Our instructions ask users to issue the following two commands to set GATEWAY_URL:

$ kubectl get ingress -o wide
NAME      HOSTS     ADDRESS                 PORTS     AGE
gateway   *         130.211.10.121          80        1d
$ export GATEWAY_URL=130.211.10.121:80

However, when running on GKE, I see something like:

$ kubectl get ingress -o wide
NAME      HOSTS     ADDRESS                                                                       PORTS     AGE
gateway   *         104.198.111.254,35.185.199.167,35.185.202.147,35.185.204.199,35.185.219.195   80        17m

Setting the GATEWAY_URL to any of the addresses listed (with port 80) fails, as follows:

$ curl -o /dev/null -s -w "%{http_code}\n" http://$GATEWAY_URL/productpage
000

If I do the following, however, it works:

$ kubectl get svc istio-ingress -o wide
NAME            CLUSTER-IP      EXTERNAL-IP     PORT(S)        AGE       SELECTOR
istio-ingress   10.75.243.197   35.185.192.82   80:30872/TCP   37m       istio=ingress
$ export GATEWAY_URL=35.185.192.82:80
$ curl -o /dev/null -s -w "%{http_code}\n" http://$GATEWAY_URL/productpage
200

Bad link: https://kubernetes.io/docs/api-reference/v1/definitions/#_v1_podtemplatespec

Flags for the various commands are not documented

Targets for get and delete are not documented.

See - istio/istio#199 (comment)

It would probably be sensible to document as part of the installation.

The current instructions are too difficult. They expect the user to know the grafana-svc-external-IP. They expect the user to understand how to change the Service from type LoadBalancer to type NodePort and under what circumstances that is needed. They expect the user to know how to run kubectl proxy and how to edit Grafana's Istio-dashboard.

jsonpath fails when i run this -
export GATEWAY_URL=$(kubectl get po -l istio=ingress -o jsonpath={.items[0].status.hostIP}):$(kubectl get svc istio-ingress -o jsonpath={.spec.ports[0].nodePort})

is this istio=ingress correct?

This is the concept doc
https://docs.google.com/document/d/1SzoKl048g0q7tMI5kC3SKvabmm5HUby6N9cxG6Uqd6U/edit

Please help to add to this page, Netowrk and Auth section.
https://istio.io/docs/concepts/

Thanks

When the screen is narrow, the footer collapses into a stack of section titles. There's no visual indication that these are now drop down menus and the mouse pointer is an i-beam when hovering over these instead of a pointer.

CUJ breakdown: installation; enabling &auth; routing & policy changes

• We should support specifying whether a section entry should default to expanded or collapsed in the left nav.

• The color scheme for the tooltip for the Edit this Page button doesn't match the rest of the site very well.

• The magnifying glass next to the search box probably should highlight orange upon hovering. It could probably also use a tooltip.

• The Copy button on PRE sections is rendered inconsistenty. For example, on this page https://istio.io/docs/tasks/integrating-services-into-istio.html it is not as tall as on other pages.

• We should consider adopting the left-nav tab design from amalgam8.io. The left nav can be displayed or hidden, making more room available for the document content.

• We should consider implementing the TOC as a pull down menu at the top of the page. This would look visually cleaner overall.

There are too many if-else in the documents, which require too much thinking from first- time users.

Restructure into 3 user journeys and create 3 workflows:

• want to try istio (no auth or complicated things), with the book info to show features
• want to understand how it works and try some advanced features but I am not committed - with a simpler echo server with which people are familiar
• production level workflow with advanced features

This requires re-introducing something similar to the echo app for the second workflow.

NB: Blog posts go into the _posts directory of the istio.github.io repo

The layout of the landing page is way too tall. It takes a fair bit of scrolling to see all the major features of the product. Someone in a hurry wouldn't even notice it doesn't more than L7 load balancing. We need to reorganize the landing page to bring key info above the fold.

Running through a fresh install, attempting to recreate the sample app. Get the following:

$ kubectl apply -f <(istioctl kube-inject -f bookinfo.yaml)
Error: manager address environment variable is not set, please set ISTIO_MANAGER_ADDRESS to the location and port of you Istio manager
error: no objects passed to apply

1. We need to add the setting of environment variables to the Task
2. The error message should read "port of your Istio manager" (instead of "port of you Istio manager").

