From 797843c960f82a1974e2c3b632f0d45e5de9d6fe Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Mon, 1 Jan 2024 21:59:27 +0100
Subject: [PATCH] chore(docs): Add image descriptions in the manual

---
 docs/src/concepts/ingress-termination.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/src/concepts/ingress-termination.md b/docs/src/concepts/ingress-termination.md
index 36b033cde..b96c04fab 100644
--- a/docs/src/concepts/ingress-termination.md
+++ b/docs/src/concepts/ingress-termination.md
@@ -12,7 +12,7 @@ The solution most elegant solution found was to reroute traffic on TCP level. Al
 
 A request for the same website looks like this:
 
-![](images/ingress-termination-rewrite.excalidraw.png)
+![Image of the traffic flow for external and internal users. For internal users, the traffic is redirected directly on the unifi dream machine to the Kubernetes cluster. For external users, they reach the VPS before the traffic is forwarded over VPN to the Unifi Dream Machine and then the traffic is forwarded to the Kubernetes cluster.](images/ingress-termination-rewrite.excalidraw.png)
 
 In both cases the connections are terminated on the Kubernetes Cluster. The external user reaches the VPS and is then rerouted over VPN. The local user is rerouted before the connection reaches the internet, resulting in keeping all traffic locally.
 
@@ -24,4 +24,4 @@ On the VPS, the TCP connection is handled by an HAProxy instance that speaks pro
 
 On the Unifi Dream Machine it's a simple iptables rule, which redirects the traffic. In order to also use proxy-protocol with the ingress service, it's actually redirected to an HAProxy running in the Kubernetes cluster besides the ingress-nginx. This is mainly due to the limitation in ingress-nginx that doesn't allow mixed proxy-protocol and non-proxy-protocol ports without using custom config templates.
 
-![](images/ingress-termination-proxy-protocol.excalidraw.png)
\ No newline at end of file
+![Image of the flow of traffic for internal and external users within the cluster. For internal users, the traffic without proxy-protocol hits the haproxy-proxy-protocol Service in the Kubernetes cluster, which forwards it to the haproxy Pod. That Pod then sends the traffic, now with proxy-protocol, to the ingress-nginx-controller Service, which forwards it to the ingress-nginx-controller Pod. For external users, the traffic is directly routed to the ingress-nginx-conroller Service, since it's already with proxy-protocol. It's then also forwarded to the ingress-nginx-controller Pod.](images/ingress-termination-proxy-protocol.excalidraw.png)
\ No newline at end of file
-- 
GitLab