...
| Code Block |
|---|
| language | vb |
|---|
| title | Service Mesh API |
|---|
|
func create_mesh () {
func get_lc_clusters() (map[string]string) //Returns a map containing a mapping of cluster names to load balancer ip address
func create_mesh_namespace(logical-cloud-name, []clusters)
func create_ca_secrets(logical-cloud-name){
func get_ca_certs(url)
}
func install_helm([] clusters) (or install istioctl)
func create_helm_chart() (or istioctl manifest)
}
|
REST API
...
API to Create Logical Cloud Name and Associate some components
Create Logical cloud name for new logical cloud, add user name, namespace and user permissions
| Code Block |
|---|
| language | js |
|---|
| title | Logical Cloud Creation API |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds
POST BODY:
{
"metadata" : {
"name": "lc-1", //unique name for the record
"description": "logical cloud for walmart finance department", //description for the logical cloud
"userData1":"<user data>",
"userData2":"<user data>"
},
"spec" : {
"namespace" : "ns-1", // one namespace per logical cloud
"user" : {
"user-name" : "user-1", //name of user for this cloud (username and logical cloud name would be used as subject for the user key)
"type" : "certificate", //type of authentication credentials used by user (certificate, Token, UNPW)
"user-permissions" : [
{ "permission-name" : "permission-1",
"apiGroups" : ["stable.example.com"],
"resources" : ["secrets", "pods"],
"verbs" : ["get", "watch", "list", "create"]
},
{ "permission-name" : "permission-2",
"apiGroups" : [""],
"resources" : ["configmaps"],
"verbs" : ["*"]
}
]
}
}
}
Return Status: 201
Return Body:
{
"name" : "logical-cloud-1",
"logical-cloud-name" : "logical-cloud-1",
"namespace" : "ns-1",
"user-name" : "user-1"
} |
Important points to Note
- cluster CA and cluster CRT will be gotten when a cluster is registered and this will be used to create the user crt after the user csr and user key are created
Kubeconfig will be put in the mongoDB
2. Get Logical Cloud kubeconfig
PUT (Change logical cloud contents)
| Code Block |
|---|
| language | js |
|---|
| title | Get PUT Logical cloud kubeconfigCloud |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kubeconfig?cluster-reference=cluster-1
GET
Return Status: 201
Return Body :
<name>
PUT BODY:
{
"metadata" : {
"apiVersiondescription": "v1",logical cloud for walmart finance department"clusters":, [ //description for the logical cloud
{ "userData1":"<user data>",
"clusteruserData2":"<user {data>"
},
"spec" : "certificate-authority-data"{
"namespace" : "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJd01ERXhOakl5TlRReU1sb1hEVE13TURFeE16SXlOVFF5TWxvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXZ5ClpSMmtHZ201OHJtRUYxZ0VVNDlwR281TjR5WlZzbUtsemJxeitHcmp3MWY4ZHBaa01JN1RYbm1xaXdjbmpiZksKdlZDYmFKblBwRm9Wc0gyMTFMRVYxa1pqQ2RZakgrQnA4VUNadFpOZnJha1o1TU91RW40MXlpbDRxVTFxRnBYcgpvMnAvTTJNSTc0bzdYSis5V2VUNmZ1MFJ0RjRjK1p6K3IzbWY3YWFnem9weEo1TzcyN010WkN5bzJHaWNJdzgyCk1uSmUrbHBnNDdEdTNwK0JzOVZ4cENNVjhUTFBDWWFxVUZHZWZ1U25zTHpCOWFHUGJaMi9kWlMrQll6VGJ1dWIKZ0pzbmxKd1o2Z1orVkJKWGtxcFN4ZmJTWFE3V2VLR1BkMkptYk04THFtd2UxcEtIMnNnVEs0cnBuM3dKdzk1Uwp5c01LZWp5