Opa blog post

[antonioberben]

Description

This PR adds a blog post about how to use OPA with Istio and the benefits of both.

Adding co-author to the loop: @charlieegan3

Reviewers

• Ambient
• Docs
• Installation
• Networking
• Performance and Scalability
• Extensions and Telemetry
• Security
• Test and Release
• User Experience
• Developer Infrastructure
• Localization/Translation

[istio-testing]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[istio-policy-bot]

😊 Welcome! This is either your first contribution to the Istio documentation repo, or
it's been a while since you've been here. A few things you should know:

• You can learn about how we write and maintain documentation, our style guidelines,
  and the available web site features by visiting Contributing to the Docs.

• In the next few minutes, an automatic preview of your change will be built with
  a full copy of the istio.io website. You can find this preview by clicking on
  the Details link next to the deploy/netlify entry in the status section of this
  page.

• We care about quality, so we've put in place a number of checks to ensure our documentation
  is top-notch. We do spell checking, sanitize the Markdown, ensure all hyperlinks point to a
  valid location, and more. If your PR doesn't pass one of these checks, you'll see a red X in the
  lint_istio.io entry in the status section. Click on the Details link to get a list of the
  problems with your PR. Fix those problems and push an update; this will automatically re-run the
  tests. Hopefully this time everything will be perfect!

• Once your changes are accepted and merged into the repository, they will initially show up
  on https://preliminary.istio.io. The changes will be published to https://istio.io
  the next time we do a major release (which typically happens every 3 months or so).
  To publish them sooner, add a cherrypick/release-x.xx label, where x.xx is the current
  release of Istio.

Thanks for contributing!

Courtesy of your friendly welcome wagon.

[antonioberben]

/retest

[craigbox]

Thanks for the submission, @antonioberben!

Some thoughts before diving into a full edit:

• For content that is timeless and more "how to do something", you probably want to write it as a documentation guide rather than a blog post. This would make a good integration guide with a blog post to announce the publication of it.
• I think you need to better level-set as to what a "platform" is: we talk about platform teams and platforms as if we all agree on what they are, which I suspect we do not
• I feel the "how it works" section needs to come before "try it out", so we know what we're trying
• you say a cluster with Istio installed is a pre-requisite, and then you tell people how to install Istio with iop.yaml which isn't obviously provided
• Likewise, opa.yaml needs to be provided. For a blog post or guide, we'd normally expect these files to be inline with an explanation of what they contain

Let me know how you'd like to proceed and I can either help get this into shape for a doc page or a revised blog post.

[linsun]

Hi @antonioberben Nice blog - does this instruction work with ambient as well?

[antonioberben]

Hi @linsun , it does not work in ambient. I could not make it work with it

[craigbox]

I've suggested to Antonio that we get this one into a Google doc for review there. The current setup won't work as a blog post, because it relies on files that people don't have. We can rework all the content into the doc or the blog as appropriate.

[craigbox]

It helps to read posts out loud as you review them. In this one, you say "platform" seven times! I found it a bit hard to parse.