Versions Compared

Old Version 26

changes.mady.by.user Itohan Ukponmwan

Saved on

compared with

New Version 27

changes.mady.by.user Itohan Ukponmwan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Main DCM Microservice (contains the Logical Cloud Controller, User Controller and Namespace Controller)
  2. Istio DCM Controller (Create the Istio Control planes for the logical clouds)
  3. CA Key Distribution ControllerGenerate intermediate CA key for each edge which is signed by an root or intermediate key)
  4. Quota Controller (Limits resources available to each logical cloud)

Design Overview

draw.io Diagram
bordertrue
viewerToolbartrue
fitWindowfalse
diagramDisplayName
lboxtrue
revision37
diagramNameDCM
simpleViewerfalse
width6001000
linksauto
tbstyletop
diagramWidth5121131

Fig 1: DCM Components

















Fig 2: Showing Logical Clouds spanning multiple edge location. Istio Replicated Control planes are used and in each cluster, there  is an istio control plane per logical cloud


API

1.  Create Logical Cloud

Code Block
languagejs
titleLogical Cloud Creation API
URL: /v2/projects/<project-name>/logical-clouds
POST BODY:
{
 "name": "lc-1",   //unique name for the record
 "logical-cloud-name" : "logical-cloud-1",
 "namespace" : "ns-1", // one namespace per logical cloud
 "description": "logical cloud for walmart finance department",  //description for the logical cloud
 "user" : {
    "user-name" : "user-1",  //name of user for this cloud
    "type" : "certificate",   //type of authentication credentials used by user (certificate, Token, UNPW)
    "user-key" : "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA+mQXMRYV4H6/YhLQHTQ7brwP9AhRgU87HweU9TJ7+iJsFfAh\nOGWkURUPriF5dZYRqO451HyizZ5gWGFgvPhRexiBv1OB7FbVa6PSHkn5UhqmONFo\nGG4bqsEe7vr8ZU/cJIaUIGu9IdQ4ww3JyUQ9dB2O8YdnGELeWcmcc9VdHh/J/dg5\n1noP4lFTMZoHNIrFZ0MtvMQrz+SE6Xd1nDK0BaRjllzqta0lqkdweEYUwtQUKq6m\n6XcC8latnnICNimb9h7jHo0MS+sQVFAwgAzu2Z4ryt9lRAC8qmBPDPpRRcutyJAF\n2Lv4UMHI41evHh8q37BCPZn8SXZ3mVlVRkkWRQIDAQABAoIBAQCNxWxIM7wRT1Kn\nggVp87APA9Z4ktkrQSQ1boKNzpbZyvGt/jehChPegPFO4880n9LB9pix0hwQFjNw\n9znh5SulafvUy8CNg6D1gF0xHytWrJYfJ5or8vQhW5VbNKsB5hS8baKjNL1y0QmO\nj1kIZ2XwP+g2ozbhSsNAzWGTSGSf77sljH1UfR8rU1DloSTGOcDv+PHfFtZ/ICbC\n/jwHW9Gzej7ZRVfX7W5bLQjPlHq4p0pD02L26byaYLZEC/KA6ZX/ZtAbR8ZsUAw4\ngCTkIKgwzPMooyxbp7bjwMl7BebhLmFkZL9FlDLOT6ldh07CWKsMgYNxklgOQqMq\n+wHb2shBAoGBAP7xgqNOZPtQ5a2Lt+OuVj/mFGgbwHxhx2oKimc+xkwUvPN4GW5x\nHbbS3XoZc7UgxAyGmikNly+ZzrOCyDKeR6M/wkGxAn8/DlNZ7IPM+8X0IHCNmZc7\nGbR16Yzj/dclDxwD9j29RId6U33IveH64PsdYHMZvOHhDX7/QnPLXMfxAoGBAPtt\nwBFI+XBEG3j9yGcf6twvZXDDt9yQPQi/CDeaVeMrGOM0B04QRWe0KFGcpfhASJFE\nhJgrYxFmuFylzomHQW0gKKg6yUyUKyCjBK/ZthWTgLnQaVy05Ks5bS5Z3N+hvtlY\nqJNLHxN9trpVrAiGwCyXWRauipLIpVdMvmxfAyeVAoGBAPRstjQ96AEvWVUe/IoU\nzmpq+6uo184orNjVDEbaX6H3zASdY7yIRNXQqzjyCAZjSLM9pbWwav/fNdbTj39A\nUyyH54W14NAAs4pkT6c5szXhzew7RkNBDW8AEY/b0rYfuLHCdqZQvNArDrss6Cgt\nsN/xFVSlG3twmtDXBXBEG3jYYREWO89REwkjleOPLmnjleOPLmnFZaqlLrB+1K4u\n1niUx6K77SGlEnqNV1caqfzl7tkKPfdnL7NCQPWZS9VRok/S/GiSoislNnpNXOmQ\nNCVgp3gLCw+k0R/2WgnZLpGCAmaaLkmjwm9nXsOcZaHnti9x3pGb5CCwvFfECOLz\nF6NaMBUCgYBvvQ0/eLqlHj1YXBEG3jYYREWO89REwkjleOPLmn1fQsa4vZBXN8yN\nZBHj6mPaIm9s+Ca/a1kfAo/Kv5aqaNN5A0GmHOaUNZaYnJ46aH/Qieoa5ICs02J/\n/jHwoXzvehtr3b8ncDXq9PS+4eDfHwJjIDbmQ0FRcH4wmZLg45zlwg==\n-----END RSA PRIVATE KEY-----\n", 

