Page Comparison

URL: /v2/projects/{project-name}/composite-apps/{composite-app-name}/{version}/traffic-intent-set/us-to-us-intents/

POST BODY:
{
	"metadata": {
	"name": "<name>" // unique name for each intent
    "description": "connectivity intent for stateless micro-service to stateless micro-service communication"
	"userdata1": <>,
	"userdata2": <>
	}

	"spec": { // update the memory allocation for each field as per OpenAPI standards
	"application": "<app1>",
	"servicename": "tcp-echo" //actual name of the client service
	"protocol": "TCP",
	"headless": "false", // default is false. Option "True" will make sure all the instances of the headless service will have access to the client service
	"mutualTLS": "SIMPLE", // 
	"port" : "31400", // port on which service is exposed as through servicemesh, not the port it is actually running on
	"serviceMesh": "istio", // get it from cluster record
	"istio-proxy": "yes", // The features (mTLS, LB, Circuit breaking) are no avaialble to services without istio-proxy. Only inbound routing is possible.

	// Circuit Breaking
	"maxConnections": 10 //connection pool for tcp and http traffic
	"baseEjectionTime" : 15 // Default is 5, time for which the host will be removed from load balancing pool when it returns error for no of times more than "consecutiveErrors" limit
	"intervalSweep": 5m, //time limit before the removed hosts are added back to the load balancing pool.
	"connectTimeout": 10s

	// credentials for mTLS. Not required in this scenario since the services are in one logical cloud with common rootCA. ISTIO_MUTUAL is enabled by default.
	"Servicecertificate" : "" // Present actual certificate here.
	"ServicePrivateKey" : "" // Present actual private key here.

	// Access Control
	serviceAccountAccess : {[ "cluster.global/ns/default/sa/tcp-app": ["port: 9000"]}
	
	}
}

RETURN STATUS: 201
RETURN BODY: 
{ 
  "name": "servicehttpbin"
  "Message": "inbound service created"
}

URL: /v2/projects/{project-name}/composite-apps/{composite-app-name}/{version}/traffic-group-intent/uservice-to-uservice-intent/clients
POST BODY:
{
	"metadata": {
	"name": "<name>" // unique name for each intent
    "description": "connectivity intent add client communication"
	"application": "<app1>",
	"userdata1": <>,
	"userdata2": <>
	}

	spec: {
		"clientServiceName": "tcp-app", // Name of the client service
		"headless": "false", // default is false. Option "True" will generate the required configs for all the instances of headless service
		"mTLS": "SIMPLE", // will be the same as that of inbound service, if both are part of same logical cloud
	}
}

RETURN STATUS: 201
RETURN BODY:
{ 
  "name": "sleep"
  "Message": "Client created"
}

URL: /v2/projects/{project-name}/composite-apps/{composite-app-name}/{version}/traffic-group-intent/uservice-to-uservice-intent/clients/sleep/security/security-intent
{
	"metadata": {
	"name": "<name>" // unique name for each intent
    "description": "Security intent"
	"application": "<app1>",
	"userdata1": <>,
	"userdata2": <>
	}

	spec:{
	
	}
}

RETURN STATUS: 201
RETURN BODY:
{ 
  "name": "<name>"
  "Message": "Security Rules created"
}

apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
  name: servicename-httpbin
spec:
  hosts:
  - httpbin.default.global
  # template for the remote service name - <servicename.namespace.global>
  # Treat remote cluster services as part of the service mesh
  # as all clusters in the service mesh share the same root of trust.
  location: MESH_INTERNAL
  ports:
  - name: http1
    number: 8000
    protocol: http
  resolution: DNS
  addresses:
  # the IP address to which httpbin.<namespace>.<logicalcloudname> will resolve to
  # must be unique for each remote service, within a given cluster.
  # This address need not be routable. Traffic for this IP will be captured
  # by the sidecar and routed appropriately.
  - 240.0.0.2
  endpoints:
  # This is the routable address of the istio ingress gateway in cluster02
  # routed to this address.
  - address: 172.25.55.50
    ports:
      http1: 15443 //Sni. Do not change this

apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: sleep-dr
  namespace: default
spec:
  host: "sleep.default.svc.cluster.local"
  trafficPolicy:
    tls:
      mode: DISABLE

apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: httpbin-dr
  namespace: default
spec:
  host: "httpbin.default.svc.cluster.local"
  trafficPolicy:
    tls:
      mode: DISABLE
    loadbalancer:
      consistentHash:
        httpCookie: "user1"
    connectionPool:
      tcp:
        maxConnections: 10
      http:
        http2MaxRequests: 1000
        maxRequestsPerConnection: 100
    outlierDetection:
      consecutiveErrors: 7
      interval: 5m
      baseEjectionTime: 15m