Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs(tproxy): restructure and expand transparent proxy documentation #2064

Open
wants to merge 55 commits into
base: master
Choose a base branch
from
Open

docs(tproxy): restructure and expand transparent proxy documentation #2064

Show file tree
Hide file tree
Changes from 8 commits
Commits
Show all changes
55 commits
Select commit Hold shift + click to select a range
f899c7c
docs(tproxy): restructure and expand transparent proxy documentation
bartsmykla Nov 5, 2024
f7ec37b
feat(guide): add excluding traffic from transparent proxy guide
bartsmykla Nov 5, 2024
fbfcf4b
chore: make sure that links to tproxy docs are now correct for >= 2.9.x
bartsmykla Nov 5, 2024
2134e45
chore: add comments for legacy tproxy docs that these files are legacy
bartsmykla Nov 5, 2024
f30537b
chore: make vale happy
bartsmykla Nov 5, 2024
a6e0d7a
chore: make vale happy
bartsmykla Nov 5, 2024
7edba32
chore: make vale happy #2
bartsmykla Nov 5, 2024
62672e2
chore: add missing `inline:true` to if_versions + fix one more link
bartsmykla Nov 5, 2024
cb52e14
chore: address first part of review comments
bartsmykla Nov 5, 2024
e1ff19b
chore: make vale happy again
bartsmykla Nov 5, 2024
d603cf6
chore: improve one benefit item
bartsmykla Nov 5, 2024
dccb7fd
chore: add one more subsection for Universal tproxy docs
bartsmykla Nov 5, 2024
06391d2
chore: add links to sections in sidebar and remove "method-#" prefixes
bartsmykla Nov 5, 2024
40672b7
address some of the review comments
bartsmykla Nov 5, 2024
a32985d
chore: make vale happy and change VirtualOutbount to MeshService+
bartsmykla Nov 5, 2024
5850b72
chore: small content fixes
bartsmykla Nov 5, 2024
d55b488
simplify the docs
bartsmykla Nov 5, 2024
e2390c9
add sublinks to tproxy config reference
bartsmykla Nov 5, 2024
2ad4a32
fix broken links
bartsmykla Nov 5, 2024
a907c8c
Merge remote-tracking branch 'upstream/master' into feat/transparent-…
bartsmykla Nov 5, 2024
ae2c4c8
fix another broken link
bartsmykla Nov 5, 2024
7aa7e73
Merge remote-tracking branch 'upstream/master' into feat/transparent-…
bartsmykla Nov 6, 2024
08729d1
chore: small improvements
bartsmykla Nov 6, 2024
807311e
Merge remote-tracking branch 'upstream/master' into feat/transparent-…
bartsmykla Nov 6, 2024
441b3a6
address review remarks
bartsmykla Nov 7, 2024
8c3d882
address review remarks
bartsmykla Nov 7, 2024
e760cc4
another round of review
bartsmykla Nov 7, 2024
6e2dde7
add warning to annotations reference
bartsmykla Nov 7, 2024
54cb5bb
Merge remote-tracking branch 'upstream/master' into feat/transparent-…
bartsmykla Nov 7, 2024
089970d
move one section from tproxy/k8s to kuma-cp configuration page
bartsmykla Nov 7, 2024
b352680
Merge remote-tracking branch 'upstream/master' into feat/transparent-…
bartsmykla Nov 7, 2024
e826981
Merge remote-tracking branch 'upstream/master' into feat/transparent-…
bartsmykla Nov 7, 2024
81d711b
Merge remote-tracking branch 'upstream/master' into feat/transparent-…
bartsmykla Nov 8, 2024
b482610
small fixes after merge
bartsmykla Nov 8, 2024
9802254
remove unnecessary vale comment
bartsmykla Nov 8, 2024
8f5561c
Merge remote-tracking branch 'upstream/master' into feat/transparent-…
bartsmykla Nov 8, 2024
dd4c818
Merge remote-tracking branch 'upstream' into feat/transparent-proxy-d…
bartsmykla Nov 12, 2024
385400a
work in progress of moving installing tproxy to guide
bartsmykla Nov 12, 2024
7823edc
fix broken link for reachable backends
bartsmykla Nov 12, 2024
29bbc25
fix broken links
bartsmykla Nov 12, 2024
11453da
Merge remote-tracking branch 'upstream' into feat/transparent-proxy-d…
bartsmykla Nov 18, 2024
cc039bf
fix order of vale's accept.txt file
bartsmykla Nov 19, 2024
b8ceef5
next temporary iteration of new quickstart guide for tproxy installing
bartsmykla Nov 21, 2024
15d8be8
Merge remote-tracking branch 'upstream' into feat/transparent-proxy-d…
bartsmykla Nov 21, 2024
a2cf2b9
another temporary commit with work on new quick guide
bartsmykla Nov 25, 2024
0bd37fc
Merge remote-tracking branch 'upstream' into feat/transparent-proxy-d…
bartsmykla Nov 25, 2024
c3ee3e7
add missing step + add margin-top for last steps
bartsmykla Nov 26, 2024
f026a47
Merge remote-tracking branch 'upstream' into feat/transparent-proxy-d…
bartsmykla Nov 26, 2024
2dc8e57
add missing step + add margin-top for last steps
bartsmykla Nov 26, 2024
cfc50e8
modify docker-demo to use kuma-counter-demo v2
bartsmykla Nov 29, 2024
b5beb58
Merge remote-tracking branch 'upstream' into feat/transparent-proxy-d…
bartsmykla Nov 29, 2024
6360bfb
replace localhost with 127.0.0.1
bartsmykla Nov 29, 2024
af271e7
remove installation steps from transparent proxy universal docs
bartsmykla Nov 29, 2024
63277ec
make vale happy
bartsmykla Nov 29, 2024
fb9b9b1
Merge remote-tracking branch 'upstream' into feat/transparent-proxy-d…
bartsmykla Dec 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 7 additions & 2 deletions .github/styles/config/vocabularies/Base/accept.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -149,7 +149,7 @@ subcommand
subgraph
subproject
sudo
Syslog
[sS]yslog
target[Rr]ef
tbl
tcpdump
Expand All @@ -173,8 +173,13 @@ Vuejs
websockets?
wireframes?
workspace
yaml
yaml|YAML
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm off the opinion of being opiniated and when both are accepted only tolerate one.

