* clean up metric customization to get rid of envoy filter based text
editing
* lint
* lint
* Apply suggestions from code review
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* fix lint
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update zipkin dashboard images
* Fix lint
* Remove words from .spelling
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* crop zipkin list img and update list description
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* add warnings about using DNS resolution
* the gateway perform -> the gateway performs
* Apply comments of @frankbu, part 1
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* remove "the" from "the DNS resolution"
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* remove the from "the DNS resolution", if ... were ... would -> if ... is ... will
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* remove the from
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* add missing cleanup for vs nginx
* add openssl req
* Apply suggestions from code review
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* add missing cleanup for vs nginx
* init sds doc
* squash commits
add simple TLS task
address issues
fix lint and secret configuration
add secret format specification
add mutual TLS task
fix lint and rename older task
make gen again
fix name
keep old directory
add warnings
lint
fix cacert issue
lint
* secure
* make gen
* rebase master
* make secret types clearer
* Apply suggestions from code review
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* run make gen
* lint
* Apply suggestions from code review
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Apply suggestions from code review
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* make gen
* add tls test
* move mesh creation
* suggestions
* add mtls test
* fix typo
* move secret section
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update istio/istio ref and reenable tests
* Update istio/istio reference
* Update istioctl build to have version for images
* Fix lint and pull a newer istio/istio
* Disable egress tests
* Add IBM Cloud Kubernetes Service specific instructions for Ingress Host
The previous instruction put IBM cloud under other environments, and the command set the Ingress Host to the wrong address.
* Update content/en/docs/setup/getting-started/index.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Moved IBM Cloud instructions above Docker
* Add IBM Cloud Node port Ingress host instructions to same documentation
* Update Ingress Control Tests
* Update content/en/docs/tasks/traffic-management/ingress/ingress-control/index.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* update snips.sh
* Update content/en/docs/tasks/traffic-management/ingress/ingress-control/index.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/traffic-management/ingress/ingress-control/index.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/traffic-management/ingress/ingress-control/index.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Add kiali integrations page
The primary purpose for this is to just have a page here for consistency
with other addons, most of the content still lives in the other doc I
link to here. That may change in the future but for now I think it makes
sense to just get something here and we can refactor in the future.
* Apply suggestions from code review
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Apply suggestions from code review
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* add missing cleanup for vs nginx
* Add test for Gateway TLS Origination
* fix copyright
* Add Gateway mTLS origination
* replace <password> with password
* fix lint and autogen yes response
* oops typos
* make gen
* escape SC2154 :)
* apply suggestions and fix lint
* squash commits and cleanup branch
wrong quotes
more typos
make snips again
linter :'(
make linter happy
newline blocks
make gen 2
tab linting
try this
change service deletion
oops was deploying sleep twice
ignore nginx version lines for expected response
add update snips
lint again
make snips 3
redo check
do some magic
do some magic 2
lint tabs
remove incorrect snip matching
hack tls origination sleep deployment
hack 2
* this test is super flaky
* delete virtual service
* move scripts
* move scripts
* move to new testing framework
end file with newline and cleanup
typo
* content length shouldn't be included in snips
* comment out the final HTTP check
* Update content/en/docs/tasks/traffic-management/egress/egress-gateway-tls-origination/mtls_test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/traffic-management/egress/egress-gateway-tls-origination/tls_test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/traffic-management/egress/egress-gateway-tls-origination/tls_test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* ignore cleanup errors
* add source back in
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* add an example task to test
* main test function: save progress
* a working example: routing request
* improve log info and error handling
* introduce makefile
* run each test as a subtest; remove common setup from test.sh
* add another test.sh: fault-injection
* improve error handling
* check test environment
* add two more test.sh files
* fix make command for istio setup
* update two test.sh files from upstream
* add comments and update README.md
* update test.sh files from upstream
* support multiple test names
* update README
* update README.md for new framework
* remove documentation of migration steps
* undo format changes
