From 9704c7013123dfdee3f2167a3d36ad9afdb4fa42 Mon Sep 17 00:00:00 2001 From: jmanthei Date: Thu, 2 Oct 2025 19:47:42 -0500 Subject: [PATCH] OSDOCS-16026 4 category restructure topic map fix --- _topic_maps/_topic_map.yml | 14 +-- _topic_maps/_topic_map_osd.yml | 14 +-- _topic_maps/_topic_map_rosa.yml | 14 +-- _topic_maps/_topic_map_rosa_hcp.yml | 14 +-- .../route-based-deployment-strategies.adoc | 4 +- ...n-metrics-using-developer-perspective.adoc | 2 +- ...ud-experts-aws-load-balancer-operator.adoc | 2 +- ...ts-getting-started-openshift-concepts.adoc | 2 +- modules/nw-creating-a-route.adoc | 23 ++--- ...lications-using-developer-perspective.adoc | 2 +- .../routes/creating-advanced-routes.adoc | 29 ++++++ .../routes/creating-basic-routes.adoc | 23 +++++ .../routes/nw-configuring-routes.adoc | 40 +++++++++ .../routes/route-configuration.adoc | 90 ------------------- .../routes/securing-routes.adoc | 22 +++++ .../aws-load-balancer-operator.adoc | 3 +- ...-load-balancer-operator-release-notes.adoc | 3 +- .../cert-manager-securing-routes.adoc | 5 +- .../service-serving-certificate.adoc | 5 +- service_mesh/v2x/ossm-route-migration.adoc | 2 +- service_mesh/v2x/ossm-traffic-manage.adoc | 2 +- 21 files changed, 181 insertions(+), 134 deletions(-) create mode 100644 networking/ingress_load_balancing/routes/creating-advanced-routes.adoc create mode 100644 networking/ingress_load_balancing/routes/creating-basic-routes.adoc create mode 100644 networking/ingress_load_balancing/routes/nw-configuring-routes.adoc delete mode 100644 networking/ingress_load_balancing/routes/route-configuration.adoc create mode 100644 networking/ingress_load_balancing/routes/securing-routes.adoc diff --git a/_topic_maps/_topic_map.yml b/_topic_maps/_topic_map.yml index a8ed6e4140..34e1b8ab34 100644 --- a/_topic_maps/_topic_map.yml +++ b/_topic_maps/_topic_map.yml @@ -1661,14 +1661,18 @@ Topics: Dir: ingress_load_balancing Distros: openshift-enterprise,openshift-origin Topics: - - Name: Configuring Routes + - Name: Routes Dir: routes Distros: openshift-enterprise,openshift-origin Topics: - - Name: Route configuration - File: route-configuration - - Name: Secured routes - File: secured-routes + - Name: Creating basic routes + File: creating-basic-routes + - Name: Securing routes + File: securing-routes + - Name: Configuring routes + File: nw-configuring-routes + - Name: Creating advanced routes + File: creating-advanced-routes - Name: Configuring ingress cluster traffic Dir: configuring_ingress_cluster_traffic Distros: openshift-enterprise,openshift-origin diff --git a/_topic_maps/_topic_map_osd.yml b/_topic_maps/_topic_map_osd.yml index bea66899bd..72f960517e 100644 --- a/_topic_maps/_topic_map_osd.yml +++ b/_topic_maps/_topic_map_osd.yml @@ -782,13 +782,17 @@ Topics: Dir: ingress_load_balancing Distros: openshift-dedicated Topics: - - Name: Configuring Routes + - Name: Routes Dir: routes Topics: - - Name: Route configuration - File: route-configuration - - Name: Secured routes - File: secured-routes + - Name: Creating basic routes + File: creating-basic-routes + - Name: Securing routes + File: securing-routes + - Name: Configuring Routes + File: nw-configuring-routes + - Name: Creating advanced Routes + File: creating-advanced-routes --- Name: Building applications Dir: applications diff --git a/_topic_maps/_topic_map_rosa.yml b/_topic_maps/_topic_map_rosa.yml index ed60f3432c..1f3d8c9c97 100644 --- a/_topic_maps/_topic_map_rosa.yml +++ b/_topic_maps/_topic_map_rosa.yml @@ -1010,14 +1010,18 @@ Topics: Dir: ingress_load_balancing Distros: openshift-rosa Topics: - - Name: Configuring Routes + - Name: Routes Dir: routes Distros: openshift-rosa Topics: - - Name: Route configuration - File: route-configuration - - Name: Secured routes - File: secured-routes + - Name: Creating basic routes + File: creating-basic-routes + - Name: Securing routes + File: securing-routes + - Name: Configuring Routes + File: nw-configuring-routes + - Name: Creating advanced Routes + File: creating-advanced-routes --- Name: Building applications Dir: applications diff --git a/_topic_maps/_topic_map_rosa_hcp.yml b/_topic_maps/_topic_map_rosa_hcp.yml index 26ea523bdb..b210d0d4ab 100644 --- a/_topic_maps/_topic_map_rosa_hcp.yml +++ b/_topic_maps/_topic_map_rosa_hcp.yml @@ -1059,14 +1059,18 @@ Topics: Dir: ingress_load_balancing Distros: openshift-rosa-hcp Topics: - - Name: Configuring Routes + - Name: Routes Dir: routes Distros: openshift-rosa-hcp Topics: - - Name: Route configuration - File: route-configuration - - Name: Secured routes - File: secured-routes + - Name: Creating basic routes + File: creating-basic-routes + - Name: Securing routes + File: securing-routes + - Name: Configuring Routes + File: nw-configuring-routes + - Name: Creating advanced Routes + File: creating-advanced-routes --- Name: Nodes Dir: nodes diff --git a/applications/deployments/route-based-deployment-strategies.adoc b/applications/deployments/route-based-deployment-strategies.adoc index 60ae7a1a72..90a01d992f 100644 --- a/applications/deployments/route-based-deployment-strategies.adoc +++ b/applications/deployments/route-based-deployment-strategies.adoc @@ -39,11 +39,9 @@ include::modules/deployments-ab-testing.adoc[leveloffset=+1] include::modules/deployments-ab-testing-lb.adoc[leveloffset=+2] -ifndef::openshift-rosa-hcp[] // Remove conditionals when Networking content is in ROSA HCP [role="_additional-resources"] [id="additional-resources_{context}"] == Additional resources -* xref:../../networking/ingress_load_balancing/routes/route-configuration.adoc#nw-route-specific-annotations_route-configuration[Route-specific annotations]. -endif::[] +* xref:../../networking/ingress_load_balancing/routes/nw-configuring-routes.adoc#nw-route-specific-annotations[Route-specific annotations] \ No newline at end of file diff --git a/applications/odc-monitoring-project-and-application-metrics-using-developer-perspective.adoc b/applications/odc-monitoring-project-and-application-metrics-using-developer-perspective.adoc index 8634c24da8..9de6765106 100644 --- a/applications/odc-monitoring-project-and-application-metrics-using-developer-perspective.adoc +++ b/applications/odc-monitoring-project-and-application-metrics-using-developer-perspective.adoc @@ -2,7 +2,7 @@ [id="odc-monitoring-project-and-application-metrics-using-developer-perspective"] = Monitoring project and application metrics using the Developer perspective include::_attributes/common-attributes.adoc[] -:context: monitoring-project-and-application-metrics-using-developer-perspective +:context: odc-monitoring-project-and-application-metrics-using-developer-perspective toc::[] diff --git a/cloud_experts_tutorials/cloud-experts-aws-load-balancer-operator.adoc b/cloud_experts_tutorials/cloud-experts-aws-load-balancer-operator.adoc index 49f1461ea1..7d67f33a6c 100644 --- a/cloud_experts_tutorials/cloud-experts-aws-load-balancer-operator.adoc +++ b/cloud_experts_tutorials/cloud-experts-aws-load-balancer-operator.adoc @@ -22,7 +22,7 @@ include::snippets/mobb-support-statement.adoc[leveloffset=+1] [TIP] ==== -Load Balancers created by the AWS Load Balancer Operator cannot be used for xref:../networking/ingress_load_balancing/routes/route-configuration.adoc#route-configuration[OpenShift Routes], and should only be used for individual services or ingress resources that do not need the full layer 7 capabilities of an OpenShift Route. +Load Balancers created by the AWS Load Balancer Operator cannot be used for xref:../networking/ingress_load_balancing/routes/nw-configuring-routes.adoc#route-configuration[OpenShift Routes], and should only be used for individual services or ingress resources that do not need the full layer 7 capabilities of an OpenShift Route. ==== The link:https://kubernetes-sigs.github.io/aws-load-balancer-controller/[AWS Load Balancer Controller] manages AWS Elastic Load Balancers for a {product-title} cluster. The controller provisions link:https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html[AWS Application Load Balancers (ALB)] when you create Kubernetes Ingress resources and link:https://docs.aws.amazon.com/elasticloadbalancing/latest/network/introduction.html[AWS Network Load Balancers (NLB)] when implementing Kubernetes Service resources with a type of LoadBalancer. diff --git a/cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-openshift-concepts.adoc