diff --git a/app/_src/explore/cli.md b/app/_src/explore/cli.md index 2626a5885..f0aed5904 100644 --- a/app/_src/explore/cli.md +++ b/app/_src/explore/cli.md @@ -52,7 +52,7 @@ Available commands on `kumactl` are: * `kumactl help [..]`: help dialog that explains the commands available. * `kumactl version [--detailed]`: shows the version of the program. -Checkout the [`kumactl` usage docs](/docs/{{ page.version }}/generated/cmd/kumactl/kumactl) for full documentation. +Just use `kumactl [cmd] --help` for documentation. ### Using variables diff --git a/app/_src/policies/general-notes-about-kuma-policies.md b/app/_src/policies/general-notes-about-kuma-policies.md index 7da7cf35d..1089a0507 100644 --- a/app/_src/policies/general-notes-about-kuma-policies.md +++ b/app/_src/policies/general-notes-about-kuma-policies.md @@ -4,7 +4,7 @@ title: General notes about Kuma policies {% tip %} This only applies to source/destination policies. -If you are unfamiliar with these, checkout [introduction to policies](../introduction). +If you are unfamiliar with these, checkout [introduction to policies](/docs/{{ page.version }}/policies/introduction). {% endtip %} Policies applied to data plane proxies all follow the same basic structure: diff --git a/app/_src/policies/how-kuma-chooses-the-right-policy-to-apply.md b/app/_src/policies/how-kuma-chooses-the-right-policy-to-apply.md index 4f76f828f..db5895d2f 100644 --- a/app/_src/policies/how-kuma-chooses-the-right-policy-to-apply.md +++ b/app/_src/policies/how-kuma-chooses-the-right-policy-to-apply.md @@ -4,7 +4,7 @@ title: How Kuma chooses the right policy to apply {% tip %} This only applies to source/destination policies. -If you are unfamiliar with these, checkout [introduction to policies](../introduction). +If you are unfamiliar with these, checkout [introduction to policies](/docs/{{ page.version }}/policies/introduction). {% endtip %} At any single moment, there might be multiple policies (of the same type) that match a connection between `sources` and `destinations` `Dataplane`s. diff --git a/app/_src/policies/introduction.md b/app/_src/policies/introduction.md index 475131fc6..04174752c 100644 --- a/app/_src/policies/introduction.md +++ b/app/_src/policies/introduction.md @@ -1,32 +1,30 @@ --- title: Policies --- - -{% tip %} -**Need help?** Installing and using {{site.mesh_product_name}} should be as easy as possible. [Contact and chat](/community) with the community in real-time if you get stuck or need clarifications. We are here to help. -{% endtip %} - Here you can find the list of Policies that {{site.mesh_product_name}} supports. -Going forward from version 2.0, {{site.mesh_product_name}} is transitioning from [source/destination policies](../general-notes-about-kuma-policies) to [`targetRef` policies](../targetref). +Going forward from version 2.0, {{site.mesh_product_name}} is transitioning from [source/destination policies](/docs/{{ +page.version }}/policies/general-notes-about-kuma-policies) to [`targetRef` policies](/docs/{{ page.version +}}/policies/targetref). The following table shows the equivalence between source/destination and `targetRef` policies: -| source/destination policy | `targetRef` policy | -|----------------------------------------------|---------------------------------------------------| -| [CircuitBreaker](../circuit-breaker) | [MeshCircuitBreaker](../meshcircuitbreaker) | -| [FaultInjection](../fault-injection) | [MeshFaultInjection](../meshfaultinjection) | -| [HealthCheck](../health-check) | [MeshHealthCheck](../meshhealthcheck) | -| [RateLimit](../rate-limit) | [MeshRateLimit](../meshratelimit) | -| [Retry](../retry) | [MeshRetry](../meshretry) | -| [Timeout](../timeout) | [MeshTimeout](../meshtimeout) | -| [TrafficLog](../traffic-log) | [MeshAccessLog](../meshaccesslog) | -| [TrafficMetrics](../traffic-metrics) | N/A | -| [TrafficPermissions](../traffic-permissions) | [MeshTrafficPermission](../meshtrafficpermission) | -| [TrafficRoute](../traffic-route) | [MeshHTTPRoute](../meshhttproute) | -| [TrafficTrace](../traffic-trace) | [MeshTrace](../meshtrace) | -| [ProxyTemplate](../proxy-template) | [MeshProxyPatch](../meshproxypatch) | +| source/destination policy | `targetRef` policy | +|-----------------------------------------------------------------------------|----------------------------------------------------------------------------------| +| [CircuitBreaker](/docs/{{ page.version }}/policies/circuit-breaker) | [MeshCircuitBreaker](/docs/{{ page.version }}/policies/meshcircuitbreaker) | +| [FaultInjection](/docs/{{ page.version }}/policies/fault-injection) | [MeshFaultInjection](/docs/{{ page.version }}/policies/meshfaultinjection) | +| [HealthCheck](/docs/{{ page.version }}/policies/health-check) | [MeshHealthCheck](/docs/{{ page.version }}/policies/meshhealthcheck) | +| [RateLimit](/docs/{{ page.version }}/policies/rate-limit) | [MeshRateLimit](/docs/{{ page.version }}/policies/meshratelimit) | +| [Retry](/docs/{{ page.version }}/policies/retry) | [MeshRetry](/docs/{{ page.version }}/policies/meshretry) | +| [Timeout](/docs/{{ page.version }}/policies/timeout) | [MeshTimeout](/docs/{{ page.version }}/policies/meshtimeout) | +| [TrafficLog](/docs/{{ page.version }}/policies/traffic-log) | [MeshAccessLog](/docs/{{ page.version }}/policies/meshaccesslog) | +| [TrafficMetrics](/docs/{{ page.version }}/policies/traffic-metrics) | N/A | +| [TrafficPermissions](/docs/{{ page.version }}/policies/traffic-permissions) | [MeshTrafficPermission](/docs/{{ page.version }}/policies/meshtrafficpermission) | +| [TrafficRoute](/docs/{{ page.version }}/policies/traffic-route) | [MeshHTTPRoute](/docs/{{ page.version }}/policies/meshhttproute) | +| [TrafficTrace](/docs/{{ page.version }}/policies/traffic-trace) | [MeshTrace](/docs/{{ page.version }}/policies/meshtrace) | +| [ProxyTemplate](/docs/{{ page.version }}/policies/proxy-template) | [MeshProxyPatch](/docs/{{ page.version }}/policies/meshproxypatch) | {% warning %} -`targetRef` policies are still beta and it is therefore not supported to mix source/destination and targetRef policies together. +`targetRef` policies are still beta and it is therefore not supported to mix source/destination and targetRef policies +together. {% endwarning %} diff --git a/app/_src/policies/mesh-gateway-route.md b/app/_src/policies/mesh-gateway-route.md index 9bf4c79ff..e9d8d8bce 100644 --- a/app/_src/policies/mesh-gateway-route.md +++ b/app/_src/policies/mesh-gateway-route.md @@ -104,8 +104,4 @@ For example, the following filters match `/prefix`, trim it from the path and se ## Reference -The reference doc contains all options on [`MeshGatewayRoute`](/docs/{{ page.version }}/generated/resources/policy_meshgatewayroute). - -## All options - {% json_schema MeshGatewayRoute type=proto %} diff --git a/app/_src/policies/mesh-gateway.md b/app/_src/policies/mesh-gateway.md index bac3bff11..ef7f8948a 100644 --- a/app/_src/policies/mesh-gateway.md +++ b/app/_src/policies/mesh-gateway.md @@ -132,8 +132,6 @@ This set of listener tags is what {{site.mesh_product_name}} will match policies | kuma.io/service=edge-gateway | kuma.io/service=example,domain=example.com | kuma.io/service=example,domain=example.com | | kuma.io/service=edge,location=us | version=2 | kuma.io/service=edit,location=us,version=2 | -The reference doc contains all options on [`MeshGateway`](/docs/{{ page.version }}/generated/resources/policy_meshgateway). - ## TLS Termination TLS sessions are terminated on a Gateway by specifying the "HTTPS" protocol, and providing a server certificate configuration. diff --git a/app/_src/policies/meshaccesslog.md b/app/_src/policies/meshaccesslog.md index adfda7ab9..b64eda072 100644 --- a/app/_src/policies/meshaccesslog.md +++ b/app/_src/policies/meshaccesslog.md @@ -499,7 +499,7 @@ spec: ``` {% endif_version %} -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} @@ -718,7 +718,7 @@ spec: ``` {% endif_version %} -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} @@ -843,7 +843,7 @@ spec: ``` {% endif_version %} -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} diff --git a/app/_src/policies/meshcircuitbreaker.md b/app/_src/policies/meshcircuitbreaker.md index d65c04c8a..8096250a1 100644 --- a/app/_src/policies/meshcircuitbreaker.md +++ b/app/_src/policies/meshcircuitbreaker.md @@ -4,7 +4,7 @@ title: MeshCircuitBreaker (beta) {% warning %} This policy uses new policy matching algorithm and is in beta state, it should not be mixed -with [CircuitBreaker](../circuit-breaker). +with [CircuitBreaker](/docs/{{ page.version }}/policies/circuit-breaker). {% endwarning %} This policy will look for errors in the live traffic being exchanged between our data plane proxies. It will mark a data @@ -65,7 +65,7 @@ To learn more about the information in this table, see the [matching docs](/docs ### Outlier detection -Outlier detection can be configured for [HTTP, TCP or gRPC](/docs/{{ page.version }}/policies/protocol-support-in-kuma/#protocol-support-in-kuma) traffic. +Outlier detection can be configured for [HTTP, TCP or gRPC](/docs/{{ page.version }}/policies/protocol-support-in-kuma) traffic. {% warning %} For **gRPC** requests, the outlier detection will use the HTTP status mapped from the `grpc-status` response header. @@ -138,7 +138,7 @@ Split Mode is when [`splitExternalAndLocalErrors`](#outlier-detection) is equal This detection type takes into account only externally originated (transaction) errors, ignoring locally originated ones. -[**HTTP**](/docs/{{ page.version }}/policies/protocol-support-in-kuma/#protocol-support-in-kuma) +[**HTTP**](/docs/{{ page.version }}/policies/protocol-support-in-kuma) If an upstream host is an HTTP-server, only 5xx types of error are taken into account (see Consecutive Gateway Failure for exceptions). diff --git a/app/_src/policies/meshfaultinjection.md b/app/_src/policies/meshfaultinjection.md index f27ede6be..307b3c560 100644 --- a/app/_src/policies/meshfaultinjection.md +++ b/app/_src/policies/meshfaultinjection.md @@ -131,7 +131,7 @@ spec: percentage: 50 ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} @@ -188,7 +188,7 @@ spec: value: 5s ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} @@ -257,7 +257,7 @@ spec: percentage: 5 ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} diff --git a/app/_src/policies/meshhealthcheck.md b/app/_src/policies/meshhealthcheck.md index b1839e679..4a489cc69 100644 --- a/app/_src/policies/meshhealthcheck.md +++ b/app/_src/policies/meshhealthcheck.md @@ -4,7 +4,7 @@ title: Mesh Health Check (beta) {% warning %} This policy uses new policy matching algorithm and is in beta state, -it should not be mixed with [HealthCheck](../health-check). +it should not be mixed with [HealthCheck](/docs/{{ page.version }}/policies/health-check). {% endwarning %} This policy enables {{site.mesh_product_name}} to keep track of the health of every data plane proxy, @@ -40,7 +40,7 @@ The `MeshHealthCheck` policy supports both L4/TCP and L7/HTTP/gRPC checks. ### Protocol selection -The health check protocol is selected by picking the most [specific protocol](/docs/{{ page.version }}/policies/protocol-support-in-kuma/#protocol-support-in-kuma) +The health check protocol is selected by picking the most [specific protocol](/docs/{{ page.version }}/policies/protocol-support-in-kuma) and falls back to more general protocol when specified protocol has `disabled=true` in policy definition. See [protocol fallback example](#protocol-fallback). diff --git a/app/_src/policies/meshhttproute.md b/app/_src/policies/meshhttproute.md index 21168e461..84ed5a9d0 100644 --- a/app/_src/policies/meshhttproute.md +++ b/app/_src/policies/meshhttproute.md @@ -4,7 +4,7 @@ title: Mesh HTTP Route (beta) {% warning %} This policy uses new policy matching algorithm and is in beta state, -it should not be mixed with [TrafficRoute](../traffic-route). +it should not be mixed with [TrafficRoute](/docs/{{ page.version }}/policies/traffic-route). {% endwarning %} The `MeshHTTPRoute` policy allows altering and redirecting HTTP requests diff --git a/app/_src/policies/meshloadbalancingstrategy.md b/app/_src/policies/meshloadbalancingstrategy.md index 98589f4fb..ac65759d4 100644 --- a/app/_src/policies/meshloadbalancingstrategy.md +++ b/app/_src/policies/meshloadbalancingstrategy.md @@ -179,7 +179,7 @@ spec: name: x-header ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} @@ -232,7 +232,7 @@ spec: disabled: true ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} diff --git a/app/_src/policies/meshratelimit.md b/app/_src/policies/meshratelimit.md index ac0f72df5..cd95ef3fe 100644 --- a/app/_src/policies/meshratelimit.md +++ b/app/_src/policies/meshratelimit.md @@ -4,7 +4,7 @@ title: MeshRateLimit (beta) {% warning %} This policy uses new policy matching algorithm and is in beta state, -it shouldn't be