Background
The DCM is one of the components of ONAP4K8s. It will run as a microservice exposing Rest APIs, external components will use REST to communicate with the DCM while other microservices will use gRPC. The DCM will perform the following functions;
- User creation (currently one user per logical cloud)
- Namespace creation (currently one namespace per logical cloud)
- Generate intermediate CA key for each edge which is signed by an root or intermediate key
- Logical Cloud creation - Create Istio control planes for the logical clouds.
Different components (microservice) work together with the DCM to make the above possible, the components are;
- Main DCM Microservice (contains the Logical Cloud Controller, User Controller and Namespace Controller)
- Istio DCM Controller (Create the Istio Control planes for the logical clouds)
- CA Key Distribution Controller ( Generate intermediate CA key for each edge which is signed by an root or intermediate key)
- Quota Controller (Limits resources available to each logical cloud)
Design Overview
Fig 1: DCM Components
Fig 2: Showing Logical Clouds spanning multiple edge location. Istio Replicated Control planes are used and in each cluster, there is an istio control plane per logical cloud
API
1. Create Logical Cloud
URL: /v2/projects/<project-name>/logical-clouds POST BODY: { "name": "lc-1", //unique name for the record "logical-cloud-name" : "logical-cloud-1", "namespace" : "ns-1", // one namespace per logical cloud "description": "logical cloud for walmart finance department", //description for the logical cloud "user" : { "user-name" : "user-1", //name of user for this cloud "type" : "certificate", //type of authentication credentials used by user (certificate, Token, UNPW) "user-key" : "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA+mQXMRYV4H6/YhLQHTQ7brwP9AhRgU87HweU9TJ7+iJsFfAh\nOGWkURUPriF5dZYRqO451HyizZ5gWGFgvPhRexiBv1OB7FbVa6PSHkn5UhqmONFo\nGG4bqsEe7vr8ZU/cJIaUIGu9IdQ4ww3JyUQ9dB2O8YdnGELeWcmcc9VdHh/J/dg5\n1noP4lFTMZoHNIrFZ0MtvMQrz+SE6Xd1nDK0BaRjllzqta0lqkdweEYUwtQUKq6m\n6XcC8latnnICNimb9h7jHo0MS+sQVFAwgAzu2Z4ryt9lRAC8qmBPDPpRRcutyJAF\n2Lv4UMHI41evHh8q37BCPZn8SXZ3mVlVRkkWRQIDAQABAoIBAQCNxWxIM7wRT1Kn\nggVp87APA9Z4ktkrQSQ1boKNzpbZyvGt/jehChPegPFO4880n9LB9pix0hwQFjNw\n9znh5SulafvUy8CNg6D1gF0xHytWrJYfJ5or8vQhW5VbNKsB5hS8baKjNL1y0QmO\nj1kIZ2XwP+g2ozbhSsNAzWGTSGSf77sljH1UfR8rU1DloSTGOcDv+PHfFtZ/ICbC\n/jwHW9Gzej7ZRVfX7W5bLQjPlHq4p0pD02L26byaYLZEC/KA6ZX/ZtAbR8ZsUAw4\ngCTkIKgwzPMooyxbp7bjwMl7BebhLmFkZL9FlDLOT6ldh07CWKsMgYNxklgOQqMq\n+wHb2shBAoGBAP7xgqNOZPtQ5a2Lt+OuVj/mFGgbwHxhx2oKimc