yml
[xX]DS|xds
Zipkin
zsh
xtables
netfilter
UIDs?
use_original_dst
orin
2 changes: 1 addition & 1 deletion app/_assets/entrypoints/application.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,5 +39,5 @@ document.addEventListener('DOMContentLoaded', (event) => {
placement: 'left',
icon: '#'
});
anchors.add('.doc h1, .doc h2, .doc h3, .doc h4, .doc h5, .doc h6');
anchors.add('.doc h1:not(.no-anchor), .doc h2:not(.no-anchor), .doc h3:not(.no-anchor), .doc h4:not(.no-anchor), .doc h5:not(.no-anchor), .doc h6:not(.no-anchor)');
});
32 changes: 27 additions & 5 deletions app/_data/docs_nav_kuma_2.9.x.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,10 +102,11 @@ items:
url: /production/dp-config/dpp-on-universal/
- text: Configure the Kuma CNI
url: /production/dp-config/cni/
- text: Configure transparent proxying
url: /production/dp-config/transparent-proxying/
- text: IPv6 support
url: /production/dp-config/ipv6/
- text: Transparent Proxy
url: /networking/transparent-proxy/introduction
generate: false
- title: Secure your deployment
group: true
items:
Expand Down Expand Up @@ -273,8 +274,25 @@ items:
url: "/networking/meshexternalservice/#configuration"
- text: Examples
url: "/networking/meshexternalservice/#examples"
- text: Transparent Proxying
url: /networking/transparent-proxying/
- title: Transparent Proxy
group: true
items:
- text: Introduction
url: /networking/transparent-proxy/introduction/
- text: Technical Overview
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd put this page last (it's actually not useful to most)

url: /networking/transparent-proxy/technical-overview/
- text: Installing on Universal
url: /networking/transparent-proxy/installing-on-universal/
- text: Configuration on Kubernetes
url: /networking/transparent-proxy/configuration-on-kubernetes/
- text: Configuration on Universal
url: /networking/transparent-proxy/configuration-on-universal/
- text: Upgrading on Universal
url: /networking/transparent-proxy/upgrading-on-universal/
- text: Reachable Services
url: /networking/transparent-proxy/reachable-services/
- text: Reachable Backends
url: /networking/transparent-proxy/reachable-backends/
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should passthrough and DNS be moved here?