* change separation line to '# @cleanup'
* move go code and makefile from content/ to tests/
* change package name
* make for loop more readable
* change the set of auto-sourced scripts
* add docs for all functions
* approach to deal with folders with the same name
* minor fixes to ensure everything still runs
* fix make gen error
* add a TIMEOUT argument
* make sure util/debug.sh works with new framework
* make lint-go happy
* [BIG CHANGE] allow different istio setup configs
* make linters happy
* make linters happier
* changed wording and function orders
* make error return as the 2nd argument
* add TODOs
* Update content/en/docs/tasks/traffic-management/traffic-shifting/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* only test english docs
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* allow test.sh as suffix
* move adding setup configs to tests/setup
* recommend full paths
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* require full test paths
* converting old tests to new tests: traffic-management and misc
* converting old tests to new tests: security
* remove old tests
* Update content/en/docs/tasks/security/cert-management/dns-cert/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* simplify setup configs
* Update content/en/docs/tasks/security/authentication/authn-policy/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/security/authentication/mtls-migration/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/security/authorization/authz-http/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* do not let istioctl prompt y/n
* Update content/en/docs/tasks/traffic-management/ingress/ingress-sni-passthrough/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/traffic-management/ingress/secure-ingress/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/security/cert-management/plugin-ca-cert/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* simplify stuff
* rename dns-cert test.sh to test_broken.sh
* fix dns-cert doc and test
* remove egress=disabled
* fix test
* Update content/en/docs/tasks/observability/logs/access-log/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/security/authentication/authn-policy/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* add an example task to test
* main test function: save progress
* a working example: routing request
* improve log info and error handling
* introduce makefile
* run each test as a subtest; remove common setup from test.sh
* add another test.sh: fault-injection
* improve error handling
* check test environment
* add two more test.sh files
* fix make command for istio setup
* update two test.sh files from upstream
* add comments and update README.md
* update test.sh files from upstream
* support multiple test names
* update README
* update README.md for new framework
* remove documentation of migration steps
* undo format changes
* change separation line to '# @cleanup'
* move go code and makefile from content/ to tests/
* change package name
* make for loop more readable
* change the set of auto-sourced scripts
* add docs for all functions
* approach to deal with folders with the same name
* minor fixes to ensure everything still runs
* fix make gen error
* add a TIMEOUT argument
* make sure util/debug.sh works with new framework
* make lint-go happy
* [BIG CHANGE] allow different istio setup configs
* make linters happy
* make linters happier
* changed wording and function orders
* make error return as the 2nd argument
* add TODOs
* Update content/en/docs/tasks/traffic-management/traffic-shifting/test.sh
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* only test english docs
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* allow test.sh as suffix
* move adding setup configs to tests/setup
* recommend full paths
* Update tests/README.md
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* require full test paths
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* authn-policy: Point users to Istio installation guide.
Have users install Istio through the installation guide instead of
explicitly instructing them to run "istioctl manifest apply" in the
task. This will make it easier to automate the task later.
* authn-policy: Make steps and expected response clear for testing.
* Add authn-policy user guide test.
* snip.py: Replace github file token with release-specific URL.
* verify.sh: Show the expected output as well as the actual output.
* snip.py: Update the githubfile regex to not include email addresses.
When generating snip scripts, pairs of "@" signs indicate a link to
GitHub repo content. However, JWT attribute values contained pairs of
email addresses such as:
`testing@secure.istio.io/testing@secure.istio.io`
which would be treated as an email address and mangled. This commit
rewrites the regex to not match on email addresses.
* Add authz-jwt user guide test.
* Update test framework to use 1.6.0-beta.0
* Go back to copies from env var
* Add more test targets, fix mtls test (new PA added)
* Update to use Istio SHA from go.mod (convert to long SHA)
* Try and remove TAG from prow
* Debug TAG not being set
* Fix paralization issue
* Remove some extra output
* Review comments
* Updated with instructions for LightStep Tracing vs. LightStep [x]pm (#4203)
* Remove [x]PM unless necessary (#4405)
These instructions are now for both LightStep [x]PM and LightStep Tracing.
* Updated with instructions for LightStep Tracing vs. LightStep [x]pm (#4203)
* remove bad dir
* fix graphic name
* Changed spelling of Lightstep
Changed spelling of "LightStep" to "Lightstep" due to brand changes.