+xkwUvPN4GW5x\nHbbS3XoZc7UgxAyGmikNly+ZzrOCyDKeR6M/wkGxAn8/DlNZ7IPM+8X0IHCNmZc7\nGbR16Yzj/dclDxwD9j29RId6U33IveH64PsdYHMZvOHhDX7/QnPLXMfxAoGBAPtt\nwBFI+XBEG3j9yGcf6twvZXDDt9yQPQi/CDeaVeMrGOM0B04QRWe0KFGcpfhASJFE\nhJgrYxFmuFylzomHQW0gKKg6yUyUKyCjBK/ZthWTgLnQaVy05Ks5bS5Z3N+hvtlY\nqJNLHxN9trpVrAiGwCyXWRauipLIpVdMvmxfAyeVAoGBAPRstjQ96AEvWVUe/IoU\nzmpq+6uo184orNjVDEbaX6H3zASdY7yIRNXQqzjyCAZjSLM9pbWwav/fNdbTj39A\nUyyH54W14NAAs4pkT6c5szXhzew7RkNBDW8AEY/b0rYfuLHCdqZQvNArDrss6Cgt\nsN/xFVSlG3twmtDXBXBEG3jYYREWO89REwkjleOPLmnjleOPLmnFZaqlLrB+1K4u\n1niUx6K77SGlEnqNV1caqfzl7tkKPfdnL7NCQPWZS9VRok/S/GiSoislNnpNXOmQ\nNCVgp3gLCw+k0R/2WgnZLpGCAmaaLkmjwm9nXsOcZaHnti9x3pGb5CCwvFfECOLz\nF6NaMBUCgYBvvQ0/eLqlHj1YXBEG3jYYREWO89REwkjleOPLmn1fQsa4vZBXN8yN\nZBHj6mPaIm9s+Ca/a1kfAo/Kv5aqaNN5A0GmHOaUNZaYnJ46aH/Qieoa5ICs02J/\n/jHwoXzvehtr3b8ncDXq9PS+4eDfHwJjIDbmQ0FRcH4wmZLg45zlwg==\n-----END RSA PRIVATE KEY-----\n", "user-csr" : "-----BEGIN CERTIFICATE REQUEST-----\nMIICajCCAVICAQAwJTERMA8GA1UEAwwIZW1wbG95ZWUxEDAOBgNVBAoMB2JpdG5h\nbWkwggEiMXBEG3jYYREWO89REwkjleOPLmnAwggEKAoIBAQD6ZBcxFhXgr9iEtAd\nNDtuvA/0CFGBTzsfB5T1Mnv6ImwV8CE4ZaRRFQ+uIXl1lhGo7jnUfKLNnmBYYWC8\n+FF7GIG/U4HsVteeeeeeflSGqY40WgYbhruqwR7u+vxlT9wkhpQga70h1DjDDcnJ\nRD10HY7xh2cYQt5ZyZxz1V0123jldoewjg/iUVMxmgc0isVnQy28xCvP5ITpd3Wc\nMrQFpGOWXOq1rSWqR3B4RhTC1BQqrqbpdwLyVq2ecgI2KZv2HuMejQxL6xBUUDCA\nDO7ZnivK32VEALyqYE8M+lFFy63IkAXYu/hQwcjjV68eHyrfsEI9mfxJdneZWVVG\nSRZFAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAyuTVpshvkTo9bQkhMHFaPSdU\neqNM8NF/SZAdM/nWE5Q9wIeQLxu7FFP1UGz+b/bmxGp/o4bfrjC/4yjUWA4zUAfP\nBf7kUvJFSCdcTClyD5u9oL0ZGDc3ZZM3BgFT2PjXdr8cufkh3OjY6IVExA365NFP\nVyk7Bo13FhORHgVZUinK7s2COylidSOEMnwg71Rxf1S2UMm8sV4duWdVqep6ic31\nK8ghF27F5XBEG3jYYREWO89REwkjleOPLmnaN+n2I4nSD0JkD3w1v6XUQqXSV9WC\n3cNAmRWv0JJVRXvXk5x5Etr0oza2BDPrrZzKw94dsjsu5fWvWeeqtovWzUboiw==\n-----END CERTIFICATE REQUEST-----\n", "cloud-ca-key" : "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA+mQXMRYV4H6/YhLQHTQ7brwP9AhRgU87HweU9TJ7+iJsFfAh\nOGWkURUPriF5dZYRqO451HyizZ5gWGFgvPhRexiBv1OB7FbVa6PSHkn5UhqmONFo\nGG4bqsEe7vr8ZU/cJIaUIGu9IdQ4ww3JyUQ9dB2O8YdnGELeWcmcc9VdHh/J/dg5\n1noP4lFTMZoXBEG3jYYREWO89REwkjleOPLmnllzqta0lqkdwXBEG3jYYREWO89R\n6XcC8latnnICNimb9h7jHo0MS+sQVFAwgAzu2Z4ryt9lRAC8qmBPDPpRRcutyJAF\n2Lv4UMHI41evHh8XBEG3jYYREWO89REwkjleOPLmnQABAoIBAQCNxWxIM7wRT1Kn\nggVp87APA9Z4ktkrQSQ1boKNzpbZyvGt/jehChPegPFO4880n9LB9pix0hwQFjNw\n9znh5SulafvUy8CNg6D1gF0xHytWrJYfJ5or8vQhW5VbNKsB5hS8baKjNL1y0QmO\nj1kIZ2XwP+g2ozbhSsNAzWGTSGSf77sljH1UfR8rU1DloSTGOcDv+PHfFtZ/ICbC\n/jwHW9Gzej7ZRVfX7W5bLQjPlHq4p0pD02L26byaYLZEC/KA6ZX/ZtAbR8ZsUAw4\