aS9TcmZWci9ZdmRNQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFIRkJ3VUJrRE56MDV3cGlVVkhaeld3Z0JWWTgKTFRIV2RZYUliaTZzeCthTUhIOFF3cERhSUIvME9KUlZmc01XNXd2eldTWE05d28zR2ltMlYxNnBsN0E3ZXRkLwo3OWZiT0FaTTh0bUFHMVlraFlJbjc0NzRvaE5GZjhLdjFqY3ZIUStIREZZRTRHdTBXUXhBQU9sRmh2SUNKc1VDCmRrN25mREpMRTIwa1E0M1ZIMnc3Ukg3clFVcUVNVnhVU2VTTWdid0xEQms5bWFQNm83RjdsT0ZqQnJibmhaVlgKNDA3U3Z2aTFRM0x6eCtubklhY3RidkZaUGFDRlpPMlkvS0dpcFpYM3o0R3hiR0sxM3VweExuSllHZEI4eFBrRApmK3FISFYvMHVVV2Yzb2JpSUNTT09qUjF5VnB3eXdIVFcrTHhyM1BZcXQ5b0NTRXErYitPUDE2SVV5az0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=ns-1", // one namespace per logical cloud
"user" : {
"serveruser-name" : "https://1.2.3.4:6443"
},
user-1", //name of user for this cloud (username and logical cloud name would be used as subject for the user key)
"nametype" : "kubernetescertificate", //type of authentication credentials used by }user (certificate, ],Token, UNPW)
"contextsuser-permissions" : [
{ "permission-name" : "permission-1",
"contextapiGroups" : {["stable.example.com"],
"resources" : "cluster": "cluster-1"["secrets", "pods"],
"verbs" : "user": "user-1"
["get", "watch", "list", "create"]
},
{ "permission-name" : "userpermission-1-context"2",
"apiGroups" : }[""],
], "current-contextresources" : ["user-1-contextconfigmaps"],
"kind": "Config", "usersverbs" : ["*"]
}
{ ]
}
}
}
Return "name": "user-1",
Status: 200 (OK)
Return Body:
{
"name" : "user": {
"logical-cloud-1",
"clientlogical-certificatecloud-dataname" : "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM4akNDQWRxZ0F3SUJBZ0lJZVovY05tQVE5NGd3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TURBeE1UWXlNalUwTWpKYUZ3MHlNVEF4TVRVeU1qVTBNamhhTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQW0zblA0eTdURjNrZldaZFoKaFdaV2RTSWZlNlpkbTdWK1BpcER6UWFHMTVuU0ZNSVRSeFVyYkhHdWlzakZQRlAzbUIyT09yN3BSQjJab3VDegppOFlYS21iYjJ6K2tjeWZxT1drcHhmTzlHQlV6SlYxL1BoUGU2dGRaSEp3c3FtNlhYZ2xkcTEvNjBSTWNwUVUxCi9LOXNZNHhWQ1djSkN4SEkvTnp4VDY0TU5zQlF3VldONXZWTTJOUDJtZDFOa2x2S3J2bnFRUERXTGxVWEx2THIKK2NESk50VytxcFc4dzVreXF5YWp1ZHQ4ZGw0dzZSY3FnL3VnbXRVMHRnVEdxcFdSYm5yZlFMSzBsaGJKejVMTgpmK1pNTjRCYllxWGRBZ2hFMTNEeHhYd2tHUHdnL3h0aFhManBaQzhjeTNlV0hCenV2cWY1aWJ2S0hRQ20zRmFjCjhBTlVpUUlEQVFBQm95Y3dKVEFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFDV3BuY1RhTWowOWZDL25CQTF1NWhkbFQrQmdhc3NZSFVEeQplM2tQUXJlUXdseUhYTGtWdDdiSkIxT0l6Y1V3K2M5MVF6Mm9lRFBaNzZGNGlQMTd5RUgrUFZrMVVUSzBLRU9jCjM2cVpXTUdMK0ptZy9wTnFBNXRsNG1EUTVneFhHTENpa2JiYzRTM0oxL0FicmFVakRtM1FEOTd6UEhSUkZnN2oKN2VXMnB2V3ZEakRTWDZGejY0dEorRHB2NUpGZGRHNU5lQVErZ0hNOWFPVUdCVG1oZlYzZnl1NzkzV0cyUGlxMgpMMlZQU0YycU5DRG96Y3Z3am84VHkxbUpXSzIvTkVjN2ZMd24wbml3UTd3aXpMWHU0N1hvL3Frb2pBMUN6MW9YCkhid1JQMjZXdVNDTGpnNnpHVUh3VnBZWmV4Z3pkY05CRERQTnlPem94RTFwUVlXRXkrZz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=logical-cloud-1",
