doc: Dynamic iptables configuration

[draychev]

This GitHub issue is for fleshing out the OSM documentation around OSM's dynamic iptables configuration:

• Document how OSM Controller constructs dynamically iptables configuration for new pods joining the mesh, for the init container -- save the doc in ./docs/wip/iptables.md (exact location is TBD - wip short term)

  • Documentation on this topic exists - we need to augment it if we need to and ensure it is till up to date for v0.8
  • How do we create additional rules? Are there CLI options?
  • Once a port has been opened via an iptable rule can it be changed? How?
  • Is AKS with AAD a good example for this feature? osm install does not work on AKS with integrated AAD osm#1670
  • Does this / Can this affect Dapr?
  • What are sample iptable configurations with and without the CLI option?

• Create a small demo with sample apps and SMI showing how this feature works

• List Common Issues

• Create Troubleshooting Guide

• Automate Troubleshooting Guide in pkg/troubleshooter (create appropriate functions) - alternatively create a GitHub Issue with the stub of the function that could be eventually created within pkg/troubleshooter package to automatically troubleshoot this feature.

[shashankram]

@draychev, I have documented iptables at https://docs.openservicemesh.io/docs/tasks_usage/traffic_management/iptables_redirection/ and the corresponding TSG at https://docs.openservicemesh.io/docs/troubleshooting/traffic/iptables_redirection/

Assigning this issue to you for further review.

[zr-msft]

@draychev @phillipgibson this issue needs a demo to be completed

[shashankram]

@draychev @phillipgibson this issue needs a demo to be completed

This is already documented: https://docs.openservicemesh.io/docs/tasks_usage/traffic_management/iptables_redirection/#sample-demo

[zr-msft]

thank you @shashankram, closing this issue