b/cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-openshift-concepts.adoc index a1c4c61804..aef37277a7 100644 --- a/cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-openshift-concepts.adoc +++ b/cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-openshift-concepts.adoc @@ -127,7 +127,7 @@ An individual route can override some defaults by providing specific configurati [role="_additional-resources"] .Additional resources -* xref:../../networking/ingress_load_balancing/routes/route-configuration.adoc#nw-route-specific-annotations_route-configuration[Route-specific annotations] +* xref:../../networking/ingress_load_balancing/routes/nw-configuring-routes.adoc#nw-route-specific-annotations[Route-specific annotations] [id="cloud-experts-getting-started-openshift-concepts-imagestreams"] == Image streams diff --git a/modules/nw-creating-a-route.adoc b/modules/nw-creating-a-route.adoc index 50b512a15c..0c7bbb3a2e 100644 --- a/modules/nw-creating-a-route.adoc +++ b/modules/nw-creating-a-route.adoc @@ -6,9 +6,11 @@ [id="nw-creating-a-route_{context}"] = Creating an HTTP-based route -Create a route to host your application at a public URL. The route can either be secure or unsecured, depending on the network security configuration of your application. An HTTP-based route is an unsecured route that uses the basic HTTP routing protocol and exposes a service on an unsecured application port. +[role="_abstract"] +You can use the following procedure to create a simple HTTP-based route to a web application, using the `hello-openshift` application as an example. + +You can create a route to host your application at a public URL. The route can either be secure or unsecured, depending on the network security configuration of your application. An HTTP-based route is an unsecured route that uses the basic HTTP routing protocol and exposes a service on an unsecured application port. -The following procedure describes how to create a simple HTTP-based route to a web application, using the `hello-openshift` application as an example. //link:https://github.com/openshift/origin/tree/master/examples/hello-openshift[hello-openshift] .Prerequisites @@ -53,11 +55,10 @@ $ oc expose svc hello-openshift + [source,terminal] ---- -$ oc get routes -o yaml <1> +$ oc get routes -o yaml hello-openshift ---- -<1> In this example, the route is named `hello-openshift`. - -.Sample YAML definition of the created unsecured route ++ +.Example YAML definition of the created unsecured route [source,yaml] ---- apiVersion: route.openshift.io/v1 @@ -65,16 +66,18 @@ kind: Route metadata: name: hello-openshift spec: - host: www.example.com <1> + host: www.example.com port: - targetPort: 8080 <2> + targetPort: 8080 to: kind: Service name: hello-openshift ---- -<1> The `host` field is an alias DNS record that points to the service. This field can be any valid DNS name, such as `www.example.com`. The DNS name must follow DNS952 subdomain conventions. If not specified, a route name is automatically generated. -<2> The `targetPort` field is the target port on pods that is selected by the service that this route points to. ++ +where: +`host`:: Specifies an alias DNS record that points to the service. This field can be any valid DNS name, such as `www.example.com`. The DNS name must follow DNS952 subdomain conventions. If not specified, a route name is automatically generated. +`targetPort`:: Specifies the target port on pods that is selected by the service that this route points to. + [NOTE] ==== diff --git a/modules/odc-deleting-applications-using-developer-perspective.adoc b/modules/odc-deleting-applications-using-developer-perspective.adoc index 164a03aad6..e475ab0676 100644 --- a/modules/odc-deleting-applications-using-developer-perspective.adoc +++ b/modules/odc-deleting-applications-using-developer-perspective.adoc @@ -1,6 +1,6 @@ // Module included in the following assemblies: // -// * applications/odc-deleting-applications.adoc +// odc-deleting-applications.adoc :_mod-docs-content-type: PROCEDURE [id="odc-deleting-applications-using-developer-perspective_{context}"] diff --git a/networking/ingress_load_balancing/routes/creating-advanced-routes.adoc b/networking/ingress_load_balancing/routes/creating-advanced-routes.adoc