Versions Compared

Old Version 14

changes.mady.by.user Manjunath Ranganathaiah

Saved on

compared with

New Version 15

changes.mady.by.user Manjunath Ranganathaiah

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Inbound Intents

draw.io Diagram
bordertrue
diagramNameuService-uService
simpleViewerfalse
width
linksauto
tbstyletop
lboxtrue
diagramWidth1041
revision1
draw.io Diagram
bordertrue
diagramNameuService-uService without Istio
simpleViewerfalse
width
linksauto
tbstyletop
lboxtrue
diagramWidth911
revision3


draw.io Diagram
bordertrue
diagramNameInbound TG
simpleViewerfalse
width
linksauto
tbstyletop
lboxtrue
diagramWidth891
revision9


Traffic group intents

Code Block
languagebash
titlePOST
linenumberstrue
URL: /v2/projects/{project-name}/composite-apps/{composite-app-name}/{composite-app-version}/deployment-intent-groups/{deployment-intent-group-name}/traffic-group-intents
POST BODY:
{
  "metadata": {
    "name": "<name>", //unique for each traffic group 
    "description": "<description>",
    "userData1": "<user data>",
    "userData2": "<user data>"
   }
}

Inbound Intents

...


 Code Block
titleInbound
URL: /v2/projects/{project-name}/composite-apps/{composite-app-name}/{composite-app-version}/deployment-intent-groups/{deployment-intent-group-name}/traffic-group-intents/{traffic-group-intents}/inbound-intents/

   "metadata": {
    "name": "<>" // unique name for each intent
    "description": "connectivity intent for inbound communication"
    "userdata1": <>,
    "userdata2": <>
    }
 
    "spec": { 
    	"application": "<app1>",
    	"servicename": "httpbin" //actual name of the client service 
        "externalName": "httpbin.k8s.com" // Can be IP address also
        "port" : "80", // port on which service is exposed 
        "serviceMesh": "istio", // SIMPLE - No Istio
    	"istio" : {
			"sidecar-proxy": "yes", 
 			"mutualTLS": "MUTUAL", // default is simple. Option MUTUAL will enforce mtls 
			// Traffic management fields below are valid only if the sidecar-proxy is set to "yes"
			"loadbalancing" : {
    			// LaodBalancing
    			"loadbalancingType": "ConsistentHash", // "Simple" and "consistentHash" 
    			"loadBalancerMode": "httpCookie"      // Modes for consistentHash - "httpHeaderName", "httpCookie", "useSourceIP", "minimumRingSize", Modes for simple - "LEAST_CONN", "ROUND_ROBIN",    "RANDOM", "PASSTHROUGH" 
    			"httpCookie": "user1" // Name of the cookie to maintain sticky sessions 
			},
	    	"circuitBreaking": {
	    		"maxConnections": 10 //connection pool for tcp and http traffic
    			"concurrenthttp2Requests": 1000 // concurent http2 requests which can be allowed 
    			"httpRequestPerConnection": 100 // number of http requests per connection. Valid only for http traffic 
    			"consecutiveErrors": 8 // Default is 5.  Number of consecutive error before the host is removed 
    			"baseEjectionTime" : 15 // Default is 5
    			"intervalSweep": 5m, //time limit before the removed hosts are added back to the load balancing pool.
			}
    	},
	 "external-support": "true"
	 "external": {
     	"cert-info": {
	    	"servicecertificate" : "" // Present actual certificate here.
    		"servicePrivateKey" : "" // Present actual private key here.
    		"caCertificate" : "" // present the trusted certificate to verify the client connection
	 	},
	 	"auth-info": {
	 		// Authentication fields
     		"externalAuthenticationissuer": "https://accounts.google.com",
     		"externalAuthenticationjwksURI" : "https://www.googleapis.com/oauth2/v3/certs",
		}
	}
	"protocol": "HTTP",  // Support for other protocols
    "headless": "false", // default is false. Option "True" will make sure all the instances of the headless service will have access to the client service
	// TODO: Add any FW/SNAT/LB specific fields
 }


...