docs: add fixed links to the current version of eg docs (envoyproxy#3819

) * rename v1.0.2 to docs Signed-off-by: Huabing Zhao <[email protected]> * retain v1.0.2 directory to avoid dead links Signed-off-by: Huabing Zhao <[email protected]> * fix link Signed-off-by: Huabing Zhao <[email protected]> * fix link Signed-off-by: Huabing Zhao <[email protected]> * copy v1.0.2 to docs in make file Signed-off-by: Huabing Zhao <[email protected]> * test auto copy Signed-off-by: Huabing Zhao <[email protected]> * test auto copy Signed-off-by: Huabing Zhao <[email protected]> * test auto copy Signed-off-by: Huabing Zhao <[email protected]> * test auto copy Signed-off-by: Huabing Zhao <[email protected]> * test auto copy Signed-off-by: Huabing Zhao <[email protected]> * copy latest version docs to docs directory Signed-off-by: Huabing Zhao <[email protected]> --------- Signed-off-by: Huabing Zhao <[email protected]> Co-authored-by: zirain <[email protected]>
guydc · Jul 22, 2024 · dc0d05c · dc0d05c
1 parent da71af2
commit dc0d05c
Show file tree

Hide file tree

Showing 61 changed files with 14,923 additions and 11 deletions.
diff --git a/site/content/en/docs/_index.md b/site/content/en/docs/_index.md
@@ -0,0 +1,15 @@
++++
+title = "Welcome to Envoy Gateway"
+linktitle = "Documentation"
+description = "Envoy Gateway Documents"
+
+[[cascade]]
+type = "docs"
++++
+
+Envoy Gateway is an open source project for managing [Envoy Proxy](https://www.envoyproxy.io/) as a standalone or Kubernetes-based application
+gateway. [Gateway API](https://gateway-api.sigs.k8s.io/) resources are used to dynamically provision and configure the managed Envoy Proxies.
+
+![architecture](/img/traffic.png)
+
+## Ready to get started?
diff --git a/site/content/en/docs/api/_index.md b/site/content/en/docs/api/_index.md
@@ -0,0 +1,5 @@
+---
+title: "API"
+description: This section includes APIs of Envoy Gateway.
+weight: 80
+---
diff --git a/site/content/en/docs/api/extension_types.md b/site/content/en/docs/api/extension_types.md
diff --git a/site/content/en/docs/install/_index.md b/site/content/en/docs/install/_index.md
@@ -0,0 +1,5 @@
+---
+title: "Installation"
+description: This section includes installation related contents of Envoy Gateway.
+weight: 70
+---
diff --git a/site/content/en/docs/install/api.md b/site/content/en/docs/install/api.md
@@ -0,0 +1,55 @@
++++
+title = "gateway-helm"
++++
+
+
+![Version: v1.0.0](https://img.shields.io/badge/Version-v1.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square)
+
+The Helm chart for Envoy Gateway
+
+**Homepage:** <https://gateway.envoyproxy.io/>
+
+## Maintainers
+
+| Name | Email | Url |
+| ---- | ------ | --- |
+| envoy-gateway-steering-committee |  | <https://github.com/envoyproxy/gateway/blob/main/GOVERNANCE.md> |
+| envoy-gateway-maintainers |  | <https://github.com/envoyproxy/gateway/blob/main/CODEOWNERS> |
+
+## Source Code
+
+* <https://github.com/envoyproxy/gateway>
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| certgen.job.annotations | object | `{}` |  |
+| certgen.job.resources | object | `{}` |  |
+| certgen.job.ttlSecondsAfterFinished | int | `0` |  |
+| certgen.rbac.annotations | object | `{}` |  |
+| certgen.rbac.labels | object | `{}` |  |
+| config.envoyGateway.gateway.controllerName | string | `"gateway.envoyproxy.io/gatewayclass-controller"` |  |
+| config.envoyGateway.logging.level.default | string | `"info"` |  |
+| config.envoyGateway.provider.type | string | `"Kubernetes"` |  |
+| createNamespace | bool | `false` |  |
+| deployment.envoyGateway.image.repository | string | `"${ImageRepository}"` |  |
+| deployment.envoyGateway.image.tag | string | `"${ImageTag}"` |  |
+| deployment.envoyGateway.imagePullPolicy | string | `"Always"` |  |
+| deployment.envoyGateway.imagePullSecrets | list | `[]` |  |