* Update Lightstep
Update for branding
* Change LightStep to Lightstep and removed bad link
* Change LightStep to Lightstep
* Change LightStep to Lightstep
* Change LightStep to Lightstep
* change LightStep to Lightstep
* remove changes from other langs
* merge changes from istio
* put branding changes back in
* resolve merge conflict
* fix lint issues and add LighStep back into .spelling
* Update content/en/docs/tasks/observability/distributed-tracing/lightstep/index.md
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
Reverted the actual mirror test script, because mirror test seems to have some subtle failure when running with what seems to be the exact same commands via snips. Will investigate further in followup PR. Merging this one to get the generator changes.
* Add test for Request Timeouts
* Update test to extract snippets
* Apply suggestions from code review
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
* Fix lint error
* Use code snippets from bookinfo snips
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
* Remove sleep pods
* remove deprecated $snippet and use use verify func
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
* Skip test failure
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
The code in step 3 of Perform TLS origination with an egress gateway explains how to create egress Gateway for edition.cnn.com. port 80, so the title of this step should follow it.
Co-authored-by: Koki Tomoshige <36136133+tomocy@users.noreply.github.com>
The pod of tcp-echo which is asked its podIP is in `foo` namespace, so the `kubectl get` should specify the namespace as `foo`.
Co-authored-by: Koki Tomoshige <36136133+tomocy@users.noreply.github.com>
* Retire helm documentation as we use a protobuf
The new rendered source of truth is:
https://preliminary.istio.io/docs/reference/config/istio.operator.v1alpha1/
This is rendered from the API repo protobuf which (may) need description fields
set. That protobuf is here:
https://github.com/istio/api/blob/master/operator/v1alpha1/operator.proto
* Follow the flowchart
The flowchart is not quite right and could use some improvement.
* Update content/en/blog/2019/performance-best-practices/index.md
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* User guide tests for DNS certificate management
- Add user guide tests for DNS certificate management
- Remove user guide's dependency on jq
* Use _verify_contains function
* User guide tests and remove manual steps for plugging in CA cert
- Add user guide tests for plugging in CA cert
- Remove the manual steps in the user guide of plugging in CA cert
to make it easier for an user to try the guide.
* Fix SC2046 lint error and the trafficmanagement test errors
* Use standard ports for telemetry exposure
Blocker for https://github.com/istio/istio/issues/22911
* Full update and include HTTPS
* Fix link
* Remove from ports table
* Apply suggestions from code review
Co-Authored-By: Rachael Graham <rachael.graham@ibm.com>
Co-authored-by: Rachael Graham <rachael.graham@ibm.com>
* Update doc test README
* add sh
* tweaks
* formatting
* format
* fix comment
* wording
* convert mtls migration task
* Update tests/README.md
Co-Authored-By: Eric Van Norman <ericvn@us.ibm.com>
* Update tests/README.md
Co-Authored-By: Eric Van Norman <ericvn@us.ibm.com>
Co-authored-by: Eric Van Norman <ericvn@us.ibm.com>
* Refactor Secure Ingress tasks
Ingress SDS is now the default and recommended. This removes the file
mount task, which is no longer recommended and will avoid confusion, and
cleans up the task a bit. I also documented the new supported secret
formats.
* use archive
* Add documentation on Ingress support
Istio has supported Ingress for quite a while, but its not documented.
This explains how to use it and configure it.
Note to docs reviewers: Gateway is Istio's alternative to Kubernetes'
Inrgess object, and we prefer users to use Gateway. However, for reasons
like legacy users, we also support Ingress.
* fix lint
* fix lint
* fix lint
* improvements
.
* Apply suggestions from code review
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* add a tcpdump verification for mtls
* add period
* move to the migration doc.
* lint fixing
* address cmt.