"client-key-data "namespace" : "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBbTNuUDR5N1RGM2tmV1pkWmhXWldkU0lmZTZaZG03VitQaXBEelFhRzE1blNGTUlUClJ4VXJiSEd1aXNqRlBGUDNtQjJPT3I3cFJCMlpvdUN6aThZWEttYmIyeitrY3lmcU9Xa3B4Zk85R0JVekpWMS8KUGhQZTZ0ZFpISndzcW02WFhnbGRxMS82MFJNY3BRVTEvSzlzWTR4VkNXY0pDeEhJL056eFQ2NE1Oc0JRd1ZXTgo1dlZNMk5QMm1kMU5rbHZLcnZucVFQRFdMbFVYTHZMcitjREpOdFcrcXBXOHc1a3lxeWFqdWR0OGRsNHc2UmNxCmcvdWdtdFUwdGdUR3FwV1JibnJmUUxLMGxoYkp6NUxOZitaTU40QmJZcVhkQWdoRTEzRHh4WHdrR1B3Zy94dGgKWExqcFpDOGN5M2VXSEJ6dXZxZjVpYnZLSFFDbTNGYWM4QU5VaVFJREFRQUJBb0lCQURSeCs3RTd5MU1ndFhXSQpPMWRuZFFTZ0ZSU2x3dS9TWWhwZ01XeklwZFcyZW9vc0NVcXlGbXJIVWtSWWcwZmRYeWk5MTR0emVNWlVZYzN5CmxENHkvUDk5b080dFlyREJweDNrbm9XNnVXK1ZQeUo4am42SFAydmlacG5qQ0tJWkdoQkxnb0JicVFTN3VLN2wKdWhkWnFXdFBIQ1JHMEdNZWhiamVZcndwRHMrc3V5Y0tUNlh2OGR0am9PRGlSenpodTBBWjErSDBMbC9MaUp5NgpubUF1M3IzUDN2dGt1ZndoOXB2SjA2TjhHVWhRZFlvVENBMHQ4c0lEN0Q0ZUZGcXdjM2FVTmlyVGdtcllmcVFkCnJQMnRUMkYxbEE5bEJ1bUJmNDBCUFMrejR0MS92Tk5XSEtseFFzaDRkTnNJczlFbHB1YkVTMlovbmJkUHpEOXUKUHlmWmNCMENnWUVBemZEZ21TVVZ2REpJMEZWWnNENWszNWxRWFpmQ3ZLZWpaaU5ScTZzaDlROUhBcTdaN3dESwo3RmNHSGZFQVhNZ1YyQ2VibUtkbFZ4aFJMQUVQb0todzNCbG94RlhiNC9ESytYdmV0ek4vUnQzQ0VGN29jZTFECko0eXVTS0pYR25RVW82NXV6RVBJMmVVdi81Njh5dEdDdXlNRmdIZDNTRHBxeUZqSjhlVXp3RGNDZ1lFQXdVU2kKVVpkMTEzVnFWeEpUQytSeTlsRzNIeGZFekhBbUdkMXNQNFdmYm9nZ3hjbmZrZk9ndU1ua0dzVVNnNGZjN3BKNworVDd2dFg2QVRXQkUzeUV1SHdMcytJd2VQT2RFeDNBZytSYnBKU25pTEc2WmUxdER0K2NtdTdObGZGRWRuR0l2CkUvTkt1c3FLdmduN3FzK216OHR5UmwxZ0pYMGdjT3J1TFVnbnNUOENnWUVBaGlUdUY3TnBXZ0lqSGRsS3A1dXMKMTEwbFZTR2lqb0pmMUFzVGlzL1pPYWh1NTlkL1M4aG5aZFUxdmRFYkhGU1VyZ3oydEZQdGxmTFlCT0xZREIxTQpEb0phbFBFY1gzaWNyaSs2bmZqa1lnUFhBaFRnTWoyTExicmNWNkd2UFNMNXdyaS9vVHhTRzJUSGhDa2c3cmZVCkFSUEo1S2xzd0ZhVThkV3NEVzN2N0xjQ2dZQlhlZGc2TStLcmpjSisvSlZJR2JPTEY3dFp3R2xiMnhyenRBdk4KeUk0NytqTlRNcWNWcVg3Q2hPYlEwd2dwTG5KcUxUVWR3RVhCRVN2RFdlSnlWOU5IU0F5NEJydWM5MVJqTExaUAo1L1hJMDJkQ2t5QzIrN3p2M1JqajlqUG1DOVRxTm1wMmpqVHh6TUQxZVJGRzQ4dnQyM2l5cm9yWkRRU0U5MkNzCmNDOC9Bd0tCZ1FDamRrVTNOcWFPZHUzMlpkWm5IK0cxY0NwbGtRK1VFZXNmTlcrWjdiWWtocng2Z2l6eCtjY0UKS3FhNTRxTmJkQVdLQXRzSU5lZ3pQU0toV0g0eXFnaWYrNmQ1aVVZUlFoUUhNVG0yTHpEQ2xGQ001N2FPdmQ3YQpNUEZxR3BNV2tqVmlnZjlwdHV3YW1qWkYwbm5MUVE5dWIzMlB3Zjk0Yzl4NFBEdkpmdTQrUHc9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=ns-1",
"user" : "user-1"
}
}
]
} |
...
GET Logical Cloud
| Code Block |
|---|
| language | js |
|---|
| title | PUT GET Logical Cloud |
|---|
|
GET
URL: /v2/projects/<project-name>/logical-clouds/<name>
PUTRESPONSE BODY:
{
"metadata" : {
"name": "lc-1", //unique name for the record
"description": "logical cloud for walmart finance department", //description for the logical cloud
"userData1":"<user data>",
"userData2":"<user data>"
},
"spec" : {
"namespace" : "ns-1", // one namespace per logical cloud
"user" : {
"user-name" : "user-1", //name of user for this cloud (username and logical cloud name would be used as subject for the user key)
"type" : "certificate", //type of authentication credentials used by user (certificate, Token, UNPW)
"user-permissions" : [
{ "permission-name" : "permission-1",
"apiGroups" : ["stable.example.com"],
"resources" : ["secrets", "pods"],
"verbs" : ["get", "watch", "list", "create"]
},
{ "permission-name" : "permission-2",
"apiGroups" : [""],
"resources" : ["configmaps"],
"verbs" : ["*"]
}
],
} }
}
Return Status: 200 (OK)
Return Body:
{
"name" : "logical-cloud"clusters" : ["cluster-1",
"logicalcluster-cloud-name" :2", "logical-cloud-1",cluster-3]
"namespace"}
: "ns-1",
"user" : "user-1"
}
|
...