- title: Policies
group: true
items:
Expand Down Expand Up @@ -499,10 +517,12 @@ items:
url: /guides/otel-metrics/
- text: Migration to the new policies
url: /guides/migration-to-the-new-policies/
- text: Progressively rolling in strict MTLS
- text: Progressively rolling in strict mTLS
url: /guides/progressively-rolling-in-strict-mtls/
- text: Producer and consumer policies
url: /guides/consumer-producer-policies
- text: Excluding Traffic From Transparent Proxy
url: /guides/excluding-traffic-from-transparent-proxy-redirection/
- title: Reference
group: true
items:
Expand All @@ -516,6 +536,8 @@ items:
url: /reference/kuma-cp
- text: Envoy proxy template
url: /reference/proxy-template/
- text: Transparent Proxy Configuration
url: /reference/transparent-proxy-configuration/
- title: Community
group: true
items:
Expand Down
32 changes: 27 additions & 5 deletions app/_data/docs_nav_kuma_dev.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,10 +102,11 @@ items:
url: /production/dp-config/dpp-on-universal/
- text: Configure the Kuma CNI
url: /production/dp-config/cni/
- text: Configure transparent proxying
url: /production/dp-config/transparent-proxying/
- text: IPv6 support
url: /production/dp-config/ipv6/
- text: Transparent Proxy
url: /networking/transparent-proxy/introduction
generate: false
- title: Secure your deployment
group: true
items:
Expand Down Expand Up @@ -273,8 +274,25 @@ items:
url: "/networking/meshexternalservice/#configuration"
- text: Examples
url: "/networking/meshexternalservice/#examples"
- text: Transparent Proxying
url: /networking/transparent-proxying/
- title: Transparent Proxy
group: true
items:
- text: Introduction
url: /networking/transparent-proxy/introduction/
- text: Technical Overview
url: /networking/transparent-proxy/technical-overview/
- text: Installing on Universal
url: /networking/transparent-proxy/installing-on-universal/
- text: Configuration on Kubernetes
url: /networking/transparent-proxy/configuration-on-kubernetes/
- text: Configuration on Universal
url: /networking/transparent-proxy/configuration-on-universal/
- text: Upgrading on Universal
url: /networking/transparent-proxy/upgrading-on-universal/
- text: Reachable Services
url: /networking/transparent-proxy/reachable-services/
- text: Reachable Backends
url: /networking/transparent-proxy/reachable-backends/
- title: Policies
group: true
items:
Expand Down Expand Up @@ -499,10 +517,12 @@ items:
url: /guides/otel-metrics/
- text: Migration to the new policies
url: /guides/migration-to-the-new-policies/
- text: Progressively rolling in strict MTLS
- text: Progressively rolling in strict mTLS
url: /guides/progressively-rolling-in-strict-mtls/
- text: Producer and consumer policies
url: /guides/consumer-producer-policies
- text: Excluding Traffic From Transparent Proxy
url: /guides/excluding-traffic-from-transparent-proxy-redirection/
- title: Reference
group: true
items:
Expand All @@ -516,6 +536,8 @@ items:
url: /reference/kuma-cp
- text: Envoy proxy template
url: /reference/proxy-template/
- text: Transparent Proxy Configuration
url: /reference/transparent-proxy-configuration/
- title: Community
group: true
items:
Expand Down
57 changes: 57 additions & 0 deletions app/_data/tproxy.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
config:
redirect:
inbound:
excludePorts: &excludePortsInbound
path: redirect.inbound.excludePorts
flag: --exclude-inbound-ports
env: KUMA_TRANSPARENT_PROXY_REDIRECT_INBOUND_EXCLUDE_PORTS
runtime:
path: runtime.kubernetes.injector.sidecarTraffic.excludeInboundPorts
env: KUMA_RUNTIME_KUBERNETES_SIDECAR_TRAFFIC_EXCLUDE_INBOUND_PORTS
excludePortsForIPs: &excludePortsForIPsInbound
path: redirect.inbound.excludePortsForIPs
flag: --exclude-inbound-ips
env: KUMA_TRANSPARENT_PROXY_REDIRECT_INBOUND_EXCLUDE_PORTS_FOR_IPS
runtime:
path: runtime.kubernetes.injector.sidecarTraffic.excludeInboundIPs
env: KUMA_RUNTIME_KUBERNETES_SIDECAR_TRAFFIC_EXCLUDE_INBOUND_IPS
outbound:
excludePorts: &excludePortsOutbound
path: redirect.outbound.excludePorts
flag: --exclude-outbound-ports
env: KUMA_TRANSPARENT_PROXY_REDIRECT_OUTBOUND_EXCLUDE_PORTS
runtime:
path: runtime.kubernetes.injector.sidecarTraffic.excludeOutboundPorts
env: KUMA_RUNTIME_KUBERNETES_SIDECAR_TRAFFIC_EXCLUDE_OUTBOUND_PORTS
excludePortsForIPs: &excludePortsForIPsOutbound
path: redirect.outbound.excludePortsForIPs
flag: --exclude-outbound-ips
env: KUMA_TRANSPARENT_PROXY_REDIRECT_OUTBOUND_EXCLUDE_PORTS_FOR_IPS
runtime:
path: runtime.kubernetes.injector.sidecarTraffic.excludeOutboundIPs
env: KUMA_RUNTIME_KUBERNETES_SIDECAR_TRAFFIC_EXCLUDE_OUTBOUND_IPS