* Apply suggestions from code review
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* remove mixer references from egress tasks and deprecate where needed
* lint fixes
* Update content/en/docs/tasks/traffic-management/egress/egress_sni_monitoring_and_policies/index.md
Co-Authored-By: mandarjog <mandarjog@gmail.com>
* Update content/en/docs/tasks/traffic-management/egress/egress_sni_monitoring_and_policies/index.md
Co-Authored-By: Eric Van Norman <ericvn@us.ibm.com>
Co-authored-by: Francois Pesce <fpesce@google.com>
Co-authored-by: mandarjog <mandarjog@gmail.com>
Co-authored-by: Eric Van Norman <ericvn@us.ibm.com>
* Spelling and add a tip to using-istio-dashboard
* Update content/en/docs/tasks/observability/metrics/using-istio-dashboard/index.md
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/observability/metrics/using-istio-dashboard/index.md
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* authz: add task for IP whitelist/blacklist on ingress gateway
* allow list and deny list
* Small grammar adjustments
* address comments
* Update content/en/docs/tasks/security/authorization/authz-ingress/index.md
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/security/authorization/authz-ingress/index.md
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
* Update content/en/docs/tasks/security/authorization/authz-ingress/index.md
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Adam Miller <1402860+adammil2000@users.noreply.github.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* wip: setup observability tasks for v2
Signed-off-by: Douglas Reid <dougreid@google.com>
* continue work
Signed-off-by: Douglas Reid <dougreid@google.com>
* lint fix
Signed-off-by: Douglas Reid <dougreid@google.com>
* remove mixer ref from what-is-istio
Signed-off-by: Douglas Reid <dougreid@google.com>
* further cleanup
Signed-off-by: Douglas Reid <dougreid@google.com>
* lint fix
Signed-off-by: Douglas Reid <dougreid@google.com>
* when will the linting stop?
Signed-off-by: Douglas Reid <dougreid@google.com>
* Update content/en/docs/tasks/observability/mixer/_index.md
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* rewrite Secure Gateways (SDS) to use openssl for generating certs/keys
additional improvements:
1. Generate and use client certificate/private key for mutual TLS
2. Do not use quotes in YAMLs where not required
* add removing csr files and client.example.com files
* delete the directories with the certificates -> delete the certificates and the keys
* update documentation for TCP traffic shifting: use a dedicated namespace instead of using default [istio-18285]
* fixed lint error in tcp-traffic-shifting/index.md in creating new namespace section (istio#18285)
* fix ordered list numbering to conform to MD029 configured to 'one' (istio.io/istio#18285)
* Improve the MTLS migration task.
* Small fix.
* More improvements.
* Small fix.
* Small fix.
* Small fix.
* Small fix.
* Small fix.
* Lint fix.
* Copy edits
* Apply suggestions from code review
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
Co-authored-by: Adam Miller <1402860+adammil2000@users.noreply.github.com>
Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>
* add "for" in description: ... configure Istio for Kubernetes External Services
* add "in the default namespace" to "create a Kubernetes ExternalName Service"
* mention the Kubernetes DNS format for services
* bugfix: V1/2_POD_IP set error when there are multiple pods labelled version=v1/2
* certificate decode error when decoding from bash pipe by openssl
* revert certificate decode error when decoding from bash pipe by openssl
* remove bin reference to istioctl
as all of our other tasks assume istioctl is on the path already. Having it cause me an alert on my mac:
“istioctl” can’t be opened because Apple cannot check it for malicious software.
* fix istioctl path
* update the cmd to retrieve token correctly
* update to remove empty char only
* remove tab also
* Update content/en/docs/tasks/security/authentication/authn-policy/index.md
Co-Authored-By: Eric Van Norman <ericvn@us.ibm.com>
* Set Kiali username and password on separate prompt
* Fix linting errors
* Revert zsh prompt to single copiable box
* Fix review comment suggestions
* Remove spacing
Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>
As with version v1.4.0, Experimental multi-cluster setup has been added to istioctl
The following command also provides istio-multicluster-destinationrule and host information
kubectl get destinationrule --all-namespaces
These fix problems encountered when switching to the new Hugo which has
a completely different markdown engine. I went through diffs of the generated
HTML and made required adjustments.
- We don't need cookies for istio.io, the few settings we do have should be
managed with browser-local storage instead. This is a better privacy posture,
and avoids sending needless data to the server for every request.
* Add note about annotations to control traffic
Fixes https://github.com/istio/istio/issues/19258
* Update content/en/docs/tasks/traffic-management/egress/egress-control/index.md
Co-Authored-By: Martin Taillefer <geeknoid@users.noreply.github.com>
* use a subset in the destination rule for TLS origination
this way the TLS origination will only be applied for the traffic directed by the
virtual service for TLS origination. TLS origination will not be applied for the original TLS traffic
* add a check that the original TLS traffic works as before
* [kiali] add viewing and editing Istio configuration YAML to the task
* The linter is failing this because it considered "Config" a spelling error. However, the actual GUI menu item is literally called "Istio Config".