DELETE Logical Cloud
| Code Block |
|---|
| language | js |
|---|
| title | Associate logical cloud DELETE Logical Cloud |
|---|
|
DELETE
URL: /v2/projects/<project-name>/logical-clouds/<name>
|
Logical Cloud Cluster API
POST (Associate cluster with logical cloud )
| Code Block |
|---|
| language | js |
|---|
| title | Associate logical cloud with cluster |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/cluster-references/
POST BODY:
{
"cluster-referencename": "cluster-namec1", //name of the cluster
"loadbalancer-ip" : "0.0.0.0" //IP address of the istio loadbalancer for the logical cloud control plane in the cluster
}
Return Status: 200 (OK)
Return Body:
{
"cluster-name" : "cluster-reference-1",
"clusterloadbalancer-nameip" : "cluster-10.0.0.0"
}
|
5. GET Logical CloudPUT
| Code Block |
|---|
| language | js |
|---|
| title | GET Logical Cloud |
|---|
| GET
URL| Update cluster in logical cloud |
|
URL: /v2/projects/<project-name>/logical-clouds/<name>
RESPONSE/<logical-cloud-name>/cluster-references/cluster-name
PUT BODY:
{
"metadataloadbalancer-ip" : {
"name": "lc-1", "0.0.0.0" //uniqueIP nameaddress forof the recordistio loadbalancer "description": "for the logical cloud forcontrol walmart finance department", //description forplane in the logicalcluster
cloud}
Return Status: 200 (OK)
Return "userData1"Body:"<user data>",
{
"userData2cluster-name" :"<user data>"
},
"spec"cluster-1"
: { "namespaceloadbalancer-ip" : "ns-1", // one namespace per logical cloud
"user" : {
"user0.0.0.0"
} |
GET
| Code Block |
|---|
| language | js |
|---|
| title | Get Clusters Associated with logical clouds |
|---|
|
GET
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/cluster-references/
RESPONSE BODY:
{ cluster-references : [
{ "cluster-name" : "user-1c1",
//name of user for this cloud (username and logical cloud name would be used as subject for the user key)
"type" : "certificate", //type of authentication credentials used by user (certificate, Token, UNPW)
"user-permissions" : [
{ "permission-name" : "permission-1",
"loadbalancer-ip" : "0.0.0.0
},
{ "cluster-name" : "c2",
"loadbalancer-ip" : "x.x.x.x
}
]
}
|
DELETE (Delete cluster from Logical cloud)
| Code Block |
|---|
| language | js |
|---|
| title | Delete Cluster from logical cloud |
|---|
|
DELETE
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/cluster-references/cluster-name
RESPONSE STATUS: 204
}
|
Logical Cloud User Permissions API
Add user permissions
| Code Block |
|---|
| language | js |
|---|
| title | Add User permissions |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/user-permissions
POST BODY:
{ "name" : "permission-3",
"apiGroups" : ["stable.example.com"],
"resources" : ["secrets", "podsjobs"],
"verbs" : ["get", "watch", "list", "create"]
}
},
Return Status: 200 (OK)
Return Body:
{ "permission-name" : "permission-23",
"apiGroups" : [""],
"resources" : ["jobs"],
"resourcesverbs" : ["configmapslist"],
}
|
GET User Permissions
| Code Block |
|---|
| language | js |
|---|
| title | Get User permissions |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/user-permissions
GET:
"verbs" : ["*"]Return Body:
{"permissions" }: [
], { "clustersname" : ["clusterpermission-1",
"cluster-2", "cluster-3] "apiGroups" : ["stable.example.com"],
} } } |
6. DELETE Logical Cloud
| Code Block |
|---|
| language | js |
|---|
| title | DELETE Logical Cloud |
|---|
|
DELETE
URL: /v2/projects/<project-name>/logical-clouds/<name>
RESPONSE STATUS: 204
|
7. Add user permissions
| Code Block |
|---|
| language | js |
|---|
| title | Add User permissions |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/user-permissions
POST BODY:
"resources" : ["secrets", "pods"],
"verbs" : ["get", "watch", "list", "create"]
},
{ "name" : "permission-32",
"apiGroups" : [""],
"resources" "resources" : ["jobsconfigmaps"],
"verbs" : ["list*"]
} },
Return Status: 200 (OK) Return Body: { "name" : "permission-3",
"apiGroups" : [""],