ngCTkIKgwzPMooyXBEG3jYYREWO89REwkjleOPLmnFlDLOT6ldKsMgYNxklgOQqMq\n+wHb2shBAoGBAP7xgqNOZPtQ5a2Lt+OuVj/mFGgbwHxhx2oKimc+xkwUvPN4GW5x\nHbbS3XoZc7UgxAyGmikNly+ZzrOCyDKeR6M/wkGxAn8/DlNZ7IPM+8X0IHCNmZc7\nGbR16Yzj/dclDxwD9j29RId6U33IveH64PsdYHMZvOHhDX7/QnPLXMfxAoGBAPtt\nwBFI+XBEG3jYYREWO89REwkjleOPLmn/CDeaVeMrGOM0B04QRWe0KFGcpfhASJFE\nhJgrYxFmuFylzomHQW0gKKg6yUyUKyCjBK/ZthWTgLnQaVy05Ks5bS5Z3N+hvtlY\nqJNLHxN9trpVrAiGwCyXWRauipLIpVdMvmxfAyeVAoGBAPRstjQ96AEvWVUe/IoU\nzmpq+6uo1XBEG3jYYREWO89REwkjleOPLmnRNXQqzjyCAZjSLM9pbW/fNdbTj39A\nUyyH54W14NAAs4pkT6c5szXhzew7RkNBDW8AEY/b0rYfuLHCdqZQvNArDrss6Cgt\nsN/xFVSlG3twmtDkiGCeW/DxAoGAVhAWO5RwFZaqlLrB+1K4kNAEeBn2eKBC1BiX\n1niUx6K77SGlEnqNV1caqXBEG3jYYREWO89REwkjleOPLmn/S/GiSislNnpNXOmQ\nNCVgp3gLCw+k0R/2WgnZLpGCAmaaLkmjwm9nXsOcZaHnti9x3pGb5CCwvFfECOLz\nF6NaMBUCgYBvvQ0/eLqlHj1Yj5GvetLJmMtc25fsyP4xily1fQsa4vZBqTNXN8yN\nZBHj6mPaIm9s+Ca/a1kfAo/Kv5aqaNN5A0GmHOaUNZaYnJ46aH/Qieoa5ICs02J/\n/jHwoXzvehtr3b8ncDXq9PS+4eDfHwJjIDbmQ0FRcH4wmZLg45zlwg==\n-----END RSA PRIVATE KEY-----\n", "cloud-ca-crt" : "-----BEGIN CERTIFICATE-----\nYYECyDCCAbCgAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5lAf8UUUUwjeiikoRtEWVFgQADggEBAHFByNTQyMloXDTMwMDExMzIyNTQyMlo\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMvy\nZR2kGgm58rmEF1gAf8UUUUwjeiikoRtEWVFgQADggEBAHFBGrjw1f8dpZkMI7TXn\nvVCbaJnPpFoVsH211LEV1kZjCdYjH+Bp8UCZtZNfrakZ5MOuEn41yil4qU1qFpXr\nuuIVFWKI74o7XJ+9WeT6fu0RtF4c+Zz+r3mf7aagzopxJ5O727MtZCyo2GicIw82\nMnJe+lpg47Du3p+Bs9VxpCMV8TLPCYaqUFGefuSnsLzB9aGPbZ2/dZS+BYzTbuub\ngJsnlJwZ6gZ+VBJXkqpSxfbSXQ7WeKGPd2JmbM8Lqmwe1pKH2sgTK4rpn3wJw95S\nysMKejyi/SrfVr/YvdMCAwEAAaMjMCEwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8UUUUwjeiikoRtEWVFgQADggEBAHFBwUBkDNz05wpiUVHZzWwgBVY8\nLTHWdYaIbi6sx+oEwuoIPWQw098/0OJVfsMW5wvzWSXM9wo3Gim2V16pl7A7etd/\n79fbOAZM8tmAG1YkhYIn7474ohNFV8Kv1jcvHQ+HDFYE4Gu0WQxAAOlFhvICJsUC\ndk7nfDJLE20kQ43VH2w7RH7rQUqEMVxUSeSMgbwLDBk9maP6o7F7lOFjBrbnhZVX\n407Svvi1Q3Lzx+nnIactbvFZPaAf8UUUUwjeiikoRtEWVFgQADggEBAHFBK13upx\nf+qHHV/0uUWf3obiICSOOjR1yVpwywHTW+Lxr3PYqt9oCSEq+b+OP16IUyk=\n-----END CERTIFICATE-----\n", "permissions" : [ { "permission-name" : "permission-1", "apiGroups" : ["stable.example.com"], "resources" : ["secrets", "pods"], "verbs" : ["get", "watch", "list", "create"] }, { "permission-name" : "permission-2", "apiGroups" : [""], "resources" : ["configmaps"], "verbs" : ["*"] } ] } } Return Status: 201 Return Body: { "name" : "logical-cloud-1", "logical-cloud-name" : "logical-cloud-1", "namespace" : "ns-1", "user-name" : "user-1" }
Kubeconfig will be generated for the logical cloud