    "user-csr" : "-----BEGIN CERTIFICATE REQUEST-----\nMIICajCCAVICAQAwJTERMA8GA1UEAwwIZW1wbG95ZWUxEDAOBgNVBAoMB2JpdG5h\nbWkwggEiMXBEG3jYYREWO89REwkjleOPLmnAwggEKAoIBAQD6ZBcxFhXgr9iEtAd\nNDtuvA/0CFGBTzsfB5T1Mnv6ImwV8CE4ZaRRFQ+uIXl1lhGo7jnUfKLNnmBYYWC8\n+FF7GIG/U4HsVteeeeeeflSGqY40WgYbhruqwR7u+vxlT9wkhpQga70h1DjDDcnJ\nRD10HY7xh2cYQt5ZyZxz1V0123jldoewjg/iUVMxmgc0isVnQy28xCvP5ITpd3Wc\nMrQFpGOWXOq1rSWqR3B4RhTC1BQqrqbpdwLyVq2ecgI2KZv2HuMejQxL6xBUUDCA\nDO7ZnivK32VEALyqYE8M+lFFy63IkAXYu/hQwcjjV68eHyrfsEI9mfxJdneZWVVG\nSRZFAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAyuTVpshvkTo9bQkhMHFaPSdU\neqNM8NF/SZAdM/nWE5Q9wIeQLxu7FFP1UGz+b/bmxGp/o4bfrjC/4yjUWA4zUAfP\nBf7kUvJFSCdcTClyD5u9oL0ZGDc3ZZM3BgFT2PjXdr8cufkh3OjY6IVExA365NFP\nVyk7Bo13FhORHgVZUinK7s2COylidSOEMnwg71Rxf1S2UMm8sV4duWdVqep6ic31\nK8ghF27F5XBEG3jYYREWO89REwkjleOPLmnaN+n2I4nSD0JkD3w1v6XUQqXSV9WC\n3cNAmRWv0JJVRXvXk5x5Etr0oza2BDPrrZzKw94dsjsu5fWvWeeqtovWzUboiw==\n-----END CERTIFICATE REQUEST-----\n",

