Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs(kuma-cp) permissive mTLS mode #510

Merged
merged 3 commits into from
Aug 25, 2021
Merged

docs(kuma-cp) permissive mTLS mode #510

merged 3 commits into from
Aug 25, 2021

Conversation

lobkovilya
Copy link
Contributor

Signed-off-by: Ilya Lobkov ilya.lobkov@konghq.com

@lobkovilya
docs(kuma-cp) permissive mTLS mode
a85e268 
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>
@lobkovilya lobkovilya requested a review from a team as a code owner August 23, 2021 14:22
@Bradamant3 Bradamant3 changed the base branch from master to next August 23, 2021 14:34
Bradamant3
Bradamant3 suggested changes Aug 23, 2021
View reviewed changes
Copy link
Contributor

@Bradamant3 Bradamant3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some copyedits and a question. I'm also happy to do the changes if you'd rather. Thanks!

docs/docs/1.2.3/policies/mutual-tls.md
Comment on lines +192 to +193
Kuma provides a convenient way to migrate existing workloads to the mTLS mesh with zero downtime. In order to do so
`PERMISSIVE` mode has to be enabled.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Kuma provides a convenient way to migrate existing workloads to the mTLS mesh with zero downtime. In order to do so
`PERMISSIVE` mode has to be enabled.
In version 1.3.0 and later, Kuma provides `PERMISSIVE` mTLS mode to let you migrate existing workloads with zero downtime:

This ... seems like something we should maybe also encourage users not to leave on? Or at the very least warn about insecure incoming connections? Or ... something?

I'm also not sure about the order of things. Might be better to put the explanation at lines 228-230 before the examples also?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point. I'm missing the information on when can I switch from permissive to strict mTLS. Metrics are in progress?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a warning:

image

The message and format is not final, I know @Bradamant3 doesn't like a lot of frames :)

jakubdyszkiewicz
jakubdyszkiewicz reviewed Aug 24, 2021
View reviewed changes
docs/docs/1.2.3/policies/mutual-tls.md
Permissive mTLS mode encrypts outbound connections the same way as strict mTLS mode, but inbound connections on the server-side
accept both TLS and plaintext. This allows migrating servers to the mTLS mesh while clients are still don't belong to the mesh.
The case when the client and server already had TLS is supported as well.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not a blocker but I'm missing here a guide on how can I migrate an app with existing TLS. I bet we will see this question on Kuma slack.

Maybe it should be a part of a bigger guide that let say we have 3 apps, 1 <-> 2 <-> 3. There is custom TLS between 2 <-> 3 and we present how to gradually introduce them to a mesh with mTLS without any downtime.
Just an idea, it can go to the backlog, but we may take this into account when we rewrite docs.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we can do it as a tutorial rather than theoretical steps?

docs/docs/1.2.3/policies/mutual-tls.md
Comment on lines +192 to +193
Kuma provides a convenient way to migrate existing workloads to the mTLS mesh with zero downtime. In order to do so
`PERMISSIVE` mode has to be enabled.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point. I'm missing the information on when can I switch from permissive to strict mTLS. Metrics are in progress?

lobkovilya and others added 2 commits August 25, 2021 15:22
@lobkovilya @Bradamant3
Update docs/docs/1.2.3/policies/mutual-tls.md
7b720ff 
Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>
@lobkovilya
docs(kuma-cp) warning
4e4f416 
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>
Bradamant3
Bradamant3 approved these changes Aug 25, 2021
View reviewed changes
Copy link
Contributor

@Bradamant3 Bradamant3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM for merge to next, I'll fix up a few things before merge to master.

@Bradamant3 Bradamant3 merged commit c96989c into next Aug 25, 2021
Bradamant3 added a commit that referenced this pull request Aug 25, 2021
@lobkovilya @Bradamant3
docs(kuma-cp) permissive mTLS mode (#510)
39e64c8 
* docs(kuma-cp) permissive mTLS mode

Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>

* Update docs/docs/1.2.3/policies/mutual-tls.md

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>

* docs(kuma-cp) warning

Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>
Bradamant3 added a commit that referenced this pull request Aug 26, 2021
@Bradamant3 @lahabana
@dependabot @bartsmykla @jakubdyszkiewicz @nikita15p @lobkovilya @parkanzky @tomaszwylezek @subnetmarco
1.3.0 release redux (#519)
6b6e7d3 
* Improve log and trace docs for grafana (#501)

Merging after approval to work with an updated master for next branch cleanup and more.

The docs were not very clear (some trace config was explained in the log docs).
This cleans this a little.

