deploy: 526f381

dadrus · May 6, 2024 · 3e6b727 · 3e6b727
1 parent 50fb249
commit 3e6b727
Show file tree

Hide file tree

Showing 17 changed files with 95 additions and 28 deletions.
diff --git a/dev/guides/authz/index.html b/dev/guides/authz/index.html
diff --git a/dev/guides/authz/opa/index.html b/dev/guides/authz/opa/index.html
diff --git a/dev/guides/authz/openfga/index.html b/dev/guides/authz/openfga/index.html
diff --git a/dev/guides/index.html b/dev/guides/index.html
diff --git a/dev/guides/proxies/contour/index.html b/dev/guides/proxies/contour/index.html
diff --git a/dev/guides/proxies/emissary/index.html b/dev/guides/proxies/emissary/index.html
diff --git a/dev/guides/proxies/envoy/index.html b/dev/guides/proxies/envoy/index.html
diff --git a/dev/guides/proxies/envoy_gateway/index.html b/dev/guides/proxies/envoy_gateway/index.html
diff --git a/dev/guides/proxies/envoy_gateway/index.xml b/dev/guides/proxies/envoy_gateway/index.xml
@@ -0,0 +1 @@
+<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Envoy Gateway Integration on Heimdall</title><link>https://dadrus.github.io/guides/proxies/envoy_gateway/</link><description>Recent content in Envoy Gateway Integration on Heimdall</description><generator>Hugo -- gohugo.io</generator><language>en-us</language><lastBuildDate>Thu, 02 May 2024 13:02:43 +0200</lastBuildDate><atom:link href="https://dadrus.github.io/guides/proxies/envoy_gateway/index.xml" rel="self" type="application/rss+xml"/></channel></rss>
diff --git a/dev/guides/proxies/haproxy/index.html b/dev/guides/proxies/haproxy/index.html
diff --git a/dev/guides/proxies/index.html b/dev/guides/proxies/index.html
diff --git a/dev/guides/proxies/index.xml b/dev/guides/proxies/index.xml
@@ -1,7 +1,12 @@
 <?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>API Gateways &amp; Proxies on Heimdall</title><link>https://dadrus.github.io/guides/proxies/</link><description>Recent content in API Gateways &amp; Proxies on Heimdall</description><generator>Hugo -- gohugo.io</generator><language>en-us</language><lastBuildDate>Thu, 07 Mar 2024 13:47:39 +0200</lastBuildDate><atom:link href="https://dadrus.github.io/guides/proxies/index.xml" rel="self" type="application/rss+xml"/><item><title>Contour Integration</title><link>https://dadrus.github.io/guides/proxies/contour/</link><pubDate>Wed, 02 Aug 2023 17:10:52 +0200</pubDate><guid>https://dadrus.github.io/guides/proxies/contour/</guid><description>Contour is an ingress controller for Kubernetes, implementing a control plane for Envoy edge and a service proxy.
 Prerequisites Integration with Contour requires heimdall being operated in Decision Operation Mode exposing Envoy’s external authorization GRPC protocol.
 Being security first ingress controller, Contour enforces TLS for communication between Envoy and any external authorization service. For that reason, heimdall must be configured with an appropriate key material and certificate. Same is actually also true for the http route definition of the actual upstream service.</description></item><item><title>Emissary Ingress Integration</title><link>https://dadrus.github.io/guides/proxies/emissary/</link><pubDate>Mon, 21 Aug 2023 15:23:41 +0200</pubDate><guid>https://dadrus.github.io/guides/proxies/emissary/</guid><description>Emissary-Ingress is an Envoy-powered open source, high performance ingress controller and API Gateway for Kubernetes from Ambassador Labs. Integration happens by letting Emissary-Ingress delegating authentication and authorization to heimdall. If heimdall answers with a 2XX code, the ingress controller will grant access and forwards the original request to the upstream service. Otherwise, the response from heimdall is returned to the client.
-Prerequisites Integration with Emissary-Ingress requires heimdall being operated in Decision Operation Mode.</description></item><item><title>Envoy Integration</title><link>https://dadrus.github.io/guides/proxies/envoy/</link><pubDate>Sun, 18 Dec 2022 00:13:59 +0200</pubDate><guid>https://dadrus.github.io/guides/proxies/envoy/</guid><description>Envoy is a high performance distributed proxy designed for single services and applications, as well as a communication bus and “universal data plane” designed for large microservice “service mesh” architectures.
+Prerequisites Integration with Emissary-Ingress requires heimdall being operated in Decision Operation Mode.</description></item><item><title>Envoy Gateway Integration</title><link>https://dadrus.github.io/guides/proxies/envoy_gateway/</link><pubDate>Thu, 02 May 2024 13:02:43 +0200</pubDate><guid>https://dadrus.github.io/guides/proxies/envoy_gateway/</guid><description>Envoy Gateway is an open source project for managing Envoy Proxy as a Kubernetes-based application gateway by making use of the Gateway API resources.
+Prerequisites A kubernetes cluster
+Deployed Envoy Gateway (See here for installation options)
+Deployed GatewayClass resource that matches Envoy Gateway’s configured controllerName (typically gateway.envoyproxy.io/gatewayclass-controller), as well as a deployed Gateway resource.
+heimdall installed and operated in Decision Operation Mode.
+Integration Options Technically, the integration happens the same way as with Envoy itself by making use of the External Authorization filter, and can be done in two ways:</description></item><item><title>Envoy Integration</title><link>https://dadrus.github.io/guides/proxies/envoy/</link><pubDate>Sun, 18 Dec 2022 00:13:59 +0200</pubDate><guid>https://dadrus.github.io/guides/proxies/envoy/</guid><description>Envoy is a high performance distributed proxy designed for single services and applications, as well as a communication bus and “universal data plane” designed for large microservice “service mesh” architectures.
 Prerequisites Integration with Envoy proxy requires heimdall being operated in Decision Operation Mode.
 Integration Options Envoy makes integration with external authorization services, like heimdall possible via an External Authorization filter in two ways
 either via HTTP