"resources" : ["jobs"],
"verbs" : ["list"]
}
]
}
|
8. GET User PermissionsPUT (Update User permissions)
| Code Block |
|---|
| language | js |
|---|
| title | Get Update User permissions |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/user-permissions
GET/permission-3
POST BODY:
Return Body:
{
"permissionsapiGroups" : [""],
"resources" : ["pvc"],
{ "nameverbs" : ["permission-1list",]
}
"apiGroups"Return Status: ["stable.example.com"],
200 (OK)
Return Body:
{ "name" : "permission-3",
"resourcesapiGroups" : ["secrets", "pods"],
"resources" : ["pvc"],
"verbs" : ["get", "watch", "list", "create"]
},
{ "name" : "permission-2",
"apiGroups" : [""],
list"]
}
|
Delete User Permissions
| Code Block |
|---|
| language | js |
|---|
| title | Delete User permissions |
|---|
|
DELETE
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/user-permissions/<permission-name>
RETURN STATUS: 204
|
Logical Cloud Quota API
Create logical cloud Quota ( quota will be applied to each cluster in the logical cloud)
This allows resources to be tuned for the logical cloud
| Code Block |
|---|
| language | js |
|---|
| title | Create Logical cloud quota |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/cluster-quotas
POST BODY:
{
"metadata" : {
"resourcesname" : ["configmapsquota-1"],
"verbsdescription" : ["*desc"]
},
},"spec" : {
{ "namelimits.cpu" : "permission-3400",
"apiGroups" "limits.memory": ["1000Gi"],
"resources" "requests.cpu": ["jobs300"],
"verbsrequests.memory" : ["list900Gi"],
"requests.storage" }: "500Gi",
] } |
9. PUT (Update User permissions)
| Code Block |
|---|
| language | js |
|---|
| title | Update User permissions |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/user-permissions/permission-3
POST BODY:
"requests.ephemeral-storage": "",
{ "apiGroupslimits.ephemeral-storage" : [""],
"resourcespersistentvolumeclaims" : ["pvc "],
"verbspods" : ["list"]
}
500",
"configmaps" : "",
Return Status: 200 (OK)
Return Body:
{ "name"replicationcontrollers": "",
"resourcequotas" : "permission-3",
"apiGroupsservices" : [""],
"resources "services.loadbalancers" : ["pvc"],
"verbs "services.nodeports" : ["list"],
} |
10. Delete Permissions
| Code Block |
|---|
| language | js |
|---|
| title | Delete User permissions |
|---|
|
DELETE
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/user-permissions/<permission-name>
RETURN STATUS: 204
|
11. Create logical cloud Quota ( quota will be applied to each cluster in the logical cloud)
This allows resources to be tuned for the logical cloud
| Code Block |
|---|
| language | js |
|---|
| title | Create Logical cloud quota |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/cluster-quotas
POST BODY:
{"secrets" : "",
"count/replicationcontrollers" : "",
"count/deployments.apps" : "",
"metadatacount/replicasets.apps" : {"",
"namecount/statefulsets.apps" : "quota-1"",
"descriptioncount/jobs.batch" : "desc"
},
"spec" : { "limits.cpu""count/cronjobs.batch" : "400",
"limits.memory": "1000Gi",
"requests.cpu"count/deployments.extensions" : "300",
"requests.memory": "900Gi",}
}
"requests.storage" : "500Gi",
RETURN STATUS: 201 |
GET logical cloud Quota
| Code Block |
|---|
| language | js |
|---|
| title | Get Logical cloud quota |
|---|
|
GET
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/cluster-quotas/<quota-name>
RETURN BODY:
{
"requests.ephemeral-storagemetadata" : "",{
"limits.ephemeral-storagename" : "quota-1",
"persistentvolumeclaimsdescription" : " desc",
},
"podsspec" : "500", {
"configmapscpu" : "400",
"replicationcontrollersmemory": "1000Gi",
"resourcequotaspods" : "500",
}
"services": "",
}
|
Update Logical Cloud Quota
| Code Block |
|---|
| language | js |
|---|
| title | Update Logical cloud quota |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/cluster-quotas/<quota-name>
PUT BODY:
{
"services.loadbalancersmetadata" : "",{
"services.nodeportsdescription" : "desc",
"secrets" : "",
},
"count/replicationcontrollersspec" : "",{