Because of this, I cannot format "Istio Config" in simply bold letters (which is the Istio doc standard for denoting GUI elements).
Thus, even though its a GUI element, I have to surround with backticks to avoid this being considered a spelling error.
* Incorporate review suggestion.
Fix some other things I noticed.
* Added the Best Practices section with general principles.
This is the beginning of the new Best Practices section.
Our goal is to provide a section for all the best practices and recommendations
for Istio deployments. The best practices are based on the identified and
recommended deployment models.
Signed-off-by: rcaballeromx <grca@google.com>
* Change headings for clarity.
Adds clarity to some passages based on feedback.
Removes a list of recommendations that was causing some confusion.
Adds a glossary entry for failure domains and how they relate to a
platform's availability zones.
Signed-off-by: rcaballeromx <grca@google.com>
* Move Best Practices to Ops Guide
Signed-off-by: rcaballeromx <grca@google.com>
* Moved Deployment Best Practices to a new "Prepare Your Deployment" section.
Moved all deployment preparation content into a new section under "Setup".
For now the content includes the following sections:
- Deployment models
- Deployment best practices
- Pod requirements
Merged the two existing pages containing pod requirements into one single page.
Signed-off-by: rcaballeromx <grca@google.com>
* Replace example with better guidance around namespace tenancy.
Signed-off-by: Rigs Caballero <grca@google.com>
* Add links and language pointing to the Prepare section
Signed-off-by: Rigs Caballero <grca@google.com>
* Fix minor typos and broken links.
Signed-off-by: Rigs Caballero <grca@google.com>
* Move from Setup to Operations
Signed-off-by: Rigs Caballero <grca@google.com>
* Fix broken links
Signed-off-by: Rigs Caballero <grca@google.com>
* Fix rebasing issues.
Signed-off-by: Rigs Caballero <grca@google.com>
* Fix multicluster install link.
Signed-off-by: Rigs Caballero <grca@google.com>
* [kiali] add a new section that creates a weighted route to show kiali is more than just a pretty graph.
* spell checker failed, I assume "dropdown" and "checkbox" and "popup" must not be compound words.
(I can't get the linter to run locally on my box, so I have to commit this and see what travis says)
* address suggestions.
* Alot of the Istio community does not know that Kiali is more than just a graph.
We want to get that across. This Task can't cover it all, so this commit
adds a link to the "Features" page of the kiali website
which lists the non-graph features as well so people can at least
learn about those other features.
* add a task to show kiali validation
* Use 'istioctl dashboard' instead of port-forward
* bold references to UI elements
* Cleanup dashboards
* Address comments
* Mention control-c, which is easier way to stop dashboard
Let's make additional changes in a followup PR.
* Replace "Mesh Expansion" with "VM Support" and related edits.
To avoid confusion and improve the visibility of the VM-related content, these
changes align with terminology used by our users.
Signed-off-by: rcaballeromx <grca@google.com>
* Fix descriptions, titles and link texts.
Addressed the feedback given around the link text still containing "mesh
expansion". Also addressed the feedback around the accuracy of the
titles and descriptions used.
Signed-off-by: rcaballeromx <grca@google.com>
* Fix bullets and descriptions.
Signed-off-by: rcaballeromx <grca@google.com>
* Return content to examples.
Signed-off-by: rcaballeromx <grca@google.com>
* Fix broken links.
Signed-off-by: rcaballeromx <grca@google.com>
* Fix title for accuracy.
Signed-off-by: rcaballeromx <grca@google.com>
* Fix links for ZH content.
Signed-off-by: rcaballeromx <grca@google.com>
* Fix language for clarity.
Signed-off-by: rcaballeromx <grca@google.com>
* Fix broken link to SDS task.
Signed-off-by: rcaballeromx <grca@google.com>
* Fix merge conflicts.
Signed-off-by: Rigs Caballero <grca@google.com>
* Fix auth installation and its references.