new file mode 100644 index 0000000000..714e6b6494 --- /dev/null +++ b/networking/ingress_load_balancing/routes/creating-advanced-routes.adoc @@ -0,0 +1,29 @@ +:_mod-docs-content-type: ASSEMBLY +[id="creating-advanced-routes"] += Creating advanced routes +include::_attributes/common-attributes.adoc[] +:context: creating-advanced-routes + +toc::[] + +[role="_abstract"] +You can create secure routes with the ability to use several types of TLS termination to serve certificates to the client. The following sections describe how to create re-encrypt, edge, and passthrough routes with custom certificates. + + +//Creating an edge route with a custom certificate +include::modules/nw-ingress-creating-an-edge-route-with-a-custom-certificate.adoc[leveloffset=+1] + +//Creating a reencrypt route with a custom certificate +include::modules/nw-ingress-creating-a-reencrypt-route-with-a-custom-certificate.adoc[leveloffset=+1] + +//Creating a passthrough route +include::modules/nw-ingress-creating-a-passthrough-route.adoc[leveloffset=+1] + +//Creating a route using the destination CA certificate +include::modules/nw-ingress-reencrypt-route-custom-cert.adoc[leveloffset=+1] + +//Creating a route with externally managed certificates +include::modules/nw-ingress-route-secret-load-external-cert.adoc[leveloffset=+1] + +//Creating an edge route with the default certificate +include::modules/nw-ingress-edge-route-default-certificate.adoc[leveloffset=+1] \ No newline at end of file diff --git a/networking/ingress_load_balancing/routes/creating-basic-routes.adoc b/networking/ingress_load_balancing/routes/creating-basic-routes.adoc new file mode 100644 index 0000000000..977f782927 --- /dev/null +++ b/networking/ingress_load_balancing/routes/creating-basic-routes.adoc @@ -0,0 +1,23 @@ +:_mod-docs-content-type: ASSEMBLY +[id="creating-basic-routes"] += Creating basic routes +include::_attributes/common-attributes.adoc[] +:context: creating-basic-routes + +toc::[] + +[role="_abstract"] +If you have unencrypted HTTP, you can create a basic route with a route object. + +include::modules/nw-creating-a-route.adoc[leveloffset=+1] + +include::modules/nw-path-based-routes.adoc[leveloffset=+1] + +ifndef::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[] +// Creating a route for router sharding +include::modules/nw-ingress-sharding-route-configuration.adoc[leveloffset=+1] + +// Creating a route via an Ingress +include::modules/nw-ingress-creating-a-route-via-an-ingress.adoc[leveloffset=+1] + +endif::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[] \ No newline at end of file diff --git a/networking/ingress_load_balancing/routes/nw-configuring-routes.adoc b/networking/ingress_load_balancing/routes/nw-configuring-routes.adoc new file mode 100644 index 0000000000..e62237e20b --- /dev/null +++ b/networking/ingress_load_balancing/routes/nw-configuring-routes.adoc @@ -0,0 +1,40 @@ +:_mod-docs-content-type: ASSEMBLY +[id="nw-configuring-routes"] += Configuring routes +include::_attributes/common-attributes.adoc[] +:context: configuring-routes + +toc::[] + +[role="_abstract"] +You can use annotations, headers, cookies, and more to customize your route configuration. + +//Configuring route timeouts +include::modules/nw-configuring-route-timeouts.adoc[leveloffset=+1] + +//HTTP header configuration +include::modules/nw-http-header-configuration.adoc[leveloffset=+1] + +//Setting or deleting http headers +include::modules/nw-route-set-or-delete-http-headers.adoc[leveloffset=+1] + +//Using cookies to keep route statefulness +include::modules/nw-using-cookies-keep-route-statefulness.adoc[leveloffset=+1] + +//Annotating a route with a cookie name +include::modules/nw-annotating-a-route-with-a-cookie-name.adoc[leveloffset=+2] + +//Additional annotations (to be separated into modules with more detail at a later date) +include::modules/nw-route-specific-annotations.adoc[leveloffset=+1] + +//Troubleshooting Throughput Issues +include::modules/nw-throughput-troubleshoot.adoc[leveloffset=+1] + +ifndef::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[] +//Route admission policy +include::modules/nw-route-admission-policy.adoc[leveloffset=+1] + +//Configuring dual stack +include::modules/nw-router-configuring-dual-stack.adoc[leveloffset=+1] + +endif::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[] \ No newline at end of file diff --git a/networking/ingress_load_balancing/routes/route-configuration.adoc b/networking/ingress_load_balancing/routes/route-configuration.adoc deleted file mode 100644 index ddc1b79101..0000000000 --- a/networking/ingress_load_balancing/routes/route-configuration.adoc +++ /dev/null @@ -1,90 +0,0 @@ -:_mod-docs-content-type: ASSEMBLY -// Assembly filename:route-configuration.adoc -// Explains route configuration. -[id="route-configuration"] -= Route configuration -include::_attributes/common-attributes.adoc[] -include::_attributes/attributes-openshift-dedicated.adoc[] -:context: route-configuration - -toc::[] - -//Creating an insecure route -include::modules/nw-creating-a-route.adoc[leveloffset=+1] - -ifndef::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[] -// Creating a route for router sharding -include::modules/nw-ingress-sharding-route-configuration.adoc[leveloffset=+1] - -endif::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[] - -//Creating route timeouts -include::modules/nw-configuring-route-timeouts.adoc[leveloffset=+1] - -//HTTP Strict Transport Security -include::modules/nw-enabling-hsts.adoc[leveloffset=+1] - -//Enabling HTTP strict transport security per-route -include::modules/nw-enabling-hsts-per-route.adoc[leveloffset=+2] - -ifndef::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[] -[role="_additional-resources"] -.Additional resources - -xref:../../../networking/networking_operators/ingress-operator.adoc#nw-http2-haproxy_configuring-ingress[Enabling HTTP/2 Ingress connectivity] -endif::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[] - -//Disabling HTTP strict transport security per-route -include::modules/nw-disabling-hsts.adoc[leveloffset=+2] - -ifndef::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[] -//Enforcing HTTP strict transport security per-domain -include::modules/nw-enforcing-hsts-per-domain.adoc[leveloffset=+2] - -//Troubleshooting Throughput Issues -include::modules/nw-throughput-troubleshoot.adoc[leveloffset=+1] - -[role="_additional-resources"] -.Additional resources - -* xref:../../../nodes/edge/nodes-edge-remote-workers.adoc#nodes-edge-remote-workers-latency[Latency spikes or temporary reduction in throughput to remote workers] - -* xref:../../../networking/networking_operators/ingress-operator.adoc#nw-ingress-controller-configuration-parameters_configuring-ingress[Ingress Controller configuration -parameters] -endif::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[] - -//Using cookies to keep route statefulness -include::modules/nw-using-cookies-keep-route-statefulness.adoc[leveloffset=+1] - -include::modules/nw-annotating-a-route-with-a-cookie-name.adoc[leveloffset=+2] - -include::modules/nw-path-based-routes.adoc[leveloffset=+1] - -include::modules/nw-http-header-configuration.adoc[leveloffset=+1] - -include::modules/nw-route-set-or-delete-http-headers.adoc[leveloffset=+1] - -include::modules/nw-route-specific-annotations.adoc[leveloffset=+1] - -ifndef::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[] -include::modules/nw-route-admission-policy.adoc[leveloffset=+1] - -include::modules/nw-ingress-creating-a-route-via-an-ingress.adoc[leveloffset=+1] - -endif::[] - -include::modules/nw-ingress-edge-route-default-certificate.adoc[leveloffset=+1] - -include::modules/nw-ingress-reencrypt-route-custom-cert.adoc[leveloffset=+1] - -ifndef::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[] -include::modules/nw-router-configuring-dual-stack.adoc[leveloffset=+1] - -endif::openshift-rosa,openshift-rosa-hcp,openshift-dedicated[] - -ifdef::openshift-enterprise[] -[role="_additional-resources"] -.Additional resources - -* xref:../../../networking/networking_operators/ingress-operator.adoc#nw-ingress-configuring-application-domain_configuring-ingress[Specifying an alternative cluster domain using the appsDomain option] -endif::openshift-enterprise[] diff --git a/networking/ingress_load_balancing/routes/securing-routes.adoc b/networking/ingress_load_balancing/routes/securing-routes.adoc new file mode 