mixed with [Rate Limit](../rate-limit). +it shouldn't be mixed with [Rate Limit](/docs/{{ page.version }}/policies/rate-limit). {% endwarning %} This policy enables per-instance service request limiting. Policy supports ratelimiting of HTTP/HTTP2 requests and TCP connections. diff --git a/app/_src/policies/meshretry.md b/app/_src/policies/meshretry.md index 2fd296f79..2dd071d67 100644 --- a/app/_src/policies/meshretry.md +++ b/app/_src/policies/meshretry.md @@ -4,7 +4,7 @@ title: MeshRetry (beta) {% warning %} This policy uses new policy matching algorithm and is in beta state, -it should not be mixed with [Retry](../retry). +it should not be mixed with [Retry](/docs/{{ page.version }}/policies/retry). {% endwarning %} This policy enables {{site.mesh_product_name}} to know how to behave if there is a failed scenario (i.e. HTTP request) which could be retried. @@ -23,7 +23,7 @@ To learn more about the information in this table, see the [matching docs](/docs ## Configuration The policy let you configure retry behaviour for `HTTP`, `GRPC` and `TCP` protocols. -The protocol is selected by picking the most [specific protocol](/docs/{{ page.version }}/policies/protocol-support-in-kuma/#protocol-support-in-kuma). +The protocol is selected by picking the most [specific protocol](/docs/{{ page.version }}/policies/protocol-support-in-kuma). Each protocol has a separate section under `default` in the policy YAML. Some sections are common between protocols or have similar meaning. @@ -204,7 +204,7 @@ spec: - "5xx" ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} @@ -267,7 +267,7 @@ spec: - "DeadlineExceeded" ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} @@ -320,7 +320,7 @@ spec: maxConnectAttempt: 5 ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} diff --git a/app/_src/policies/meshtcproute.md b/app/_src/policies/meshtcproute.md index 2627b3072..9922a96f5 100644 --- a/app/_src/policies/meshtcproute.md +++ b/app/_src/policies/meshtcproute.md @@ -3,7 +3,7 @@ title: MeshTCPRoute (beta) --- {% warning %} -This policy uses a new policy matching algorithm and is in beta state. It shouldn't be combined with [TrafficRoute](../traffic-route). +This policy uses a new policy matching algorithm and is in beta state. It shouldn't be combined with [TrafficRoute](/docs/{{ page.version }}/policies/traffic-route). {% endwarning %} The `MeshTCPRoute` policy allows you to alter and redirect TCP requests diff --git a/app/_src/policies/meshtimeout.md b/app/_src/policies/meshtimeout.md index 0f7890921..35da1403f 100644 --- a/app/_src/policies/meshtimeout.md +++ b/app/_src/policies/meshtimeout.md @@ -4,7 +4,7 @@ title: Mesh Timeout (beta) {% warning %} This policy uses new policy matching algorithm and is in beta state, -it should not be mixed with [Timeout policy](../timeout). +it should not be mixed with [Timeout policy](/docs/{{ page.version }}/policies/timeout). {% endwarning %} ## TargetRef support matrix @@ -40,7 +40,7 @@ This policy enables {{site.mesh_product_name}} to set timeouts on the inbound an depending on the protocol. Using this policy you can configure TCP and HTTP timeouts. Timeout configuration is split into two sections: common configuration and HTTP configuration. Common config is applied to both HTTP and TCP communication. HTTP timeout are only applied when -service is marked as http. More on this in [protocol support section](../protocol-support-in-kuma). +service is marked as http. More on this in [protocol support section](/docs/{{ page.version }}/policies/protocol-support-in-kuma). MeshTimeout policy lets you configure multiple timeouts: @@ -264,7 +264,7 @@ spec: | http.maxConnectionDuration | 0s | {% if_version eq:2.1.x %} -If you don't specify a `from` or `to` section , the defaults from [`Timeout`](../timeout) will be used. This +If you don't specify a `from` or `to` section , the defaults from [`Timeout`](/docs/{{ page.version }}/policies/timeout) will be used. This is [a known bug](https://github.com/kumahq/kuma/issues/5850) and is fixed in the next version. {% endif_version %} diff --git a/app/_src/policies/meshtrace.md b/app/_src/policies/meshtrace.md index 2ad443d3c..06ab82e85 100644 --- a/app/_src/policies/meshtrace.md +++ b/app/_src/policies/meshtrace.md @@ -4,13 +4,13 @@ title: MeshTrace (beta) {% warning %} This policy uses new policy matching algorithm and is in beta state, -it should not be mixed with [TrafficTrace](../traffic-trace). +it should not be mixed with [TrafficTrace](/docs/{{ page.version }}/policies/traffic-trace). {% endwarning %} This policy enables publishing traces to a third party tracing solution. Tracing is supported over HTTP, HTTP2, and gRPC protocols. -You must [explicitly specify the protocol](../protocol-support-in-kuma) for each service and data plane proxy you want to enable tracing for. +You must [explicitly specify the protocol](/docs/{{ page.version }}/policies/protocol-support-in-kuma) for each service and data plane proxy you want to enable tracing for. {{site.mesh_product_name}} currently supports the following trace exposition formats: @@ -343,7 +343,7 @@ spec: ``` {% endif_version %} -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} @@ -351,7 +351,7 @@ Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../. ### Datadog {% tip %} -This assumes a Datadog agent is configured and running. If you haven't already check the [Datadog observability page](../../explore/observability#configuring-datadog). +This assumes a Datadog agent is configured and running. If you haven't already check the [Datadog observability page](/docs/{{ page.version }}/explore/observability#configuring-datadog). {% endtip %} {% tabs meshtrace-datadog useUrlFragment=false %} @@ -567,7 +567,7 @@ spec: ``` {% endif_version %} -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} @@ -781,7 +781,7 @@ spec: ``` {% endif_version %} -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} diff --git a/app/_src/policies/meshtrafficpermission.md b/app/_src/policies/meshtrafficpermission.md index 44a3152cb..41e45215e 100644 --- a/app/_src/policies/meshtrafficpermission.md +++ b/app/_src/policies/meshtrafficpermission.md @@ -4,7 +4,7 @@ title: MeshTrafficPermission (beta) {% warning %} This policy uses new policy matching algorithm and is in beta state, -it should not be mixed with [TrafficPermission](../traffic-permissions). +it should not be mixed with [TrafficPermission](/docs/{{ page.version }}/policies/traffic-permissions). {% endwarning %} ## TargetRef support matrix @@ -224,7 +224,7 @@ spec: default: # 5 action: Deny ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} diff --git a/app/_src/production/cp-deployment/multi-zone.md b/app/_src/production/cp-deployment/multi-zone.md index bca2b780e..e475bdee5 100644 --- a/app/_src/production/cp-deployment/multi-zone.md +++ b/app/_src/production/cp-deployment/multi-zone.md @@ -419,7 +419,7 @@ curl http://echo-server:1010 Requests are distributed round robin between zones. You can use [locality-aware load balancing](/docs/{{ page.version }}/policies/locality-aware) to keep requests in the same zone. -To send a request to any zone, you can {% if_version lte:2.1.x %}[use the generated `kuma.io/service`](/docs/{{ page.version }}/explore/dpp-on-kubernetes#tag-generation){% endif_version %}{% if_version gte:2.2.x %}[use the generated `kuma.io/service`](/docs/{{ page.version }}/production/dp-config/dpp-on-kubernetes/#tag-generation){% endif_version %} and [{{site.mesh_product_name}} DNS](/docs/{{ page.version }}/networking/dns#dns): +To send a request to any zone, you can {% if_version lte:2.1.x %}[use the generated `kuma.io/service`](/docs/{{ page.version }}/explore/dpp-on-kubernetes#tag-generation){% endif_version %}{% if_version gte:2.2.x %}[use the generated `kuma.io/service`](/docs/{{ page.version }}/production/dp-config/dpp-on-kubernetes/#tag-generation){% endif_version %} and [{{site.mesh_product_name}} DNS](/docs/{{ page.version }}/networking/dns): ```sh curl http://echo-server_echo-example_svc_1010.mesh:80 diff --git a/app/_src/production/cp-deployment/stand-alone.md b/app/_src/production/cp-deployment/stand-alone.md index 96fd05c0b..e4ef7c181 100644 --- a/app/_src/production/cp-deployment/stand-alone.md +++ b/app/_src/production/cp-deployment/stand-alone.md @@ -27,7 +27,7 @@ kuma-cp run **With zone egress**: -`ZoneEgress` works for Universal deployment as well. In order to deploy `ZoneEgress` for Universal deployment {% if_version lte:2.1.x %}[follow the instruction](/docs/{{ page.version }}/explore/zoneegress#zone-egress){% endif_version %}{% if_version gte:2.2.x %}[follow the instruction](/docs/{{ page.version }}/production/cp-deployment/zoneegress/#zone-egress){% endif_version %}. +`ZoneEgress` works for Universal deployment as well. In order to deploy `ZoneEgress` for Universal deployment {% if_version lte:2.1.x %}[follow the instruction](/docs/{{ page.version }}/explore/zoneegress){% endif_version %}{% if_version gte:2.2.x %}[follow the instruction](/docs/{{ page.version }}/production/cp-deployment/zoneegress){% endif_version %}. {% endtab %} {% endtabs %} diff --git a/app/_src/production/dp-config/dpp.md b/app/_src/production/dp-config/dpp.md index 88fa225aa..bc83a57c0 100644 --- a/app/_src/production/dp-config/dpp.md +++ b/app/_src/production/dp-config/dpp.md @@ -65,8 +65,6 @@ A `Dataplane` entity must be present for each DPP. `Dataplane` entities are mana - Kubernetes: The control plane {% if_version lte:2.1.x %}[**automatically generates**](/docs/{{ page.version }}/explore/dpp-on-kubernetes){% endif_version %}{% if_version gte:2.2.x %}[**automatically generates**](/docs/{{ page.version }}/production/dp-config/dpp-on-kubernetes/){% endif_version %} the `Dataplane` entity. - Universal: The {% if_version lte:2.1.x %}[**user defines**](/docs/{{ page.version}}/explore/dpp-on-universal){% endif_version %}{% if_version gte:2.2.x %}[**user defines**](/docs/{{ page.version}}/production/dp-config/dpp-on-universal/){% endif_version %} the `Dataplane` entity. -For more details check the [dataplane specification](/docs/{{ page.version }}/generated/resources/proxy_dataplane): - ## Dynamic configuration of the data plane proxy When the DPP runs: @@ -85,3 +83,7 @@ The control plane uses policies and `Dataplane` entities to generate the DPP con When we start a data-plane via `kuma-dp` we expect all the inbound and outbound service traffic to go through it. The inbound and outbound ports are defined in the dataplane specification when running in universal mode, while on Kubernetes the service-to-service traffic always runs on port `15001`. In addition to the service traffic ports, the data-plane automatically also opens the `envoy` [administration interface](https://www.envoyproxy.io/docs/envoy/latest/operations/admin) listener on the `127.0.0.1:9901`. + +## Schema + +{% json_schema Dataplane type=proto %} diff --git a/app/_src/production/index.md b/app/_src/production/index.md index 1c68803bc..428fc22ad 100644 --- a/app/_src/production/index.md +++ b/app/_src/production/index.md @@ -14,7 +14,7 @@ Deploying {{site.mesh_product_name}} to a production environment involves the fo 1. [Install `kumactl`](#kumactl). 1. [Deploy the control plane](#control-plane-and-data-plane-architecture). 1. [Configure the data plane](#control-plane-and-data-plane-architecture). -1. [Configure security features for {{site.mesh_product_name}}](#kuma-security). +1. [Configure security features for {{site.mesh_product_name}}](#security). ### Deployment topologies @@ -47,7 +47,7 @@ Once `kumactl` is installed, you can use it to configure the control plane and d You can either configure a [multi-zone](/docs/{{ page.version }}/production/cp-deployment/multi-zone/) or [standalone](/docs/{{ page.version }}/production/cp-deployment/stand-alone/) control plane, depending on your organization's needs. You can deploy either a [Kubernetes](/docs/{{ page.version }}/production/dp-config/dpp-on-kubernetes/) or [Universal](/docs/{{ page.version }}/production/dp-config/dpp-on-universal/) data plane. -### {{site.mesh_product_name}} security +### Security {{site.mesh_product_name}} offers many security features that you can use to ensure your service mesh is safe. diff --git a/app/docs/2.0.x/policies/general-notes-about-kuma-policies.md b/app/docs/2.0.x/policies/general-notes-about-kuma-policies.md index 7da7cf35d..1089a0507 100644 --- a/app/docs/2.0.x/policies/general-notes-about-kuma-policies.md +++ b/app/docs/2.0.x/policies/general-notes-about-kuma-policies.md @@ -4,7 +4,7 @@ title: General notes about Kuma policies {% tip %} This only applies to source/destination policies. -If you are unfamiliar with these, checkout [introduction to policies](../introduction). +If you are unfamiliar with these, checkout [introduction to policies](/docs/{{ page.version }}/policies/introduction). {% endtip %} Policies