
kubectl get svc istio-ingress -n istio-system
Error from server (NotFound): services "istio-ingress" not found
```
Now it works correctly
* add Advanced Egress Control section in Examples
* move egress gateway and egress tls origination tasks to advanced egress examples
* fix the links and replace task with example
* use subsets for cnn in destination rules and virtual services
* remove trailing spaces
* separate virtual services for traffic to and from egress gateway
to egress gateway: TLS match
from egress gateway: TCP match
* put back tls match for HTTPS egress for Istio without Auth
combine defining the Gateway and the VirtualServices
* use ISTIO_MUTUAL with sni in destination rules
* update the log message to print HTTP/2 as the protocol
* make two VirtualServices into one
* remove redundant explanation about SNI setting in a destination rule
* use different virtual service matches for Istio with and without SNI
* fix the case of HTTP traffic for Istio without Auth
As well as their default value. I will work more on the python
generation tool this evening after dinner and push an update, but
it makes alot of sense to just merge this as is assuming it renders
properly.
Remove a bunch of entries that shouldn't have been in the spelling dictionary
and correct content aoocrdingly.
I'm disabling the Chinese spell checking for now, since I'm not able to fix the
spelling errors that emerged there. Once this PR is in, I'll file an issue to get
those spelling errors addressed and checking reenabled.
* Add GKE Istio multicluster deployment example
* Fix first round of review comments
* Followup review comments and make downloadable yaml block
* Reorg dir to gke specific subdir
* use kubectl consistently throughout for Istio API resource C.R.U.D operations
xref: https://github.com/istio/istio.github.io/issues/1843
* fix typo
* review comments
* remove unnecessary instructions to use `replace` instead of `create`
* fix linter in `zh` content
Yangmin Zhu
Venil Noronha
lei-tang
Lin Sun
mtail
Martin Taillefer
Jonh Wendell
Frank Budinsky
AdamDang
Oliver Liu
sshucker
Dmitri Dolguikh
Steven Dake
Medya Gh
Vadim Eisenberg
Quanjie Lin
Guihua Zhu
Vincent
Rachael Graham
Matthieu Maquevice
skeeey
flydragon
Laurent Demailly
Bryant Luk
Damon Wang
cmluciano
Linus Lee
Tiago M. Vieira
Pengyuan Bian
Etai Lev Ran
Vladimir Rutsky
Jimmy Song
stevemcghee
Guang Ya Liu
kahou82
Tao Li
Christoph Held
Zack Butcher
Pahlevi Fikri Auliya
Iris
Martin Ostrowski
John Mazzitelli
imgbot[bot]
Xi Ning Wang
Jason Young
facundomedica
Andra Cismaru
Diem Vu
Tim Swanson
mandarjog
Limin Wang
KeZhang
Dan Ciruli
Fu Xu
Brian Avery
Gregory Hanson