"count/deployments.appscpu" : "400",
"count/replicasets.appsmemory" : "1000Gi",
"count/statefulsets.appspods" : "500",
"count/jobs.batch" : "",}
}
"count/cronjobs.batch" : "",
"count/deployments.extensions" : ""
}
}
RETURN STATUS: 201 |
...
Delete Logical Cloud Quota
| Code Block |
|---|
| language | js |
|---|
| title | Get Update Logical cloud quota |
|---|
|
GETDELETE
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/cluster-quotas/<quota-name>
RETURN BODY:
{
"metadata" : {
"name" : "quota-1",
STATUS: 204 |
Logical Cloud Key Value API
16. Add Key Value pair to logical cloud database
| Code Block |
|---|
| language | js |
|---|
| title | Add KV pair |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kv-pairs
POST BODY
{
"descriptionmetadata": "desc"{
}, "specname" :"<name>",
{ "cpudescription": "400<description>",
"memoryuserData1":"<user data>"1000Gi",
"podsuserData2":"<user data>"500"
},
}
|
13. Update Logical Cloud Quota
| Code Block |
|---|
| language | js |
|---|
| title | Update Logical cloud quota |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/cluster-quotas/<quota-name>
PUT BODY:
{"spec":{
"metadatakv" :[
{ "description": "desc" {
}, "spec" : { "key1":"val1"
"cpu": "400", },
{
"memory": "1000Gi", "podskey2": "500val2"
}
]
}
}
RETURN STATUS: 201 |
14. POST (Apply all the created configuration, this creates the K8s resources)
| Code Block |
|---|
| language | js |
|---|
| title | Apply configuration |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/apply
Return Status: 200 (OK)
Return Body:
{
"logical-cloud-name" : "logical-cloud-1",
"namespace" : "ns-1", // one namespace per logical cloud
"description": "logical cloud for walmart finance department", //description for the logical cloud
"user" : "user-1",
"clusters" : ["cluster1", "cluster2", "cluster3"]
"quota-name" : "quota-1"
}
|
15. GET (Check status of operation)
| Code Block |
|---|
| language | js |
|---|
| title | Get Operation status |
|---|
|
GET
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/status
GET BODY:
Return Body :
{
"metadata" : {
RETURN BODY:
{
"metadata":{
"name":"<name>",
"description":"<description>",
"userData1":"<user data>",
"userData2":"<user data>"
},
"spec":{
"kv":[
{
"key1":"val1"
},
{
"namekey2" : "logical-cloud-1val2"
"description" : "<description>", }
"clusters" :]
[ }
"cluster-1" :} |
17. PUT (Update kv pair)
| Code Block |
|---|
| language | js |
|---|
| title | Update KV pair |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kv-pairs/<name>
PUT BODY
{
"metadata":{
"namespace-status" : "<status> "description":"<description>",
"role-statususerData1" :"<user data>"<status>",
"role-binding-status" : "<status>""userData2":"<user data>"
},
"spec":{
"kv":[
} {
"cluster-2" : { "namespace-statuskey1" : "<status>val3",
"role-status" : "<status>"},
"role-binding-status" : "<status>"{
} ], "statuskey2":"val4"
"Creation in Progress " //Created, Creation Failed } |
16. Add Key Value pair to logical cloud database
| Code Block |
|---|
| language | js |
|---|
| title | Add KV pair |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kv-pairs
POST BODY
{
"metadata":{
]
}
}
RETURN STATUS: 201
RETURN BODY:
{
"namemetadata":"<name>",{
"description":"<description>",
"userData1":"<user data>",
"userData2":"<user data>"
},
"spec":{
"kv":[
{
"key1":"val1val3"
},
{
"key2":"val2"
}
]
}
}
RETURN STATUS: 201
RETURN BODY:
{
"metadata":{
"name":"<name> "key2":"val4"
}
]
}
} |
18. GET KV pair
| Code Block |
|---|
| language | js |
|---|
| title | Get KV pair |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kv-pairs/<name>
RETURN STATUS: 200
RETURN BODY:
{
"metadata":{
"name":"<name>",
"description":"<description>",
"userData1":"<user data>",
"userData2":"<user data>"
},
"spec":{
"kv":[
{
"key1":"val1"
},
{
"key2":"val2"
}
]
}
} |
19. DELETE KV pair
| Code Block |
|---|
| language | js |
|---|
| title | Delete KV pair |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kv-pairs/<name>