100644 index 0000000000..863d7e98ab --- /dev/null +++ b/networking/ingress_load_balancing/routes/securing-routes.adoc @@ -0,0 +1,22 @@ +:_mod-docs-content-type: ASSEMBLY +[id="securing-routes"] += Securing routes +include::_attributes/common-attributes.adoc[] +:context: securing-routes + +toc::[] + +[role="_abstract"] +You can secure a route with HTTP strict transport security (HSTS). + +//HTTP Strict Transport Security +include::modules/nw-enabling-hsts.adoc[leveloffset=+1] + +//Enabling HTTP strict transport security per-route +include::modules/nw-enabling-hsts-per-route.adoc[leveloffset=+2] + +//Disabling HTTP strict transport security per-route +include::modules/nw-disabling-hsts.adoc[leveloffset=+2] + +//Enforcing HTTP strict transport security per-domain +include::modules/nw-enforcing-hsts-per-domain.adoc[leveloffset=+2] diff --git a/networking/networking_operators/aws-load-balancer-operator.adoc b/networking/networking_operators/aws-load-balancer-operator.adoc index 882d06845e..3f41919341 100644 --- a/networking/networking_operators/aws-load-balancer-operator.adoc +++ b/networking/networking_operators/aws-load-balancer-operator.adoc @@ -6,11 +6,12 @@ include::_attributes/attributes-openshift-dedicated.adoc[] toc::[] +[role="_abstract"] The AWS Load Balancer Operator is an Operator supported by Red{nbsp}Hat that users can optionally install on SRE-managed {product-title} clusters. [IMPORTANT] ==== -Load Balancers created by the AWS Load Balancer Operator cannot be used for xref:../../networking/ingress_load_balancing/routes/route-configuration.adoc#route-configuration[OpenShift Routes], and should only be used for individual services or ingress resources that do not need the full layer 7 capabilities of an OpenShift Route. +Load Balancers created by the AWS Load Balancer Operator cannot be used for xref:../../networking/ingress_load_balancing/routes/creating-basic-routes.adoc#creating-basic-routes[OpenShift Routes], and should only be used for individual services or ingress resources that do not need the full layer 7 capabilities of an OpenShift Route. ==== The link:https://github.com/openshift/aws-load-balancer-operator[AWS Load Balancer Operator] is used to install, manage and configure the link:https://kubernetes-sigs.github.io/aws-load-balancer-controller/[AWS Load Balancer Controller] in a {product-title} cluster. diff --git a/networking/networking_operators/aws_load_balancer_operator/aws-load-balancer-operator-release-notes.adoc b/networking/networking_operators/aws_load_balancer_operator/aws-load-balancer-operator-release-notes.adoc index 855e5b9e10..ca98cb61af 100644 --- a/networking/networking_operators/aws_load_balancer_operator/aws-load-balancer-operator-release-notes.adoc +++ b/networking/networking_operators/aws_load_balancer_operator/aws-load-balancer-operator-release-notes.adoc @@ -2,8 +2,9 @@ :_mod-docs-content-type: ASSEMBLY [id="aws-load-balancer-operator-release-notes"] = AWS Load Balancer Operator release notes -:context: aws-load-balancer-operator-release-notes include::_attributes/common-attributes.adoc[] +:context: aws-load-balancer-operator-release-notes + toc::[] diff --git a/security/cert_manager_operator/cert-manager-securing-routes.adoc b/security/cert_manager_operator/cert-manager-securing-routes.adoc index b9665cf905..8d8389be10 100644 --- a/security/cert_manager_operator/cert-manager-securing-routes.adoc +++ b/security/cert_manager_operator/cert-manager-securing-routes.adoc @@ -6,7 +6,8 @@ include::_attributes/common-attributes.adoc[] toc::[] -In the {product-title}, the route API is extended to provide a configurable option to reference TLS certificates via secrets. With xref:../../networking/ingress_load_balancing/routes/secured-routes.adoc#nw-ingress-route-secret-load-external-cert_secured-routes[externally managed certificates] enabled, you can minimize errors from manual intervention, streamline the certificate management process, and enable the {product-title} router to promptly serve the referenced certificate. +[role="_abstract"] +In the {product-title}, the route API is extended to provide a configurable option to reference TLS certificates via secrets. With