+| deployment.envoyGateway.resources.limits.cpu | string | `"500m"` |  |
+| deployment.envoyGateway.resources.limits.memory | string | `"1024Mi"` |  |
+| deployment.envoyGateway.resources.requests.cpu | string | `"100m"` |  |
+| deployment.envoyGateway.resources.requests.memory | string | `"256Mi"` |  |
+| deployment.pod.affinity | object | `{}` |  |
+| deployment.pod.annotations | object | `{}` |  |
+| deployment.pod.labels | object | `{}` |  |
+| deployment.ports[0].name | string | `"grpc"` |  |
+| deployment.ports[0].port | int | `18000` |  |
+| deployment.ports[0].targetPort | int | `18000` |  |
+| deployment.ports[1].name | string | `"ratelimit"` |  |
+| deployment.ports[1].port | int | `18001` |  |
+| deployment.ports[1].targetPort | int | `18001` |  |
+| deployment.replicas | int | `1` |  |
+| envoyGatewayMetricsService.port | int | `19001` |  |
+| kubernetesClusterDomain | string | `"cluster.local"` |  |
diff --git a/site/content/en/docs/install/custom-cert.md b/site/content/en/docs/install/custom-cert.md
@@ -0,0 +1,146 @@
+---
+title: Control Plane Authentication using custom certs
+weight: -70
+---
+
+Envoy Gateway establishes a secure TLS connection for control plane communication between Envoy Gateway pods and the Envoy Proxy fleet. The TLS Certificates used here are self signed and generated using a job that runs before envoy gateway is created, and these certs and mounted on to the envoy gateway and envoy proxy pods. 
+
+In this guide, we'll walk you through configuring custom certs for control plane auth.
+
+## Before you begin
+
+We use Cert-Manager to manage the certificates. You can install it by following the [official guide](https://cert-manager.io/docs/installation/kubernetes/).
+
+## Configure custom certs for control plane
+
+1. First you need to set up the CA issuer, in this guide, we use the `selfsigned-issuer` as an example.
+
+   *You should not use the self-signed issuer in production, you should use a real CA issuer.*
+
+   ```shell
+   cat <<EOF | kubectl apply -f -
+   apiVersion: cert-manager.io/v1
+   kind: Issuer
+   metadata:
+     labels:
+       app.kubernetes.io/name: envoy-gateway
+     name: selfsigned-issuer
+     namespace: envoy-gateway-system
+   spec:
+     selfSigned: {}
+   ---
+   apiVersion: cert-manager.io/v1
+   kind: Certificate
+   metadata:
+     name: envoy-gateway-ca
+     namespace: envoy-gateway-system
+   spec:
+     isCA: true
+     commonName: envoy-gateway
+     secretName: envoy-gateway-ca
+     privateKey:
+       algorithm: RSA
+       size: 2048
+     issuerRef:
+       name: selfsigned-issuer
+       kind: Issuer
+       group: cert-manager.io
+   ---
+   apiVersion: cert-manager.io/v1
+   kind: Issuer
+   metadata:
+     labels:
+       app.kubernetes.io/name: envoy-gateway
+     name: eg-issuer
+     namespace: envoy-gateway-system
+   spec:
+     ca:
+       secretName: envoy-gateway-ca
+   EOF
+   ```
+
+2. Create a cert for envoy gateway controller, the cert will be stored in secret `envoy-gatewy`.
+
+   ```shell
+   cat<<EOF | kubectl apply -f -
+   apiVersion: cert-manager.io/v1
+   kind: Certificate
+   metadata:
+     labels:
+       app.kubernetes.io/name: envoy-gateway
+     name: envoy-gateway
+     namespace: envoy-gateway-system
+   spec:
+     commonName: envoy-gateway
+     dnsNames:
+     - "envoy-gateway"
+     - "envoy-gateway.envoy-gateway-system"
+     - "envoy-gateway.envoy-gateway-system.svc"
+     - "envoy-gateway.envoy-gateway-system.svc.cluster.local"
+     issuerRef:
+       kind: Issuer
+       name: eg-issuer
+     usages:
+     - "digital signature"
+     - "data encipherment"
+     - "key encipherment"
+     - "content commitment"
+     secretName: envoy-gateway
+   EOF
+   ```
+
+3. Create a cert for envoy proxy, the cert will be stored in secret `envoy`.