I have created a PR for this:
#73

Many of our docs' <code> sections are commands we expect the user to copy from the page and paste into their terminal. It'd be nice if we had a small "copy code section to clipboard" button on all of our <code> sections. Similar to GitHub's "Clone or download" dialogue:

   kubectl get svc istio-ingress -o jsonpath={.spec.ports[0].nodePort}

listed in https://istio.io/docs/samples/bookinfo.html

I added an example of steps to get the istio binary for the downloadable binary release in
6cfbaa2
but it'd be nice that example auto updates to $RELEASE_VERSION or some equivalent in jekyll

We should pour content into WIkipedia. K8s has a nice page, we should have ours too.

https://istio.io/docs/tasks/ingress.html

https://istio.io/docs/tasks/ingress.html#configuring-secure-ingress-https

I keep getting error

source ../../../istio.VERSION

on various tasks such as https://github.com/istio/istio/blob/master/demos/apps/httpbin/README.md

If this step is required consider adding to all samples.

@costinm let's work on getting the appropriate info into the FAQ.

There are three outstanding tasks around Istio's use of Google's Custom Search Engine:

• We need to register our search engine as being for a non-profit. This will let us remove ads from the returned search results.

• We need to enable search engine analytics so we can understand what people are looking for on the Istio site.

• We need to configure the search engine with various options such as auto-complete text, which improves the end-user's experience.

I've added you (Varun) as an admin of the search engine. Visit google.com/cse for the control panel.

We need the site to be usable on mobile devices. Shrinking down the browser width doesn't currently produce good outcomes. We need to choose whether we want to target iPads, iPad-mini, and/or phones. Basically we need to revisit where breakpoints in CSS are and whether responsive design pieces in Bootstrap were left out.

The right column index on many pages overlaps the main body content. This is particular bad if the web browser isn't maximum on a large screen. The example below is half-screen width on 15" MBP (other half is terminal to run exercises) with a reasonably small font.

https://istio.io/docs/reference/contribute/style-guide.html.

Reading through https://istio.io/docs/tasks/egress.html doc, it doesn't mention anywhere what I’m configuring external services such as httpbin.org.

Is it mandatory (i.e. does envoy/istio block me from accessing external services?) or is it because of some limitation (e.g. proxy can't intercept tls traffic) or is it just good practice.

I think this needs clear explanation.

The current frontpage in istio.io has 4 placeholder titles/descriptions for routing, resilience, policies and monitoring. These need to be filled in properly, with pointers to appropriate docs.

Refer to the staged site (http://istio-staging.surge.sh/):

1. When you scroll the home page, the old banner image becomes visible

2. The downward pointing arrow should be blue to match the overall color scheme

3. When you hover over the button, it switches to teal (should we change it to a different shade of blue?)

#67 adds auto-generated reference documentation for the istioctl tool. The contents of the manually written doc here should be merged back into istio.io/manager/cmd/istioctl/*.go to be included in auto-generation.

The right-nav is broken on the blog page, and only displays an empty box right above the footer. See https://istio.io/blog

https://istio.io/docs/tasks/integrating-services-into-istio.html is missing cleanup instructions.

Consider adding:

kubectl delete -f apps.yaml

The top nav bar in the Docs section is slightly smaller than in other sections. The height should be consistent for the whole web site.

Merge scripts for auto-generating command line markdown. This will also consolidate the istioctl docs into a single markdown file.

$ ls -1 ./scripts/auto-generate-*
./scripts/auto-generate-istioctl.sh
./scripts/auto-generate-mixer-cli.sh

I have created documentation for a retry task. It is very similar to the fault injection task in structure. However, to get it to demonstrate a successful recovery using retry I had to create a custom image.

The reason I created a custom image was to have a repeatable sequence of HTTP failures followed by success so that I could show HTTP retries leading to success. With my custom server I can demonstrate the same URL returning 500, then another 500, then a 200, like this:

docker run -d -p 127.0.0.1:8080:8080 toxique
$ curl -i localhost:8080/hostname?codes=500,500,200
HTTP/1.1 500 Internal Server Error
92a8f2ebe4e7
$ curl -i localhost:8080/hostname?codes=500,500,200
HTTP/1.1 500 Internal Server Error
92a8f2ebe4e7
$ curl -i localhost:8080/hostname?codes=500,500,200
HTTP/1.1 200 OK
92a8f2ebe4e7

I am not sure if the Istio project wants this code (it's 100 lines of Go) and what I need to do to contribute it. Without a server that can return failure then success on the same URL I can still document the steps to adding HTTP retries with Istio but I can't demonstrate to the user that Istio is correctly performing the retries.

