...
| Types | Intent APIs | Functionality |
|---|
- intercluster communication
| /v2/project/{project-name}/rb/{rb-name}/{version}/intent/{intent-name}/connectivity/intercluster/ | communication between microservices deployed between two clusters |
| 2. external outbound service communication | /v2/project/{project-name}/rb/{rb-name}/{version}/intent/{intent-name}/connectivity/external/outbound/ | communication from microservice to external service |
| 3. intracluster communication | /v2/project/{project-name}/rb/{rb-name}/{version}/intent/{intent-name}/connectivity/intracluster/ | communication between microservices in the same cluster |
| 4. external inbound service communiation | /v2/project/{project-name}/rb/{rb-name}/{version}/intent/{intent-name}/connectivity/external/inbound/ | API for external service to access the microservices inside the mesh |
| Code Block |
|---|
URL: /v2/projectprojects/{project-name}/rbcomposite-apps/{rbcomposite-app-name}/{rb-version}/traffic-group-intent-sets/
POST BODY:
{
"name": "john",
"description": "Traffic intent groups"
"set":[
{
"interclusterserviceclustertoclusterservice":"abc"
},
{
"externaloutboundaccessinbound":"abc"
},
{
"intraclusterservice":"abc"
},
{
"externalinboundaccess"outbound":"abc"
},
{
"dnsproviders":"abc"
}
]
} |
1.
...
Micro-service communication intents (Inter/Intra) - Edit the intent to have inbound services to a target service than the outbound services - check the API level access! - implement for all APIS!
POST
| Code Block |
|---|
| language | js |
|---|
| theme | Midnight |
|---|
| title | POST |
|---|
| linenumbers | true |
|---|
|
URL: /v2/projectprojects/{project-name}/rbcomposite-apps/{rbcomposite-app-name}/{rb-version}/traffic-group-intent-sets/{trafficset-name}/clusterservice/uservice-to-uservice-intent/
POST BODY:
{
"name": "servicehttpbin" //unique name for each intent
"description": "connectivity intent for microservice replication across multiple locations and clusters"
"inboundservicename": "httpbin01" //actual name of the client service
"description": "bookinfo app",
"protocol": "HTTP",
"externalName": "", // Optional, default = "", This is the prefix used to expose this service outside the cluster, not mandatory for "intercluster" API, But mandatory foe external inbound access
"headless": "false", // default is false. Option "True" will make sure all the instances of the headless service will have access to the client service
"mutualTLS": "MUTUAL", // Support 2 modes. SIMPLE, MUTUAL with external client. For inter and intra cluster, mtls is enabled by default
"port" : "80", // port on which service is exposed as through servicemesh, not the port it is actually running on
"serviceMesh": "istio", // get it from cluster record
"loadbalancing": "true", // optional
"inboundServicecertificateServicecertificate" : {serverCertificate.pem} // Present actual certificate here. Optional, default "", required only if mTLS is set to "MUTUAL"
"inboundServicePrivateKeyServicePrivateKey" : {serverPrivateKey.pem} // Present actual private key here. Required only if mTLS is "MUTUAL"
"accessPoints": ["/health", "/status"] // APIs to be exposed from this inbound service
}
RETURN STATUS: 201
RETURN BODY:
{
"name": "servicehttpbin"
"Message": "Inbound service created"
} |
...