diff --git a/dev/guides/proxies/nginx/index.html b/dev/guides/proxies/nginx/index.html
diff --git a/dev/guides/proxies/traefik/index.html b/dev/guides/proxies/traefik/index.html
diff --git a/dev/index.json b/dev/index.json
diff --git a/dev/index.xml b/dev/index.xml
@@ -14,7 +14,12 @@ Prerequisites Integration with Contour requires heimdall being operated in Decis
 Being security first ingress controller, Contour enforces TLS for communication between Envoy and any external authorization service. For that reason, heimdall must be configured with an appropriate key material and certificate. Same is actually also true for the http route definition of the actual upstream service.</description></item><item><title>Pipelines</title><link>https://dadrus.github.io/docs/concepts/pipelines/</link><pubDate>Tue, 29 Nov 2022 22:29:36 +0200</pubDate><guid>https://dadrus.github.io/docs/concepts/pipelines/</guid><description>Overview Pipelines are specified in rules and are used to authenticate and authorize the particular requests, as well as to handle encountered errors.
 As described in the Discover heimdall chapter and also shown in the diagram below, central aspects of heimdall are upstream specific pipelines, which allow you orchestrating different services to authenticate, enrich and authorize incoming HTTP requests, transform the resulting subject information into a format, or obtain credentials required for the communication with the particular upstream services.</description></item><item><title>Emissary Ingress Integration</title><link>https://dadrus.github.io/guides/proxies/emissary/</link><pubDate>Mon, 21 Aug 2023 15:23:41 +0200</pubDate><guid>https://dadrus.github.io/guides/proxies/emissary/</guid><description>Emissary-Ingress is an Envoy-powered open source, high performance ingress controller and API Gateway for Kubernetes from Ambassador Labs. Integration happens by letting Emissary-Ingress delegating authentication and authorization to heimdall. If heimdall answers with a 2XX code, the ingress controller will grant access and forwards the original request to the upstream service. Otherwise, the response from heimdall is returned to the client.
 Prerequisites Integration with Emissary-Ingress requires heimdall being operated in Decision Operation Mode.</description></item><item><title>Mechanisms</title><link>https://dadrus.github.io/docs/concepts/mechanisms/</link><pubDate>Tue, 29 Nov 2022 22:31:36 +0200</pubDate><guid>https://dadrus.github.io/docs/concepts/mechanisms/</guid><description>Mechanism Categories All supported mechanisms fall into the following five categories, each implementing different mechanisms types (addressing different protocols or scenarios):
-Authenticators, which inspect HTTP requests for presence of authentication objects, like e.g. the presence of a specific cookie. If such objects exist, authenticators verify the related authentication status and obtain information about the corresponding subject. A subject, could be a user who tries to use particular functionality of the upstream service, a machine (if you have machine-2-machine interaction), or something different.</description></item><item><title>Envoy Integration</title><link>https://dadrus.github.io/guides/proxies/envoy/</link><pubDate>Sun, 18 Dec 2022 00:13:59 +0200</pubDate><guid>https://dadrus.github.io/guides/proxies/envoy/</guid><description>Envoy is a high performance distributed proxy designed for single services and applications, as well as a communication bus and “universal data plane” designed for large microservice “service mesh” architectures.
+Authenticators, which inspect HTTP requests for presence of authentication objects, like e.g. the presence of a specific cookie. If such objects exist, authenticators verify the related authentication status and obtain information about the corresponding subject. A subject, could be a user who tries to use particular functionality of the upstream service, a machine (if you have machine-2-machine interaction), or something different.</description></item><item><title>Envoy Gateway Integration</title><link>https://dadrus.github.io/guides/proxies/envoy_gateway/</link><pubDate>Thu, 02 May 2024 13:02:43 +0200</pubDate><guid>https://dadrus.github.io/guides/proxies/envoy_gateway/</guid><description>Envoy Gateway is an open source project for managing Envoy Proxy as a Kubernetes-based application gateway by making use of the Gateway API resources.
+Prerequisites A kubernetes cluster
+Deployed Envoy Gateway (See here for installation options)
+Deployed GatewayClass resource that matches Envoy Gateway’s configured controllerName (typically gateway.envoyproxy.io/gatewayclass-controller), as well as a deployed Gateway resource.
+heimdall installed and operated in Decision Operation Mode.
+Integration Options Technically, the integration happens the same way as with Envoy itself by making use of the External Authorization filter, and can be done in two ways:</description></item><item><title>Envoy Integration</title><link>https://dadrus.github.io/guides/proxies/envoy/</link><pubDate>Sun, 18 Dec 2022 00:13:59 +0200</pubDate><guid>https://dadrus.github.io/guides/proxies/envoy/</guid><description>Envoy is a high performance distributed proxy designed for single services and applications, as well as a communication bus and “universal data plane” designed for large microservice “service mesh” architectures.
 Prerequisites Integration with Envoy proxy requires heimdall being operated in Decision Operation Mode.
 Integration Options Envoy makes integration with external authorization services, like heimdall possible via an External Authorization filter in two ways
 either via HTTP