    "cloud-ca-key" : "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA+mQXMRYV4H6/YhLQHTQ7brwP9AhRgU87HweU9TJ7+iJsFfAh\nOGWkURUPriF5dZYRqO451HyizZ5gWGFgvPhRexiBv1OB7FbVa6PSHkn5UhqmONFo\nGG4bqsEe7vr8ZU/cJIaUIGu9IdQ4ww3JyUQ9dB2O8YdnGELeWcmcc9VdHh/J/dg5\n1noP4lFTMZoXBEG3jYYREWO89REwkjleOPLmnllzqta0lqkdwXBEG3jYYREWO89R\n6XcC8latnnICNimb9h7jHo0MS+sQVFAwgAzu2Z4ryt9lRAC8qmBPDPpRRcutyJAF\n2Lv4UMHI41evHh8XBEG3jYYREWO89REwkjleOPLmnQABAoIBAQCNxWxIM7wRT1Kn\nggVp87APA9Z4ktkrQSQ1boKNzpbZyvGt/jehChPegPFO4880n9LB9pix0hwQFjNw\n9znh5SulafvUy8CNg6D1gF0xHytWrJYfJ5or8vQhW5VbNKsB5hS8baKjNL1y0QmO\nj1kIZ2XwP+g2ozbhSsNAzWGTSGSf77sljH1UfR8rU1DloSTGOcDv+PHfFtZ/ICbC\n/jwHW9Gzej7ZRVfX7W5bLQjPlHq4p0pD02L26byaYLZEC/KA6ZX/ZtAbR8ZsUAw4\ngCTkIKgwzPMooyXBEG3jYYREWO89REwkjleOPLmnFlDLOT6ldKsMgYNxklgOQqMq\n+wHb2shBAoGBAP7xgqNOZPtQ5a2Lt+OuVj/mFGgbwHxhx2oKimc+xkwUvPN4GW5x\nHbbS3XoZc7UgxAyGmikNly+ZzrOCyDKeR6M/wkGxAn8/DlNZ7IPM+8X0IHCNmZc7\nGbR16Yzj/dclDxwD9j29RId6U33IveH64PsdYHMZvOHhDX7/QnPLXMfxAoGBAPtt\nwBFI+XBEG3jYYREWO89REwkjleOPLmn/CDeaVeMrGOM0B04QRWe0KFGcpfhASJFE\nhJgrYxFmuFylzomHQW0gKKg6yUyUKyCjBK/ZthWTgLnQaVy05Ks5bS5Z3N+hvtlY\nqJNLHxN9trpVrAiGwCyXWRauipLIpVdMvmxfAyeVAoGBAPRstjQ96AEvWVUe/IoU\nzmpq+6uo1XBEG3jYYREWO89REwkjleOPLmnRNXQqzjyCAZjSLM9pbW/fNdbTj39A\nUyyH54W14NAAs4pkT6c5szXhzew7RkNBDW8AEY/b0rYfuLHCdqZQvNArDrss6Cgt\nsN/xFVSlG3twmtDkiGCeW/DxAoGAVhAWO5RwFZaqlLrB+1K4kNAEeBn2eKBC1BiX\n1niUx6K77SGlEnqNV1caqXBEG3jYYREWO89REwkjleOPLmn/S/GiSislNnpNXOmQ\nNCVgp3gLCw+k0R/2WgnZLpGCAmaaLkmjwm9nXsOcZaHnti9x3pGb5CCwvFfECOLz\nF6NaMBUCgYBvvQ0/eLqlHj1Yj5GvetLJmMtc25fsyP4xily1fQsa4vZBqTNXN8yN\nZBHj6mPaIm9s+Ca/a1kfAo/Kv5aqaNN5A0GmHOaUNZaYnJ46aH/Qieoa5ICs02J/\n/jHwoXzvehtr3b8ncDXq9PS+4eDfHwJjIDbmQ0FRcH4wmZLg45zlwg==\n-----END RSA PRIVATE KEY-----\n",
    "cloud-ca-crt" : "-----BEGIN CERTIFICATE-----\nYYECyDCCAbCgAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5lAf8UUUUwjeiikoRtEWVFgQADggEBAHFByNTQyMloXDTMwMDExMzIyNTQyMlo\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMvy\nZR2kGgm58rmEF1gAf8UUUUwjeiikoRtEWVFgQADggEBAHFBGrjw1f8dpZkMI7TXn\nvVCbaJnPpFoVsH211LEV1kZjCdYjH+Bp8UCZtZNfrakZ5MOuEn41yil4qU1qFpXr\nuuIVFWKI74o7XJ+9WeT6fu0RtF4c+Zz+r3mf7aagzopxJ5O727MtZCyo2GicIw82\nMnJe+lpg47Du3p+Bs9VxpCMV8TLPCYaqUFGefuSnsLzB9aGPbZ2/dZS+BYzTbuub\ngJsnlJwZ6gZ+VBJXkqpSxfbSXQ7WeKGPd2JmbM8Lqmwe1pKH2sgTK4rpn3wJw95S\nysMKejyi/SrfVr/YvdMCAwEAAaMjMCEwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8UUUUwjeiikoRtEWVFgQADggEBAHFBwUBkDNz05wpiUVHZzWwgBVY8\nLTHWdYaIbi6sx+oEwuoIPWQw098/0OJVfsMW5wvzWSXM9wo3Gim2V16pl7A7etd/\n79fbOAZM8tmAG1YkhYIn7474ohNFV8Kv1jcvHQ+HDFYE4Gu0WQxAAOlFhvICJsUC\ndk7nfDJLE20kQ43VH2w7RH7rQUqEMVxUSeSMgbwLDBk9maP6o7F7lOFjBrbnhZVX\n407Svvi1Q3Lzx+nnIactbvFZPaAf8UUUUwjeiikoRtEWVFgQADggEBAHFBK13upx\nf+qHHV/0uUWf3obiICSOOjR1yVpwywHTW+Lxr3PYqt9oCSEq+b+OP16IUyk=\n-----END CERTIFICATE-----\n",
    "permissions" : [
       { "permission-name" : "permission-1",
         "apiGroups" : ["stable.example.com"],
         "resources" : ["secrets", "pods"],
         "verbs" : ["get", "watch", "list", "create"]
       },
       { "permission-name" : "permission-2",
         "apiGroups" : [""],
         "resources" : ["configmaps"],
         "verbs" : ["*"]
       }
    ]
  }
}

Return Status: 201
Return Body:
{
  "name" : "logical-cloud-1",
  "logical-cloud-name" : "logical-cloud-1",
  "namespace" : "ns-1",
  "user-name" : "user-1"
}

...