Signed-off-by: Charly Molter <charly.molter@konghq.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* chore(deps): bump path-parse from 1.0.6 to 1.0.7 (#503)

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* chore(deps): bump url-parse from 1.5.1 to 1.5.3 (#509)

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.1 to 1.5.3.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](unshiftio/url-parse@1.5.1...1.5.3)

---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* feat(*) add websockets to supported protocols (#507)

Signed-off-by: Bart Smykla <bartek@smykla.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(http-api) new fields in dataplane and mesh insights (#505)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(policies) intermediate CA (#506)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(policies) external service SNI (#494)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* Updated mtls certificate requirement for provided CA (#511)

* chore(deps): bump path-parse from 1.0.6 to 1.0.7 (#503)

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump url-parse from 1.5.1 to 1.5.3 (#509)

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.1 to 1.5.3.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](unshiftio/url-parse@1.5.1...1.5.3)

---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(*) add websockets to supported protocols (#507)

Signed-off-by: Bart Smykla <bartek@smykla.com>

* Updated mtls certificate requirement for provided CA

Signed-off-by: nikita15p <nikita15p@gmail.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Bart Smykla <bartek@smykla.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(http-api) adjust insight fields (#512)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* Add documentation for virtual-outbound (#508)

* Add documentation for virtual-outbound

Signed-off-by: Charly Molter <charly.molter@konghq.com>

* Apply suggestions from code review

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>
Signed-off-by: Charly Molter <charly.molter@konghq.com>

* Update with review comments

Signed-off-by: Charly Molter <charly.molter@konghq.com>

* Fix bad indent in policies

Signed-off-by: Charly Molter <charly.molter@konghq.com>

* Add to sidebar

Signed-off-by: Charly Molter <charly.molter@konghq.com>

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(kuma-cp) permissive mTLS mode (#510)

* docs(kuma-cp) permissive mTLS mode

Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>

* Update docs/docs/1.2.3/policies/mutual-tls.md

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>

* docs(kuma-cp) warning

Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* doc(kuma-cp) Add notes on external service rate limits (#514)

Signed-off-by: Paul Parkanzky <paul.parkanzky@konghq.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* initial prep for 1.3.0 release

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(http-api) adjust zones+insights fields (#515)

Signed-off-by: Tomasz Wylężek <tomwylezek@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* add current 1.2.3 directory and files

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* fix up munged side nav

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* blog: 1.3.0 (#520)

* blog: 1.3.0

* release: updating home page news banner for 1.3.0

Co-authored-by: Charly Molter <charly.molter@konghq.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Bart Smykla <bartek@smykla.com>
Co-authored-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Co-authored-by: Nikita Pande <37657012+nikita15p@users.noreply.github.com>
Co-authored-by: Ilya Lobkov <ilya.lobkov@konghq.com>
Co-authored-by: parkanzky <42279121+parkanzky@users.noreply.github.com>
Co-authored-by: Tomasz Wylężek <tomwylezek@gmail.com>
Co-authored-by: Marco Palladino <88.marco@gmail.com>
Bradamant3 added a commit that referenced this pull request Oct 6, 2021
@Bradamant3 @lahabana
@dependabot @bartsmykla @jakubdyszkiewicz @nikita15p @lobkovilya @parkanzky @tomaszwylezek @subnetmarco
1.3.1 release (#551)
f537d12 
Reviewed and approved via Slack by @jpeach 

* Improve log and trace docs for grafana (#501)

Merging after approval to work with an updated master for next branch cleanup and more.

The docs were not very clear (some trace config was explained in the log docs).
This cleans this a little.

Signed-off-by: Charly Molter <charly.molter@konghq.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* chore(deps): bump path-parse from 1.0.6 to 1.0.7 (#503)

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* chore(deps): bump url-parse from 1.5.1 to 1.5.3 (#509)

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.1 to 1.5.3.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](unshiftio/url-parse@1.5.1...1.5.3)

---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* feat(*) add websockets to supported protocols (#507)

Signed-off-by: Bart Smykla <bartek@smykla.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(http-api) new fields in dataplane and mesh insights (#505)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(policies) intermediate CA (#506)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(policies) external service SNI (#494)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* Updated mtls certificate requirement for provided CA (#511)

* chore(deps): bump path-parse from 1.0.6 to 1.0.7 (#503)

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump url-parse from 1.5.1 to 1.5.3 (#509)

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.1 to 1.5.3.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](unshiftio/url-parse@1.5.1...1.5.3)

---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(*) add websockets to supported protocols (#507)

Signed-off-by: Bart Smykla <bartek@smykla.com>

* Updated mtls certificate requirement for provided CA

Signed-off-by: nikita15p <nikita15p@gmail.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Bart Smykla <bartek@smykla.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(http-api) adjust insight fields (#512)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* Add documentation for virtual-outbound (#508)