defaults:
redirect:
inbound:
port: 15006
outbound:
port: 15001
dns:
port: 15053
kuma-dp:
username: kuma-dp
uid: 5678
resolv:
conf:
path: /etc/resolv.conf

data:
guides:
exclude-traffic:
excludePorts:
- *excludePortsInbound
- *excludePortsOutbound
excludeIPs:
- *excludePortsForIPsInbound
- *excludePortsForIPsOutbound
71 changes: 71 additions & 0 deletions app/_includes/snippets/tproxy/conf-field-table.html.liquid
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
{%- assign values = include.values | split: "," -%}
{%- capture snippet-tproxy-field-table -%}
<table>
<tbody>
<tr>
<td><strong>Type</strong></td>
<td><code>{{ include.type }}</code></td>
</tr>
{% if include.default %}
<tr>
<td><strong>Default Value</strong></td>
<td><code>{{ include.default }}</code></td>
</tr>
{% endif %}
{% if include.values %}
<tr>
<td><strong>Values</strong></td>
<td>
{% for value in values %}
{% if forloop.length > 0 %}
<code>{{ value }}</code>{% unless forloop.last %}, {% endunless %}
{% endif %}
{% endfor %}
</td>
</tr>
{% endif %}
{% if include.format %}
<tr>
<td><strong>Format</strong></td>
<td><code>{{ include.format }}</code></td>
</tr>
{% endif %}
{% if include.flag %}
<tr>
<td><strong>CLI Flag</strong></td>
<td><code>{{ include.flag }}</code></td>
</tr>
{% endif %}
{% if_version gte:2.9.x %}
{% if include.env %}
<tr>
<td><strong>Environment Variable</strong></td>
<td><code>KUMA_TRANSPARENT_PROXY_{{ include.env }}</code></td>
</tr>
{% endif %}
{% endif_version %}
{% if include.annotation %}
<tr>
<td><strong>Kubernetes Annotation</strong></td>
<td><code>{{ include.annotation }}</code></td>
</tr>
{% endif %}
{% if include.runtime %}
<tr>
<td colspan="2"><strong>Control Plane Runtime Configuration</strong></td>
</tr>
<tr>
<td><strong>Field</strong></td>
<td><code>runtime.kubernetes.injector.{{ include.runtime }}</code></td>
</tr>
{% if include.runtimeEnv %}
<tr>
<td><strong>Environment Variable</strong></td>
<td><code>KUMA_RUNTIME_KUBERNETES_INJECTOR_{{ include.runtimeEnv }}</code></td>
</tr>
{% endif %}
{% endif %}
</tbody>
</table>
{%- endcapture -%}
{{ snippet-tproxy-field-table | normalize_whitespace }}
48 changes: 48 additions & 0 deletions app/_includes/snippets/tproxy/guide-excluding-traffic-other-options-k8s.html.liquid
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
<h3 class="no-anchor">Other configuration options</h3>

<table>
<thead>
<tr>
<th colspan="2" style="text-align: left">
<a href="/docs/{{ page.version }}/networking/transparent-proxy/configuration-on-kubernetes/#method-2-configuration-in-configmap">
<strong>Configuration in ConfigMap</strong>
</a>
</th>
</tr>
<tr>
<th style="text-align: left">Field</th>
<th style="text-align: left">Environment Variable</th>
</tr>
</thead>
<tbody>
{% for field in include.data %}
<tr>
<td><code>{{ field.path }}</code></td>
<td><code>{{ field.env }}</code></td>
</tr>
{% endfor %}
</tbody>
</table>
<table>
<thead>
<tr>
<th colspan="3" style="text-align: left">
<a href="/docs/{{ page.version }}/networking/transparent-proxy/configuration-on-kubernetes/#method-1-control-plane-runtime-configuration">
<strong>Control Plane Runtime Configuration</strong>
</a>
</th>
</tr>
<tr>
<th style="text-align: left">Field</th>
<th style="text-align: left">Environment Variable</th>
</tr>
</thead>
<tbody>
{% for field in include.data %}
<tr>
<td><code>{{ field.runtime.path }}</code></td>
<td><code>{{ field.runtime.env }}</code></td>
</tr>
{% endfor %}
</tbody>
</table>
Loading
Loading