applied to data plane proxies all follow the same basic structure: diff --git a/app/docs/2.0.x/policies/how-kuma-chooses-the-right-policy-to-apply.md b/app/docs/2.0.x/policies/how-kuma-chooses-the-right-policy-to-apply.md index 4f76f828f..db5895d2f 100644 --- a/app/docs/2.0.x/policies/how-kuma-chooses-the-right-policy-to-apply.md +++ b/app/docs/2.0.x/policies/how-kuma-chooses-the-right-policy-to-apply.md @@ -4,7 +4,7 @@ title: How Kuma chooses the right policy to apply {% tip %} This only applies to source/destination policies. -If you are unfamiliar with these, checkout [introduction to policies](../introduction). +If you are unfamiliar with these, checkout [introduction to policies](/docs/{{ page.version }}/policies/introduction). {% endtip %} At any single moment, there might be multiple policies (of the same type) that match a connection between `sources` and `destinations` `Dataplane`s. diff --git a/app/docs/2.0.x/policies/introduction.md b/app/docs/2.0.x/policies/introduction.md index 33bcfdc8e..998972809 100644 --- a/app/docs/2.0.x/policies/introduction.md +++ b/app/docs/2.0.x/policies/introduction.md @@ -3,29 +3,32 @@ title: Policies --- {% tip %} -**Need help?** Installing and using {{site.mesh_product_name}} should be as easy as possible. [Contact and chat](/community) with the community in real-time if you get stuck or need clarifications. We are here to help. +**Need help?** Installing and using {{site.mesh_product_name}} should be as easy as +possible. [Contact and chat](/community) with the community in real-time if you get stuck or need clarifications. We are +here to help. {% endtip %} Here you can find the list of Policies that {{site.mesh_product_name}} supports. -Going forward from version 2.0, {{site.mesh_product_name}} is transitioning from [source/destination policies](../general-notes-about-kuma-policies) to [`targetRef` policies](../targetref). +Going forward from version 2.0, {{site.mesh_product_name}} is transitioning from [source/destination policies](/docs/{{ page.version }}/policies/general-notes-about-kuma-policies) to [`targetRef` policies](/docs/{{ page.version }}/policies/targetref). The following table shows the equivalence between source/destination and `targetRef` policies: -| source/destination policy | `targetRef` policy | -|----------------------------------------------|---------------------------------------------------| -| [CircuitBreaker](../circuit-breaker) | N/A | -| [FaultInjection](../fault-injection) | N/A | -| [HealthCheck](../health-check) | N/A | -| [RateLimit](../rate-limit) | N/A | -| [Retry](../retry) | N/A | -| [Timeout](../timeout) | N/A | -| [TrafficLog](../traffic-log) | [MeshAccessLog](../meshaccesslog) | -| [TrafficMetrics](../traffic-metrics) | N/A | -| [TrafficPermissions](../traffic-permissions) | [MeshTrafficPermission](../meshtrafficpermission) | -| [TrafficRoute](../traffic-route) | N/A | -| [TrafficTrace](../traffic-trace) | [MeshTrace](../meshtrace) | +| source/destination policy | `targetRef` policy | +|-----------------------------------------------------------------------------|----------------------------------------------------------------------------------| +| [CircuitBreaker](/docs/{{ page.version }}/policies/circuit-breaker) | N/A | +| [FaultInjection](/docs/{{ page.version }}/policies/fault-injection) | N/A | +| [HealthCheck](/docs/{{ page.version }}/policies/health-check) | N/A | +| [RateLimit](/docs/{{ page.version }}/policies/rate-limit) | N/A | +| [Retry](/docs/{{ page.version }}/policies/retry) | N/A | +| [Timeout](/docs/{{ page.version }}/policies/timeout) | N/A | +| [TrafficLog](/docs/{{ page.version }}/policies/traffic-log) | [MeshAccessLog](/docs/{{ page.version }}/policies/meshaccesslog) | +| [TrafficMetrics](/docs/{{ page.version }}/policies/traffic-metrics) | N/A | +| [TrafficPermissions](/docs/{{ page.version }}/policies/traffic-permissions) | [MeshTrafficPermission](/docs/{{ page.version }}/policies/meshtrafficpermission) | +| [TrafficRoute](/docs/{{ page.version }}/policies/traffic-route) | N/A | +| [TrafficTrace](/docs/{{ page.version }}/policies/traffic-trace) | [MeshTrace](/docs/{{ page.version }}/policies/meshtrace) | {% warning %} -`targetRef` policies are still beta and it is therefore not supported to mix