...
Code Block |
---|
language | js |
---|
theme | Midnight |
---|
title | POST |
---|
linenumbers | true |
---|
|
URL: /v2/projects/{project-name}/composite-apps/{composite-app-name}/{version}/traffic-intent-set/us-to-us-intents/
POST BODY:
{
"metadata": {
"name": "servicehttpbin" // unique name for each intent
"description": "connectivity intent for stateless micro-service to stateless micro-service communication"
"userdata1": <>,
"userdata2": <>
}
"spec": { // update the memory allocation for each field
"application": "<app1>",
"servicename": "httpbin" //actual name of the client service
"protocol": "HTTP",
"headless": "false", // default is false. Option "True" will make sure all the instances of the headless service will have access to the client service
"mutualTLS": "SIMPLE", // Support 2 modes. SIMPLE, ISTIO_MUTUAL. For external Client, it is MUTUAL
"port" : "80", // port on which service is exposed as through servicemesh, not the port it is actually running on
"serviceMesh": "istio", // get it from cluster record
"istio-proxy": "yes", // The features(mTLS, LB, Circuit breaking) are limited to services without istio-proxy
// Traffic configuration
"loadbalancingType": "ConsistenHash", // "Simple" and "consistentHash" are the two modes
"loadBalancerMode": "httpCookie" // Modes for consistentHash - "httpHeaderName", "httpCookie", "useSourceIP", "minimumRingSize", Modes for simple - "LEAST_CONN", "ROUND_ROBIN", "RANDOM", "PASSTHROUGH" // choices of the mode must be explicit
"httpCookie": "user" // Input for Hash in "ConsistenHash" LB and mode as "httpCookie" . Name of the cookie to maitain stick sessions
"httpHeader": "john-user" // must be filled only if "loadBalancerMode" is "httpHeader"
"maxConnections": 10 //connection pool for tcp and http traffic
"timeOut" : 5 // in Seconds. Connection timeout for tcp and idleTimeout for http
// credentials for mTLS in "SIMPLE" mode
"Servicecertificate" : {serverCertificate.pem} // Present actual certificate here.
"ServicePrivateKey" : {serverPrivateKey.pem} // Present actual private key here.
// Access Control
namespaces: [] // Workloads from this namespaces can access the inbound service
}
}
RETURN STATUS: 201
RETURN BODY:
{
"name": "servicehttpbin"
"Message": "Inbound service created"
} |
...
Generate Istio object resources
Name of the Cluster | Microservice | Istio Configuration | Comments |
---|
Cluster01 | - echo
- sleep
|
Microservice | Resource |
---|
common | serviceEntry (httpbin) | echo | destinationRule for simple TLS | sleep | destinationRule for simple TLS |
|
|
|
|
Cluster02 | httpbin |
Microservice | Resource |
---|
httpbin | destinationRule for simple TLS AuthorizationPolicy for Access Control |
|
|