| Code Block |
|---|
| language | js |
|---|
| theme | Midnight |
|---|
| title | GET |
|---|
| linenumbers | true |
|---|
|
URL: /v2/projectprojects/{project-name}/rbcomposite-apps/{rbcomposite-app-name}/{rb-version}/traffic-group-intent-sets/{trafficset-name}/clusterservice/httpbin/uservice-to-uservice-intent/servicehttpbin
RETURN STATUS: 201
RETURN BODY:
{
"name": "servicehttpbin" //unique name for each intent
"description": "connectivity intent for microservice replication across multiple locations and clusters"
"inboundservicename": "httpbin" //actual name of the client service
"description": "bookinfo app",
"protocol": "HTTP",
"externalName": "", // Optional, default = "", This is the prefix used to expose this service outside the cluster, not mandatory for "intercluster" API, But mandatory for external inbound access
"headless": "false", // default is false. Option "True" will make sure all the instances of the headless service will have access to the client service
"mutualTLS": "MUTUAL", // Support 2 modes. SIMPLE, MUTUAL with external client, for inter and intra cluster, mtls is enabled by default
"port" : "80", // port on which service is exposed as through servicemesh, not the port it is actually running on
"serviceMesh": "istio", // get it from cluster record
"loadbalancing": "true", // optional
"inboundServicecertificateServicecertificate" : {serverCertificate.pem} // Present actual certificate here. Optional, default "", required only if mTLS is set to "MUTUAL"
"inboundServicePrivateKeyServicePrivateKey" : {serverPrivateKey.pem} // Present actual private key here. Required only if mTLS is "MUTUAL"
"accessPoints": ["/health", "/status"] // APIs to be exposed from this inbound service
}
|
...
| Code Block |
|---|
| language | js |
|---|
| theme | Midnight |
|---|
| title | DELETE |
|---|
| linenumbers | true |
|---|
|
DELETE
URL: /v2/projectprojects/{project-name}/rbcomposite-apps/{rbcomposite-app-name}/{rb-version}/traffic-group-intent-sets/{trafficset-name}/clusterservice/httpbin/uservice-to-uservice-intent/servicehttpbin
RETURN STATUS: 204
|
POST - with the client details
| Code Block |
|---|
| language | js |
|---|
| theme | Midnight |
|---|
| title | POST |
|---|
| linenumbers | true |
|---|
|
URL: /v2/projectprojects/{project-name}/rbcomposite-apps/{rbcomposite-app-name}/{rb-version}/traffic-group-intent-sets/{trafficset-name}/clusterservice/httpbin/uservice-to-uservice-intent/clients
POST BODY:
"clientService": {
"nameclientServiceName": "servicehttpbinsleep01", //unique nameName forof eachthe intentclient "descriptionservice.
"headless": "connectivity intent for microservice replication across multiple locations and clusters"
"inboundservicename": "httpbin" //actual name of the client service
"description": "bookinfo app",
"protocol": "HTTP",
"externalName": "", // Optionaltrue", // default is false. Option "True" will generate the required configs for all the instances of headless service
"egressgateway": "true" , // Optional, default = ""false, ThisAll is the prefixoutbound usedtraffic to exposefrom this service outsidewill theflow cluster,through nota mandatorydedicated foregress "intercluster" API, But mandatory foe external inbound access
"headless": "false", // default is false. Option "True" will make sure all the instances of the headless service will have access to the client service
"mutualTLS": "MUTUAL", // Support 2 modes. SIMPLE, MUTUAL with external client, for inter and intra cluster, mtls is enabled by default
"port" : "80", // port on which service is exposed as through servicemesh, not the port it is actually running on
"serviceMesh": "istio", // get it from cluster record
"loadbalancing": "true", // optional
"externalAuthenticationissuer": "",
"externalAuthenticationjwksURI" : "",
"accessPoints": ["/health", "/status"]
"clientService": {
"clientServiceName": "sleep01", // if any then allow all the external applications to connect, check for serviceaccount level access
"headless": "true", // default is false. Option "True" will generate the required configs for all the instances of headless service
"egressgateway": "true" , // Optional, default = false, All the outbound traffic from this service will flow through a dedicated egress gateway
}
}
RETURN STATUS: 201
RETURN BODY:
{
"name": "sleep01"