* Add documentation for virtual-outbound

Signed-off-by: Charly Molter <charly.molter@konghq.com>

* Apply suggestions from code review

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>
Signed-off-by: Charly Molter <charly.molter@konghq.com>

* Update with review comments

Signed-off-by: Charly Molter <charly.molter@konghq.com>

* Fix bad indent in policies

Signed-off-by: Charly Molter <charly.molter@konghq.com>

* Add to sidebar

Signed-off-by: Charly Molter <charly.molter@konghq.com>

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(kuma-cp) permissive mTLS mode (#510)

* docs(kuma-cp) permissive mTLS mode

Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>

* Update docs/docs/1.2.3/policies/mutual-tls.md

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>

* docs(kuma-cp) warning

Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* doc(kuma-cp) Add notes on external service rate limits (#514)

Signed-off-by: Paul Parkanzky <paul.parkanzky@konghq.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* initial prep for 1.3.0 release

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(http-api) adjust zones+insights fields (#515)

Signed-off-by: Tomasz Wylężek <tomwylezek@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* add current 1.2.3 directory and files

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* fix up munged side nav

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* blog: 1.3.0 (#520)

* blog: 1.3.0

* release: updating home page news banner for 1.3.0

* add working directory for next branch

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(security) service account token considerations (#528)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>

* docs(kuma-cp) add tabs for Fault Injection policy (#535)

Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>

* 1.3.1 release

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

Co-authored-by: Charly Molter <charly.molter@konghq.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Bart Smykla <bartek@smykla.com>
Co-authored-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Co-authored-by: Nikita Pande <37657012+nikita15p@users.noreply.github.com>
Co-authored-by: Ilya Lobkov <ilya.lobkov@konghq.com>
Co-authored-by: parkanzky <42279121+parkanzky@users.noreply.github.com>
Co-authored-by: Tomasz Wylężek <tomwylezek@gmail.com>
Co-authored-by: Marco Palladino <88.marco@gmail.com>
tomaszwylezek added a commit that referenced this pull request Nov 22, 2021
@Bradamant3 @lahabana
@dependabot @bartsmykla @jakubdyszkiewicz @nikita15p @lobkovilya @parkanzky @tomaszwylezek @subnetmarco @webliupeng @michaelbeaumont @jpeach
Prep next branch for Kuma release 1.4.0 (#587)
62bfb1f 
* Improve log and trace docs for grafana (#501)

Merging after approval to work with an updated master for next branch cleanup and more.

The docs were not very clear (some trace config was explained in the log docs).
This cleans this a little.

Signed-off-by: Charly Molter <charly.molter@konghq.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* chore(deps): bump path-parse from 1.0.6 to 1.0.7 (#503)

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* chore(deps): bump url-parse from 1.5.1 to 1.5.3 (#509)

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.1 to 1.5.3.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](unshiftio/url-parse@1.5.1...1.5.3)

---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* feat(*) add websockets to supported protocols (#507)

Signed-off-by: Bart Smykla <bartek@smykla.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(http-api) new fields in dataplane and mesh insights (#505)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(policies) intermediate CA (#506)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(policies) external service SNI (#494)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* Updated mtls certificate requirement for provided CA (#511)

* chore(deps): bump path-parse from 1.0.6 to 1.0.7 (#503)

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump url-parse from 1.5.1 to 1.5.3 (#509)

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.1 to 1.5.3.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](unshiftio/url-parse@1.5.1...1.5.3)

---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(*) add websockets to supported protocols (#507)

Signed-off-by: Bart Smykla <bartek@smykla.com>

* Updated mtls certificate requirement for provided CA

Signed-off-by: nikita15p <nikita15p@gmail.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Bart Smykla <bartek@smykla.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(http-api) adjust insight fields (#512)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* Add documentation for virtual-outbound (#508)

* Add documentation for virtual-outbound

Signed-off-by: Charly Molter <charly.molter@konghq.com>

* Apply suggestions from code review

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>
Signed-off-by: Charly Molter <charly.molter@konghq.com>

* Update with review comments

Signed-off-by: Charly Molter <charly.molter@konghq.com>

* Fix bad indent in policies

Signed-off-by: Charly Molter <charly.molter@konghq.com>

* Add to sidebar

Signed-off-by: Charly Molter <charly.molter@konghq.com>

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(kuma-cp) permissive mTLS mode (#510)

* docs(kuma-cp) permissive mTLS mode

Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>

* Update docs/docs/1.2.3/policies/mutual-tls.md

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>

* docs(kuma-cp) warning

Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* doc(kuma-cp) Add notes on external service rate limits (#514)

Signed-off-by: Paul Parkanzky <paul.parkanzky@konghq.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* initial prep for 1.3.0 release

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(http-api) adjust zones+insights fields (#515)