We'd like to change a couple in the lefthand nav bar:

• Instead of the > to indicate the selected page, we'd like to use something more like http://linkerd.io, which is a subtle highlight bar through the whole name.

• The title of a section (Home, Concepts, Tasks, Tutorials, Reference) is not currently selectable. We'd like to make these titles selectable and have them bring you to the entry page to the section, just like if you clicked on the link of the same name in the top nav bar.

• We'd like the title of a section to be highlighted when the entry page of the section is displayed.

See the screenshot below:

• if I'm using NodePort, it provides me a handy script
• if I'm using external IP, it tells me to copy paste.

Why is there such a difference? I believe the latter can be achieved with a handy inline script too.

https://istio.io/docs/samples/bookinfo.html

export GATEWAY_URL=$(kubectl get po -l istio=ingress -o jsonpath={.items[0].status.hostIP}):$(kubectl get svc istio-ingress -o jsonpath={.spec.ports[0].nodePort})

this commands work on Bash but errors out on ZSH:

zsh: no matches found: jsonpath={.items[0].status.hostIP}
zsh: no matches found: jsonpath={.spec.ports[0].nodePort}

Mixed Content: The page at 'https://istio.io/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://istio.io/js/jquery.collapsible.js?_=1491483091322'. This request has been blocked; the content must be served over HTTPS.

Trademarks (kubernetes, mess) should be consistently capitalized. Cloud Foundry is, I believe, two words. I saw inconsistency in docs/concepts/model.md.

Need to fill in the FAQ page on the web site.

https://istio.io/docs/tasks/installing-istio.html

All the commands here have an extra preceding space character.

This is causing my shell to not to record commands to the history after executing them.

https://istio.io/docs/tasks/ingress.html#configuring-secure-ingress-https

Steps followed:

• installed httpbin sample, it worked
• applied Configuring ingress (HTTP), worked
• applied Configuring secure ingress

Now curl http://$INGRESS_URL/headers works but curl -k https://$INGRESS_URL/html is giving timeout on curl:

$ kubectl describe ingress

Name:			istio-ingress
Namespace:		default
Address:		35.185.252.35
Default backend:	default-http-backend:80 (10.4.3.2:8080)
Rules:
  Host	Path	Backends
  ----	----	--------
  *
    	/headers 	httpbin:8000 (<none>)
    	/delay/.* 	httpbin:8000 (<none>)
Annotations:
Events:	<none>

----------------------------------------------------
Name:			secured-ingress
Namespace:		default
Address:		35.185.252.35
Default backend:	default-http-backend:80 (10.4.3.2:8080)
TLS:
  ingress-secret terminates
Rules:
  Host	Path	Backends
  ----	----	--------
  *
    	/html 	httpbin:8000 (<none>)
Annotations:
Events:	<none>

My output has istio-egress. It's missing from the docs output.

➜  kubernetes git:(master) kg svc
NAME            CLUSTER-IP     EXTERNAL-IP      PORT(S)                       AGE
istio-egress    10.3.245.113   <none>           80/TCP                        6m
istio-ingress   10.3.241.55    104.199.102.48   80:30945/TCP                  6m
istio-manager   10.3.243.12    <none>           8080/TCP,8081/TCP             6m
istio-mixer     10.3.252.130   <none>           9091/TCP,9094/TCP,42422/TCP   6m

See istio/old_pilot_repo#635

# per doc:
ldemailly-macbookpro:bookinfo ldemailly$  kubectl get ingress 
NAME      HOSTS     ADDRESS            PORTS     AGE
gateway   *         104.196.224.1...   80        41m
# should be:
ldemailly-macbookpro:bookinfo ldemailly$  kubectl get ingress -o wide
NAME      HOSTS     ADDRESS                                         PORTS     AGE
gateway   *         104.196.224.151,35.185.193.212,35.185.196.158   80        41m