RETURN STATUS: 204
|
KUBECONFIG API (WORK IN PROGRESS)
Important points to Note
- cluster CA and cluster CRT will be gotten when a cluster is registered and this will be used to create the user crt after the user csr and user key are created
Kubeconfig will be put in the mongoDB
2. Get Logical Cloud kubeconfig
| Code Block |
|---|
| language | js |
|---|
| title | Get Logical cloud kubeconfig |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kubeconfig?cluster-reference=cluster-1
GET
Return Status: 201
Return Body :
{
"apiVersion": "v1",
"descriptionclusters":"<description>", [
"userData1":"<user data>", {
"userData2":"<user data>" }, "speccluster": {
"kv":[ {
"certificate-authority-data": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJd01ERXhOakl5TlRReU1sb1hEVE13TURFeE16SXlOVFF5TWxvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXZ5ClpSMmtHZ201OHJtRUYxZ0VVNDlwR281TjR5WlZzbUtsemJxeitHcmp3MWY4ZHBaa01JN1RYbm1xaXdjbmpiZksKdlZDYmFKblBwRm9Wc0gyMTFMRVYxa1pqQ2RZakgrQnA4VUNadFpOZnJha1o1TU91RW40MXlpbDRxVTFxRnBYcgpvMnAvTTJNSTc0bzdYSis5V2VUNmZ1MFJ0RjRjK1p6K3IzbWY3YWFnem9weEo1TzcyN010WkN5bzJHaWNJdzgyCk1uSmUrbHBnNDdEdTNwK0JzOVZ4cENNVjhUTFBDWWFxVUZHZWZ1U25zTHpCOWFHUGJaMi9kWlMrQll6VGJ1dWIKZ0pzbmxKd1o2Z1orVkJKWGtxcFN4ZmJTWFE3V2VLR1BkMkptYk04THFtd2UxcEtIMnNnVEs0cnBuM3dKdzk1Uwp5c01LZWp5aS9TcmZWci9ZdmRNQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFIRkJ3VUJrRE56MDV3cGlVVkhaeld3Z0JWWTgKTFRIV2RZYUliaTZzeCthTUhIOFF3cERhSUIvME9KUlZmc01XNXd2eldTWE05d28zR2ltMlYxNnBsN0E3ZXRkLwo3OWZiT0FaTTh0bUFHMVlraFlJbjc0NzRvaE5GZjhLdjFqY3ZIUStIREZZRTRHdTBXUXhBQU9sRmh2SUNKc1VDCmRrN25mREpMRTIwa1E0M1ZIMnc3Ukg3clFVcUVNVnhVU2VTTWdid0xEQms5bWFQNm83RjdsT0ZqQnJibmhaVlgKNDA3U3Z2aTFRM0x6eCtubklhY3RidkZaUGFDRlpPMlkvS0dpcFpYM3o0R3hiR0sxM3VweExuSllHZEI4eFBrRApmK3FISFYvMHVVV2Yzb2JpSUNTT09qUjF5VnB3eXdIVFcrTHhyM1BZcXQ5b0NTRXErYitPUDE2SVV5az0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=",
"key1":"val1" "server": "https://1.2.3.4:6443"
}, {},
"key2name": "val2kubernetes"
}
} ],
"contexts": ][
} } |
17. PUT (Update kv pair)
| Code Block |
|---|
| language | js |
|---|
| title | Update KV pair |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kv-pairs/<name> PUT BODY {
"metadata":{ "descriptioncontext":"<description>", {
"userData1":"<user data>", "userData2cluster":"<user data>" "cluster-1",
}, "spec":{ "kvuser":[ "user-1"
{},
"key1name": "val3user-1-context"
},
],
{
"current-context": "user-1-context",
"kind": "Config",
"key2users":"val4" [
} {
] } } RETURN STATUS"name": 201
RETURN BODY:
{"user-1",
"metadata":{ "descriptionuser":"<description>", {
"userData1":"<user data>", "userData2client-certificate-data" : "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM4akNDQWRxZ0F3SUJBZ0lJZVovY05tQVE5NGd3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TURBeE1UWXlNalUwTWpKYUZ3MHlNVEF4TVRVeU1qVTBNamhhTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQW0zblA0eTdURjNrZldaZFoKaFdaV2RTSWZlNlpkbTdWK1BpcER6UWFHMTVuU0ZNSVRSeFVyYkhHdWlzakZQRlAzbUIyT09yN3BSQjJab3VDegppOFlYS21iYjJ6K2tjeWZxT1drcHhmTzlHQlV6SlYxL1BoUGU2dGRaSEp3c3FtNlhYZ2xkcTEvNjBSTWNwUVUxCi9LOXNZNHhWQ1djSkN4SEkvTnp4VDY0TU5zQlF3VldONXZWTTJOUDJtZDFOa2x2S3J2bnFRUERXTGxVWEx2THIKK2NESk50VytxcFc4dzVreXF5YWp1ZHQ4ZGw0dzZSY3FnL3VnbXRVMHRnVEdxcFdSYm5yZlFMSzBsaGJKejVMTgpmK1pNTjRCYllxWGRBZ2hFMTNEeHhYd2tHUHdnL3h0aFhManBaQzhjeTNlV0hCenV2cWY1aWJ2S0hRQ20zRmFjCjhBTlVpUUlEQVFBQm95Y3dKVEFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFDV3BuY1RhTWowOWZDL25CQTF1NWhkbFQrQmdhc3NZSFVEeQplM2tQUXJlUXdseUhYTGtWdDdiSkIxT0l6Y1V3K2M5MVF6Mm9lRFBaNzZGNGlQMTd5RUgrUFZrMVVUSzBLRU9jCjM2cVpXTUdMK0ptZy9wTnFBNXRsNG1EUTVneFhHTENpa2JiYzRTM0oxL0FicmFVakRtM1FEOTd6UEhSUkZnN2oKN2VXMnB2V3ZEakRTWDZGejY0dEorRHB2NUpGZGRHNU5lQVErZ0hNOWFPVUdCVG1oZlYzZnl1NzkzV0cyUGlxMgpMMlZQU0YycU5DRG96Y3Z3am84VHkxbUpXSzIvTkVjN2ZMd24wbml3UTd3aXpMWHU0N1hvL3Frb2pBMUN6MW9YCkhid1JQMjZXdVNDTGpnNnpHVUh3VnBZWmV4Z3pkY05CRERQTnlPem94RTFwUVlXRXkrZz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo="<user data>,