+
+   ```shell
+   cat<<EOF | kubectl apply -f -
+   apiVersion: cert-manager.io/v1
+   kind: Certificate
+   metadata:
+     labels:
+       app.kubernetes.io/name: envoy-gateway
+     name: envoy
+     namespace: envoy-gateway-system
+   spec:
+     commonName: "*"
+     dnsNames:
+     - "*.envoy-gateway-system"
+     issuerRef:
+       kind: Issuer
+       name: eg-issuer
+     usages:
+     - "digital signature"
+     - "data encipherment"
+     - "key encipherment"
+     - "content commitment"
+     secretName: envoy
+   EOF
+   ```
+
+4. Create a cert for rate limit, the cert will be stored in secret `envoy-rate-limit`.
+
+   ```shell
+   cat<<EOF | kubectl apply -f -
+   apiVersion: cert-manager.io/v1
+   kind: Certificate
+   metadata:
+     labels:
+       app.kubernetes.io/name: envoy-gateway
+     name: envoy-rate-limit
+     namespace: envoy-gateway-system
+   spec:
+     commonName: "*"
+     dnsNames:
+     - "*.envoy-gateway-system"
+     issuerRef:
+       kind: Issuer
+       name: eg-issuer
+     usages:
+     - "digital signature"
+     - "data encipherment"
+     - "key encipherment"
+     - "content commitment"
+     secretName: envoy-rate-limit
+   EOF
+   ```
+
+5. Now you can follow the helm chart [installation guide](../install-helm) to install envoy gateway with custom certs.
diff --git a/site/content/en/docs/install/install-egctl.md b/site/content/en/docs/install/install-egctl.md
@@ -0,0 +1,72 @@
+---
+title: "Install egctl"
+weight: -80
+---
+
+{{% alert title="What is egctl?" color="primary" %}}
+
+`egctl` is a command line tool to provide additional functionality for Envoy Gateway users.
+
+{{% /alert %}}
+
+
+This task shows how to install the egctl CLI. egctl can be installed either from source, or from pre-built binary releases.
+
+### From The Envoy Gateway Project
+
+The Envoy Gateway project provides two ways to fetch and install egctl. These are the official methods to get egctl releases. Installation through those methods can be found below the official methods.
+
+{{< tabpane text=true >}}
+{{% tab header="From the Binary Releases" %}}
+
+Every [release](https://github.com/envoyproxy/gateway/releases) of egctl provides binary releases for a variety of OSes. These binary versions can be manually downloaded and installed.
+
+1. Download your [desired version](https://github.com/envoyproxy/gateway/releases)
+2. Unpack it (tar -zxvf egctl_latest_linux_amd64.tar.gz)
+3. Find the egctl binary in the unpacked directory, and move it to its desired destination (mv bin/linux/amd64/egctl /usr/local/bin/egctl)
+
+From there, you should be able to run: `egctl help`.
+
+{{% /tab %}}
+{{% tab header="From Script" %}}
+
+`egctl` now has an installer script that will automatically grab the latest release version of egctl and install it locally.
+
+You can fetch that script, and then execute it locally. It's well documented so that you can read through it and understand what it is doing before you run it.
+
+```shell
+curl -fsSL -o get-egctl.sh https://gateway.envoyproxy.io/get-egctl.sh
+
+chmod +x get-egctl.sh
+
+# get help info of the 
+bash get-egctl.sh --help
+
+# install the latest development version of egctl
+bash VERSION=latest get-egctl.sh
+```
+
+Yes, you can just use the below command if you want to live on the edge.
+
+```shell
+curl -fsSL https://gateway.envoyproxy.io/get-egctl.sh | VERSION=latest bash 
+```
+
+{{% /tab %}}
+
+{{% tab header="From Homebrew" %}}
+
+You can also install egctl using homebrew:
+
+```shell
+brew install egctl
+```
+
+{{% /tab %}}
+{{< /tabpane >}}
+
+{{% alert title="Next Steps" color="warning" %}}
+
+You can refer to the [Use egctl task](../tasks/operations/egctl) for more details about egctl.
+
+{{% /alert %}}