Signed-off-by: Tomasz Wylężek <tomwylezek@gmail.com>
Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* add current 1.2.3 directory and files

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* fix up munged side nav

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* blog: 1.3.0 (#520)

* blog: 1.3.0

* release: updating home page news banner for 1.3.0

* add working directory for next branch

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(security) service account token considerations (#528)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>

* docs(kuma-cp) add tabs for Fault Injection policy (#535)

Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>

* 1.3.1 release

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(*) new section "External Services and Locality Aware Load Balancing" (#552)

* docs(kuma-cp) es and locality-aware lb

Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>

* docs(kuma-cp) create 4.4.4 from 1.3.1

Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>

* add rest of working directory for next release so we can build from this branch

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(policy) retriable methods configuration (#567)

* docs(policy) retriable methods configuration

Signed-off-by: Liupeng <webliupeng@gmail.com>

* docs(policy) improve retriableMethods document syntax

Co-authored-by: Mike Beaumont <mjboamail@gmail.com>
Signed-off-by: Liupeng <webliupeng@gmail.com>

Co-authored-by: Mike Beaumont <mjboamail@gmail.com>

* update with changes to master branch

Signed-off-by: Jennifer Rondeau <jennifer.rondeau@konghq.com>

* docs(*) update api reference for aggregate stats (#570)

* docs(*) update api reference for aggregate stats

As MeshInsights will contain `dataplanesByTypes` field which will
contain aggregated by type statistics for dataplanes

Also updated supported version of Kubernetes as we are now
supporting k8s 1.17+

Signed-off-by: Bart Smykla <bartek@smykla.com>

* docs(*) modify api referece for mesh insight

1. Provided JSON was wrong (mtls section was one level to high)
2. Added section for aggregated informations about services

Signed-off-by: Bart Smykla <bartek@smykla.com>

* docs(api) add Global Insights endpoint to api ref (#572)

Signed-off-by: Bart Smykla <bartek@smykla.com>

* Update the kumactl certificate generation syntax. (#578)

* Update the kumactl certificate generation syntax.

This fixes #574.

Signed-off-by: James Peach <james.peach@konghq.com>

* Fix spelling.

Signed-off-by: James Peach <james.peach@konghq.com>

* Add `serviceVipEnabled` configuration (#584)

Reword documentation to let people select virtual-outbound as favoured option

Signed-off-by: Charly Molter <charly.molter@konghq.com>

* Add documentation for the ignore annotation (#583)

* Add documentation for the ignore annotation

Signed-off-by: Charly Molter <charly.molter@konghq.com>

* Fix typo

Signed-off-by: Charly Molter <charly.molter@konghq.com>

* docs(security) access control (#585)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>

* prep for 1.4.0 release

* docs(api) add resources to GlobalInsights + more (#580)

Structure of GlobalInsights changed to allow return more of global
resources

Signed-off-by: Bart Smykla <bartek@smykla.com>

* api server authentication (#554)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>

Co-authored-by: Jennifer Rondeau <Bradamant3@users.noreply.github.com>

* draft changes for community call UI

* update after merge

* add icon (#588)

Signed-off-by: Tomasz Wylężek <tomwylezek@gmail.com>

* docs(security) change kong-mesh-system to kuma-system (#589)

Signed-off-by: Mike Beaumont <mjboamail@gmail.com>

* finish draft blog post, edit home page, fix up community call form

* Blog post (#592)

* blog: 1.4.0

* blog: 1.4.0

Co-authored-by: Marco <marco@Marcos-MacBook-Pro.local>
Co-authored-by: subnetmarco <88.marco@gmail.com>

Co-authored-by: Charly Molter <charly.molter@konghq.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Bart Smykla <bartek@smykla.com>
Co-authored-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Co-authored-by: Nikita Pande <37657012+nikita15p@users.noreply.github.com>
Co-authored-by: Ilya Lobkov <ilya.lobkov@konghq.com>
Co-authored-by: parkanzky <42279121+parkanzky@users.noreply.github.com>
Co-authored-by: Tomasz Wylężek <tomwylezek@gmail.com>
Co-authored-by: Marco Palladino <88.marco@gmail.com>
Co-authored-by: webliupeng <webliupeng@gmail.com>
Co-authored-by: Mike Beaumont <mjboamail@gmail.com>
Co-authored-by: James Peach <james.peach@konghq.com>
Co-authored-by: Marco <marco@Marcos-MacBook-Pro.local>
@lahabana lahabana deleted the docs/permissive-mtls branch March 21, 2022 10:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jakubdyszkiewicz jakubdyszkiewicz jakubdyszkiewicz left review comments

@Bradamant3 Bradamant3 Bradamant3 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lobkovilya @jakubdyszkiewicz @Bradamant3