* Apply suggestions from code review
Fix according to the feedback.
Co-Authored-By: Martin Taillefer <geeknoid@users.noreply.github.com>
* User guide for istioctl managing webhooks
* Generate the webhook configurations
* Skip long config
* Move the task to be under setup/install directory
* Add jq as a prerequisite
* Decouple installation from the user guide
* Add explanations to config
* Change the weight
* Revisions on cleanup
* Revise headings
* Revise the search instructions
* Revise the wordings
* Revise install instructions and location
* Skip --validation
* Use istioctl to generate webhook configurations
* Use istioctl to install
* Revise the commands
* Revise the wording
* Remove two comment lines
* User guide for Istio DNS certificates
A guide of how to provision and manage DNS certificates in Istio.
* Explain why uses this feature
* Use the boilerplate command
* Unindent a text block
* Add jq as a prerequisite
* Decouple installation step from the user guide
* Wording revisions
* Wording revisions and change weight
* Follow the same installation approach of CNI
* Revise the writing
* Merge the javascript functions
* Fix the lint error
- ./public/docs/tasks/security/dns-cert/index.html
* linking to /docs/setup/install/helm/#dnscerts, but dnscerts does not exist (line 58176)
<a href="/docs/setup/install/helm/#dnscerts">Customizable Install with Helm</a>
htmlproofer 3.12.0 | Error: HTML-Proofer found 1 failure!
* Use istioctl to install Istio
* Revisions according to review comments
* Add an explanation
* Revise based on review comments
* Remove the referrence to a file
* first rewrite of the DR removal till global mTLS section.
* remove all destinationrule for authn policy doc.
* lint fix
* add separate page for automtls
* restore the original authn policy
* new page with auto mtls separately.
* fix the lint
* fix lint and using istioctl manifest.
* complete the instructions for auto mlts
* finish and verify with install
* more delta before and after in strict
* header with certificate identity.
* no more helm
* apply the suggestion.
- Fix a bunch of heading capitalization.
- Remove words that shouldn't be in the dictionary
and update the text accordingly.
- Added a few @@ sequences to reference content files from text blocks.
- Used a few {{< source_branch_name >}} sequences to refer to the proper
branch in GitHub rather than master.
* fix the certificate and private key generation for the first section
* rewrite the second section
* fix the third section
* fix the troubleshooting section
* remove a reference to generating certificates and keys in the ingress passthru task
* a certificates -> a certificate, Generate a certificate -> Create a certificate
* add a cleanup subsection to set desired outbound traffic policy mode
the title: "Set the `global.outboundTrafficPolicy.mode` to your desired mode"
* remove a redundant empty line
* rename the subsection to be "Set the outbound traffic policy mode to your desired value"
* remove a semicolon at the end of the subsection's title
* add `uniq` so the output of the current outbound traffic policy mode will appear once
Pengyuan Bian
Suchith J N
Eric Van Norman
Frank Budinsky
Neeraj Poddar
Kenjiro Nakayama
Shamsher Ansari
John Mazzitelli
Navraj Singh Chhina
Lucas Ponce
John Howard
Vadim Eisenberg
Istio Automation
Ismo Puustinen
Gregory Hanson
Morven Cao
Ram Vennam
Albert Sun
Nicolas Haller
Aurelie Vache
Fernando Ripoll
Hongyi Zhang
Douglas Reid
Iris
Jonathan Kogan
jacob-delgado
Justin Pettit
Lin Sun
Nupur Garg
Xavier Canal i Masjuan
mandarjog
Guy Templeton
Oliver Liu
Adam Miller
Jonh Wendell
Robin Whitmore
Mitch Connors
Istio Automation
Steven Dake
lei-tang
Jianfei Hu
John Pape
tigran-a
Yangmin Zhu
Diem Vu
Jimmy Chen
Romain Lenglet
Xinnan Wen
Chunlin Yang
Bryant Hagadorn
SerenaFeng
LokeshAggarwal1997
youmoo
Martin Taillefer
Jonas Lomholdt
Phillip Quy Le
imgbot[bot]
Rigs Caballero
John Zheng
Hongzhi
Kuat
Ed Snible
Naoki Oketani
Gary Brown