source/destination and targetRef policies together. +`targetRef` policies are still beta and it is therefore not supported to mix source/destination and targetRef policies +together. {% endwarning %} diff --git a/app/docs/2.0.x/policies/meshaccesslog.md b/app/docs/2.0.x/policies/meshaccesslog.md index 84207cb71..b58f9d3b6 100644 --- a/app/docs/2.0.x/policies/meshaccesslog.md +++ b/app/docs/2.0.x/policies/meshaccesslog.md @@ -279,7 +279,7 @@ spec: path: /tmp/access.log ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} @@ -348,7 +348,7 @@ spec: plain: '[%START_TIME%]' ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} @@ -413,7 +413,7 @@ spec: path: /tmp/access.log ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} diff --git a/app/docs/2.0.x/policies/meshtrace.md b/app/docs/2.0.x/policies/meshtrace.md index 16da3c495..099eb7731 100644 --- a/app/docs/2.0.x/policies/meshtrace.md +++ b/app/docs/2.0.x/policies/meshtrace.md @@ -4,13 +4,13 @@ title: MeshTrace (beta) {% warning %} This policy uses new policy matching algorithm and is in beta state, -it should not be mixed with [TrafficTrace](../traffic-trace). +it should not be mixed with [TrafficTrace](/docs/{{ page.version }}/policies/traffic-trace). {% endwarning %} This policy enables publishing traces to a third party tracing solution. Tracing is supported over HTTP, HTTP2, and gRPC protocols. -You must [explicitly specify the protocol](../protocol-support-in-kuma) for each service and data plane proxy you want to enable tracing for. +You must [explicitly specify the protocol](/docs/{{ page.version }}/policies/protocol-support-in-kuma) for each service and data plane proxy you want to enable tracing for. {{site.mesh_product_name}} currently supports the following trace exposition formats: @@ -226,7 +226,7 @@ spec: client: 40 ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} @@ -234,7 +234,7 @@ Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../. ### Datadog {% tip %} -This assumes a Datadog agent is configured and running. If you haven't already check the [Datadog observability page](../../explore/observability#configuring-datadog). +This assumes a Datadog agent is configured and running. If you haven't already check the [Datadog observability page](/docs/{{ page.version }}/explore/observability#configuring-datadog). {% endtip %} {% tabs meshtrace-datadog useUrlFragment=false %} @@ -341,7 +341,7 @@ spec: client: 40 ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} diff --git a/app/docs/2.0.x/policies/meshtrafficpermission.md b/app/docs/2.0.x/policies/meshtrafficpermission.md index 6b59a1995..05f3238ec 100644 --- a/app/docs/2.0.x/policies/meshtrafficpermission.md +++ b/app/docs/2.0.x/policies/meshtrafficpermission.md @@ -4,7 +4,7 @@ title: MeshTrafficPermission (beta) {% warning %} This policy uses new policy matching algorithm and is in beta state, -it should not be mixed with [TrafficPermission](../traffic-permissions). +it should not be mixed with [TrafficPermission](/docs/{{ page.version }}/policies/traffic-permissions). {% endwarning %} ## TargetRef support matrix @@ -224,7 +224,7 @@ spec: default: # 5 action: DENY ``` -Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](../../reference/http-api). +Apply the configuration with `kumactl apply -f [..]` or with the [HTTP API](/docs/{{ page.version }}/reference/http-api). {% endtab %} {% endtabs %} diff --git a/jekyll-kuma-plugins/lib/jekyll/kuma-plugins/liquid/tags/embed.rb b/jekyll-kuma-plugins/lib/jekyll/kuma-plugins/liquid/tags/embed.rb index 4c1976cfb..909f994d9 100644 --- a/jekyll-kuma-plugins/lib/jekyll/kuma-plugins/liquid/tags/embed.rb +++ b/jekyll-kuma-plugins/lib/jekyll/kuma-plugins/liquid/tags/embed.rb @@ -16,13 +16,16 @@ def initialize(tag_name, markup, options) def render(context) base_path = context.registers[:site].config.fetch('mesh_raw_generated_path', 'app/docs') + ignored_links = context.registers[:site].config.fetch('mesh_ignored_links_regex', []) release = context.registers[:page]['release'] path = File.join(base_path, @versioned ? release : '', @file) - File.read(path) rescue begin + data = File.read(path) rescue begin Jekyll.logger.warn("Failed reading raw file", path) return end + ignored_links.each {|re| data = data.gsub(Regexp.new(re), '') } + return data end end end