"Message": "Client created"
} |
GET - The Client resource
| Code Block |
|---|
| language | js |
|---|
| theme | Midnight |
|---|
| title | GET |
|---|
| linenumbers | true |
|---|
|
URL: /v2/project/{project-name}/rb/{rb-name}/{rb-version}/traffic-intent-sets/{trafficset-name}/clusterservice/httpbin/clients/clients01intent
RETURN STATUS: 201
RETURN BODY:
{
"name": "servicehttpbin" //unique name for each intent
"description": "connectivity intent for microservice replication across multiple locations and clusters"
"inboundservicename": "httpbin" //actual name of the client service
"description": "bookinfo app",
"protocol": "HTTP",
"externalName": "", // Optional, default = "", This is the prefix used to expose this service outside the cluster, not mandatory for "intercluster" API, But mandatory foe external inbound access
"headless": "false", // default is false. Option "True" will make sure all the instances of the headless service will have access to the client service
"mutualTLS": "MUTUAL", // Support 2 modes. SIMPLE, MUTUAL with external client, for communication among services deployed at cluster clevel, mtls is enabled by default
"port" : "80", // port on which service is exposed as through servicemesh, not the port it is actually running on
"serviceMesh": "istio", // get it from cluster record
"loadbalancing": "true", // optional
"accessPoints": ["/health", "/status"]
"clientService": {
gateway
}
RETURN STATUS: 201
RETURN BODY:
{
"name": "sleep01"
"Message": "Client created"
} |
GET - The Client resource
| Code Block |
|---|
| language | js |
|---|
| theme | Midnight |
|---|
| title | GET |
|---|
| linenumbers | true |
|---|
|
URL: /v2/projects/{project-name}/composite-apps/{composite-app-name}/{version}/traffic-group-intent/uservice-to-uservice-intent/clients
RETURN STATUS: 201
RETURN BODY:
"clientService": {
"clientServiceName": "sleep01", // if any then allow all the external applications to connect, check for serviceaccount level access
"headless": "true", // default is false. Option "True" will generate the required configs for all the instances of headless service
"egressgateway": "true" , // Optional, default = false, All the outbound traffic from this service will flow through a dedicated egress gateway
}
}
|
...
| Code Block |
|---|
| language | js |
|---|
| theme | Midnight |
|---|
| title | POST |
|---|
| linenumbers | true |
|---|
|
URL: /v2/projectprojects/{project-name}/rbcomposite-apps/{rbcomposite-app-name}/{rb-version}/traffic-group-intent-sets/{trafficsetexternalservice-name}/externalservice/mysql/client01intentintent/clients
POST BODY:
{
"name": "johndoe" //unique name for each intent
"description": "connectivity intent for microservice replication across multiple locations and clusters"
"inboundservicename": "mysql" //actual name of the client service
"description": "bookinfo app",
"protocol": "HTTP",
"externalName": "", // Optional, default = "", Not required for Outbound access since the communication will be initialted from inboundservice
"headless": "false", // default is false. Option "True" will make sure all the instances of the headless service will have access to the client service
"mutualTLS": "true", // Setting this to true will create a dedicated egrees gateway for the service "httpbin01" on whichever cluster it is running on
"port" : "80", // port on which service is exposed as through servicemesh, not the port it is actually running on
"serviceMesh": "istio", // get it from cluster record
"loadbalancing": "true", // optional
"inboundServicecertificate" : {serverCertificate.pem} // Present actual certificate here. Optional, default "", required only if mTLS is set to "MUTUAL"
"inboundServicePrivateKey" : {serverPrivateKey.pem} // Present actual private key here. Required only if mTLS is "MUTUAL"
"externalAuthenticationissuer": "https://accounts.google.com",
"externalAuthenticationjwksURI" : "https://www.googleapis.com/oauth2/v3/certs",
"externalService": {
"externalServiceName": {"cnn.edition.com} // Only the FQDN of the service name is required
"externalCaCertificate" : {clientCaCert.pem} // Present the actual client certificate
}
}
RETURN STATUS: 201
RETURN BODY:
{
"Message": "outbound coonectivity intent creation success "
"description": "Connectivity intent for inbound service to connect to external services"
} |
...