"client-key-data" : },"LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBbTNuUDR5N1RGM2tmV1pkWmhXWldkU0lmZTZaZG03VitQaXBEelFhRzE1blNGTUlUClJ4VXJiSEd1aXNqRlBGUDNtQjJPT3I3cFJCMlpvdUN6aThZWEttYmIyeitrY3lmcU9Xa3B4Zk85R0JVekpWMS8KUGhQZTZ0ZFpISndzcW02WFhnbGRxMS82MFJNY3BRVTEvSzlzWTR4VkNXY0pDeEhJL056eFQ2NE1Oc0JRd1ZXTgo1dlZNMk5QMm1kMU5rbHZLcnZucVFQRFdMbFVYTHZMcitjREpOdFcrcXBXOHc1a3lxeWFqdWR0OGRsNHc2UmNxCmcvdWdtdFUwdGdUR3FwV1JibnJmUUxLMGxoYkp6NUxOZitaTU40QmJZcVhkQWdoRTEzRHh4WHdrR1B3Zy94dGgKWExqcFpDOGN5M2VXSEJ6dXZxZjVpYnZLSFFDbTNGYWM4QU5VaVFJREFRQUJBb0lCQURSeCs3RTd5MU1ndFhXSQpPMWRuZFFTZ0ZSU2x3dS9TWWhwZ01XeklwZFcyZW9vc0NVcXlGbXJIVWtSWWcwZmRYeWk5MTR0emVNWlVZYzN5CmxENHkvUDk5b080dFlyREJweDNrbm9XNnVXK1ZQeUo4am42SFAydmlacG5qQ0tJWkdoQkxnb0JicVFTN3VLN2wKdWhkWnFXdFBIQ1JHMEdNZWhiamVZcndwRHMrc3V5Y0tUNlh2OGR0am9PRGlSenpodTBBWjErSDBMbC9MaUp5NgpubUF1M3IzUDN2dGt1ZndoOXB2SjA2TjhHVWhRZFlvVENBMHQ4c0lEN0Q0ZUZGcXdjM2FVTmlyVGdtcllmcVFkCnJQMnRUMkYxbEE5bEJ1bUJmNDBCUFMrejR0MS92Tk5XSEtseFFzaDRkTnNJczlFbHB1YkVTMlovbmJkUHpEOXUKUHlmWmNCMENnWUVBemZEZ21TVVZ2REpJMEZWWnNENWszNWxRWFpmQ3ZLZWpaaU5ScTZzaDlROUhBcTdaN3dESwo3RmNHSGZFQVhNZ1YyQ2VibUtkbFZ4aFJMQUVQb0todzNCbG94RlhiNC9ESytYdmV0ek4vUnQzQ0VGN29jZTFECko0eXVTS0pYR25RVW82NXV6RVBJMmVVdi81Njh5dEdDdXlNRmdIZDNTRHBxeUZqSjhlVXp3RGNDZ1lFQXdVU2kKVVpkMTEzVnFWeEpUQytSeTlsRzNIeGZFekhBbUdkMXNQNFdmYm9nZ3hjbmZrZk9ndU1ua0dzVVNnNGZjN3BKNworVDd2dFg2QVRXQkUzeUV1SHdMcytJd2VQT2RFeDNBZytSYnBKU25pTEc2WmUxdER0K2NtdTdObGZGRWRuR0l2CkUvTkt1c3FLdmduN3FzK216OHR5UmwxZ0pYMGdjT3J1TFVnbnNUOENnWUVBaGlUdUY3TnBXZ0lqSGRsS3A1dXMKMTEwbFZTR2lqb0pmMUFzVGlzL1pPYWh1NTlkL1M4aG5aZFUxdmRFYkhGU1VyZ3oydEZQdGxmTFlCT0xZREIxTQpEb0phbFBFY1gzaWNyaSs2bmZqa1lnUFhBaFRnTWoyTExicmNWNkd2UFNMNXdyaS9vVHhTRzJUSGhDa2c3cmZVCkFSUEo1S2xzd0ZhVThkV3NEVzN2N0xjQ2dZQlhlZGc2TStLcmpjSisvSlZJR2JPTEY3dFp3R2xiMnhyenRBdk4KeUk0NytqTlRNcWNWcVg3Q2hPYlEwd2dwTG5KcUxUVWR3RVhCRVN2RFdlSnlWOU5IU0F5NEJydWM5MVJqTExaUAo1L1hJMDJkQ2t5QzIrN3p2M1JqajlqUG1DOVRxTm1wMmpqVHh6TUQxZVJGRzQ4dnQyM2l5cm9yWkRRU0U5MkNzCmNDOC9Bd0tCZ1FDamRrVTNOcWFPZHUzMlpkWm5IK0cxY0NwbGtRK1VFZXNmTlcrWjdiWWtocng2Z2l6eCtjY0UKS3FhNTRxTmJkQVdLQXRzSU5lZ3pQU0toV0g0eXFnaWYrNmQ1aVVZUlFoUUhNVG0yTHpEQ2xGQ001N2FPdmQ3YQpNUEZxR3BNV2tqVmlnZjlwdHV3YW1qWkYwbm5MUVE5dWIzMlB3Zjk0Yzl4NFBEdkpmdTQrUHc9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo="
"spec":{ "kv":[ }
{}
]
} |
APPLY API
When the API is called, the resource synchronizer is called and the resource creation in the cluster begins
Apply all the created configuration, this creates the K8s resources
| Code Block |
|---|
| language | js |
|---|
| title | Apply configuration |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/apply
Return Status: 200 "key1":"val3"
},
{
"key2":"val4"
}
]
}
} |
...
(OK)
Return Body:
{
"logical-cloud-name" : "logical-cloud-1",
"namespace" : "ns-1", // one namespace per logical cloud
"description": "logical cloud for walmart finance department", //description for the logical cloud
"user" : "user-1",
"clusters" : ["cluster1", "cluster2", "cluster3"]
"quota-name" : "quota-1"
}
|
STATUS API
GET (Check status of operation)
| Code Block |
|---|
| language | js |
|---|
| title | Get KV pairOperation status |
|---|
|
GET
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kv-pairs/<name>status
GET RETURNBODY:
STATUS:
200Return RETURNBody BODY:
{
"metadata" : {
"name" : "<name>logical-cloud-1",
"description" : "<description>",
}
"clusters" : [
"userData1cluster-1" :"<user data>", {
"userData2namespace-status" : "<user data><status>",
}, "specrole-status":{ : "<status>",
"kvrole-binding-status" :[ "<status>"
}
{ "cluster-2" : {
"key1namespace-status" : "val1"
}<status>",
{
"role-status" : "<status>",
"key2role-binding-status" : "val2<status>"
}
],
]
}
} |
19. DELETE KV pair
| Code Block |
|---|
| language | js |
|---|
| title | Delete KV pair |
|---|
|
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kv-pairs/<name>
RETURN STATUS: 204
"status": "Creation in Progress " //Created, Creation Failed
} |