- Add linter support to detect internal links to aliases. Those are now flagged as
bad links so the source needs to be updated to point to the real destination,
avoiding the user a redirect.
- Fixed occurences of links to aliases.
- Now only load popper.js on pages that use popups in order to improve
load times.
* Update mutual tls deepdive doc to reflect the new authn tls-check behavior
* Also update FAQ
* Correct grammar
* Update content/docs/tasks/security/mutual-tls/index.md
Co-Authored-By: diemtvu <25132401+diemtvu@users.noreply.github.com>
* Address comment
* Also include changes to fix#11825
* Change the example to show default DR to avoid confusion
* Correct change the example to show default DR to avoid confusion
* Update content/docs/tasks/security/mutual-tls/index.md
Co-Authored-By: diemtvu <25132401+diemtvu@users.noreply.github.com>
* Update content/docs/tasks/security/mutual-tls/index.md
Co-Authored-By: diemtvu <25132401+diemtvu@users.noreply.github.com>
* Update namespace for global destination rule
* Update content/docs/tasks/security/mutual-tls/index.md
Co-Authored-By: diemtvu <25132401+diemtvu@users.noreply.github.com>
* Kiali jaegerURL should use jaeger-query service.
Prior to change, while using the tracing service on port 90 for the jaegerURL, kiali would never get metrics to compose the service graphs.
Switching jaegerURL to jaeger-query service on port 16686 fixes the issue. After traffic is generated the service graphs are built and visible in kiali.
* Remove clusterIP Query for grafana and jaeger-query services
* The wording in step 3 (individual workloads view) is odd.
In step 3 (individual workloads view), workloads is plural, which it shouldn't be, and the sentences starting with "Also, gives", are worded oddly.
* Updated text as per review comments
* note HTTP-related attributes -> notice the HTTP-related attributes
* related to Istio sidecar -> related to the Istio sidecar
* rewrite the sentence about ports and the installation option
use port 8000 instead of 443, to generate less confusion
* no HTTP service or service entry -> no HTTP service and no service entry
* extend understanding what happened with the third approach
* change section titles
* split the cleanup section into cleanup subsections
* fix links
* must not -> do not need to
* rewrite the sentence about switching to the first approach
* per specific port, gaining -> for specific ports, enabling
* A caveat is that some ports, for example port 80, already have HTTP
services inside Istio by default
* In this approach, similarly to the previous one -> With this approach, like with the previous one
* approaches can be applied -> approaches can be used
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* split long lines
* split long lines
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Revert "Update content/docs/tasks/traffic-management/egress/index.md"
This reverts commit febb76edc9.
* rewrite the sentence about the installation option and add a link to installation options
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* remove duplicate text
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* Update content/docs/tasks/traffic-management/egress/index.md
Co-Authored-By: vadimeisenbergibm <vadime@il.ibm.com>
* remove a redundant empty line
* address the reader directly
* document file names used in external certificate configuration
* rephrased to clarify based on PR feedabck
* note using different names requires reconfiguration
- Ensure that references to GitHub content use the proper annotations so
we get links to the correct branches.
- Added a check to make sure content is not using blockquotes (instead of
{{< warning >}}, {{< tip >}}, and {{< idea >}}. This check is currently
disabled, pending the Chinese content being updated.
- Fix a few violations of these new checks.
* Update the SDS doc.
* Small fix.
* Small fix.
* Small fix.
* Update content/docs/tasks/security/auth-sds/index.md
Co-Authored-By: myidpt <yonggangl@google.com>
* Apply suggestions from code review
Co-Authored-By: myidpt <yonggangl@google.com>
* Small fix according to the comments.
* add Install Istio with access to all the external services by default
* fix a typo: copule -> couple
* add a call to cnn
* instal -> install
* replace ; with ,
* add a couple of requests to HTTPS services before changing the config map
to show that they are blocked
* do not delete pilot, it listens to the changes of the config map
* no need to reinstall/update -> no need to update
* add 'Change back to the blocking-by-default policy' section
* perfromed -> performed
* all the services -> all services
* instruct Istio proxy -> instruct the Istio proxy
* no HTTP service exist -> no HTTP service exists
* all the access ... will be blocked -> all accesses ... is blocked
* Unindent the block content
* blocked now -> now blocked
* Revert "add a couple of requests to HTTPS services before changing the config map"
This reverts commit 848171c041.
* Refactor the authorization task
- Move the permissive mode to a standalone task
- Rename the group/list claim support to align with other tasks
- Re-order to put the basic HTTP/TCP task first
Signed-off-by: Yangmin Zhu <ymzhu@google.com>
* Fix links.
* resove comments.
* Address comments.
* put the instructions to kill the pod after checking that the key/certificate are loaded
* add "if you created the secret, but..." before killing the pod
* the secret <secret name> -> the <secret name> secret
* kill -> delete
* Add a user guide for Istio Vault CA integration
* Fix lint errors
* Use helm template values to simplify the config
* Address review comments
* Fix the link in a command
* Small fixes
* Update index.md
In order to better distinguish between the two ways to call external services from an Istio mesh, we should remove the rules about `ServiceEntry`.
* Update index.md
Add a warning icon
* Update index.md
Martin Taillefer
Diem Vu
Yuchen Dai
Hiroshi Nasu
Daniel Linsley
Frank Budinsky
Tao Li
Yangmin Zhu
Shriram Rajagopalan
lei-tang
John Mazzitelli
Douglas Reid
Eric Van Norman
Vadim Eisenberg
Brian Avery
Yossi Mesika
Liam White
Etai Lev Ran
He Cao
Oliver Liu
Jianfei Hu
mtail
banix
Rigs Caballero
Quanjie Lin
Joe Searcy
buptliuwei
Ram Vennam