xref:../../networking/ingress_load_balancing/routes/creating-advanced-routes.adoc#nw-ingress-route-secret-load-external-cert_secured-routes[externally managed certificates] enabled, you can minimize errors from manual intervention, streamline the certificate management process, and enable the {product-title} router to promptly serve the referenced certificate. include::modules/cert-manager-configuring-routes.adoc[leveloffset=+1] @@ -14,6 +15,6 @@ include::modules/cert-manager-configuring-routes.adoc[leveloffset=+1] [id="additional-resources_{context}"] == Additional resources -* xref:../../networking/ingress_load_balancing/routes/secured-routes.adoc#nw-ingress-route-secret-load-external-cert_secured-routes[Creating a route with externally managed certificate] +* xref:../../networking/ingress_load_balancing/routes/nw-configuring-routes.adoc#nw-ingress-route-secret-load-external-cert_secured-routes[Creating a route with externally managed certificate] * xref:../../security/cert_manager_operator/cert-manager-operator-issuer-acme.adoc#cert-manager-operator-issuer-acme[Configuring an ACME issuer] \ No newline at end of file diff --git a/security/certificates/service-serving-certificate.adoc b/security/certificates/service-serving-certificate.adoc index c8775cb82a..4aa6a80edc 100644 --- a/security/certificates/service-serving-certificate.adoc +++ b/security/certificates/service-serving-certificate.adoc @@ -6,13 +6,16 @@ include::_attributes/common-attributes.adoc[] toc::[] +[role="_abstract"] +Service serving certificates provide automatic TLS encryption for service-to-service communication. Configure certificates for services, ConfigMaps, APIServices, CRDs, and webhooks to secure internal cluster traffic. + include::modules/customize-certificates-understanding-service-serving.adoc[leveloffset=+1] include::modules/customize-certificates-add-service-serving.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* You can use a service certificate to configure a secure route using reencrypt TLS termination. For more information, see xref:../../networking/ingress_load_balancing/routes/secured-routes.adoc#nw-ingress-creating-a-reencrypt-route-with-a-custom-certificate_secured-routes[Creating a re-encrypt route with a custom certificate]. +* You can use a service certificate to configure a secure route using reencrypt TLS termination. For more information, see xref:../../networking/ingress_load_balancing/routes/creating-advanced-routes.adoc#nw-ingress-creating-a-reencrypt-route-with-a-custom-certificate_secured-routes[Creating a re-encrypt route with a custom certificate]. include::modules/customize-certificates-add-service-serving-configmap.adoc[leveloffset=+1] diff --git a/service_mesh/v2x/ossm-route-migration.adoc b/service_mesh/v2x/ossm-route-migration.adoc index 1889def677..97a3fa25c9 100644 --- a/service_mesh/v2x/ossm-route-migration.adoc +++ b/service_mesh/v2x/ossm-route-migration.adoc @@ -14,5 +14,5 @@ include::modules/ossm-migrating-from-ior-to-explicitly-managed-routes.adoc[level [id="additional-resources_{context}"] == Additional resources -* xref:../../networking/ingress_load_balancing/routes/route-configuration.adoc#nw-creating-a-route_route-configuration[Creating an HTTP-based Route] +* xref:../../networking/ingress_load_balancing/routes/creating-basic-routes.adoc#nw-creating-a-route_route-configuration[Creating an HTTP-based Route] * xref:../../service_mesh/v2x/ossm-traffic-manage.adoc#ossm-auto-route_traffic-management[Understanding automatic routes] diff --git a/service_mesh/v2x/ossm-traffic-manage.adoc b/service_mesh/v2x/ossm-traffic-manage.adoc index 8c375a9c29..e8cb9d760d 100644 --- a/service_mesh/v2x/ossm-traffic-manage.adoc +++ b/service_mesh/v2x/ossm-traffic-manage.adoc @@ -57,7 +57,7 @@ include::modules/ossm-auto-route-annotations.adoc[leveloffset=+2] ifdef::openshift-enterprise[] .Additional resources -* xref:../../networking/ingress_load_balancing/routes/route-configuration.adoc#nw-route-specific-annotations_route-configuration[Route-specific annotations]. +* xref:../../networking/ingress_load_balancing/routes/nw-configuring-routes.adoc#nw-route-specific-annotations[Route-specific annotations]. endif::[] include::modules/ossm-auto-route-enable.adoc[leveloffset=+2]