2. Get Logical Cloud kubeconfig
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kubeconfig?cluster-reference=cluster-1 GET Return Status: 201 Return Body : { "apiVersion": "v1", "clusters": [ { "cluster": { "certificate-authority-data": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJd01ERXhOakl5TlRReU1sb1hEVE13TURFeE16SXlOVFF5TWxvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXZ5ClpSMmtHZ201OHJtRUYxZ0VVNDlwR281TjR5WlZzbUtsemJxeitHcmp3MWY4ZHBaa01JN1RYbm1xaXdjbmpiZksKdlZDYmFKblBwRm9Wc0gyMTFMRVYxa1pqQ2RZakgrQnA4VUNadFpOZnJha1o1TU91RW40MXlpbDRxVTFxRnBYcgpvMnAvTTJNSTc0bzdYSis5V2VUNmZ1MFJ0RjRjK1p6K3IzbWY3YWFnem9weEo1TzcyN010WkN5bzJHaWNJdzgyCk1uSmUrbHBnNDdEdTNwK0JzOVZ4cENNVjhUTFBDWWFxVUZHZWZ1U25zTHpCOWFHUGJaMi9kWlMrQll6VGJ1dWIKZ0pzbmxKd1o2Z1orVkJKWGtxcFN4ZmJTWFE3V2VLR1BkMkptYk04THFtd2UxcEtIMnNnVEs0cnBuM3dKdzk1Uwp5c01LZWp5aS9TcmZWci9ZdmRNQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFIRkJ3VUJrRE56MDV3cGlVVkhaeld3Z0JWWTgKTFRIV2RZYUliaTZzeCthTUhIOFF3cERhSUIvME9KUlZmc01XNXd2eldTWE05d28zR2ltMlYxNnBsN0E3ZXRkLwo3OWZiT0FaTTh0bUFHMVlraFlJbjc0NzRvaE5GZjhLdjFqY3ZIUStIREZZRTRHdTBXUXhBQU9sRmh2SUNKc1VDCmRrN25mREpMRTIwa1E0M1ZIMnc3Ukg3clFVcUVNVnhVU2VTTWdid0xEQms5bWFQNm83RjdsT0ZqQnJibmhaVlgKNDA3U3Z2aTFRM0x6eCtubklhY3RidkZaUGFDRlpPMlkvS0dpcFpYM3o0R3hiR0sxM3VweExuSllHZEI4eFBrRApmK3FISFYvMHVVV2Yzb2JpSUNTT09qUjF5VnB3eXdIVFcrTHhyM1BZcXQ5b0NTRXErYitPUDE2SVV5az0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=", "server": "https://1.2.3.4:6443" }, "name": "kubernetes" } ], "contexts": [ { "context": { "cluster": "cluster-1", "user": "user-1" }, "name": "user-1-context" } ], "current-context": "user-1-context", "kind": "Config", "users": [ { "name": "user-1", "user": { "client-certificate-data" : "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM4akNDQWRxZ0F3SUJBZ0lJZVovY05tQVE5NGd3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TURBeE1UWXlNalUwTWpKYUZ3MHlNVEF4TVRVeU1qVTBNamhhTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQW0zblA0eTdURjNrZldaZFoKaFdaV2RTSWZlNlpkbTdWK1BpcER6UWFHMTVuU0ZNSVRSeFVyYkhHdWlzakZQRlAzbUIyT09yN3BSQjJab3VDegppOFlYS21iYjJ6K2tjeWZxT1drcHhmTzlHQlV6SlYxL1BoUGU2dGRaSEp3c3FtNlhYZ2xkcTEvNjBSTWNwUVUxCi9LOXNZNHhWQ1djSkN4SEkvTnp4VDY0TU5zQlF3VldONXZWTTJOUDJtZDFOa2x2S3J2bnFRUERXTGxVWEx2THIKK2NESk50VytxcFc4dzVreXF5YWp1ZHQ4ZGw0dzZSY3FnL3VnbXRVMHRnVEdxcFdSYm5yZlFMSzBsaGJKejVMTgpmK1pNTjRCYllxWGRBZ2hFMTNEeHhYd2tHUHdnL3h0aFhManBaQzhjeTNlV0hCenV2cWY1aWJ2S0hRQ20zRmFjCjhBTlVpUUlEQVFBQm95Y3dKVEFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFDV3BuY1RhTWowOWZDL25CQTF1NWhkbFQrQmdhc3NZSFVEeQplM2tQUXJlUXdseUhYTGtWdDdiSkIxT0l6Y1V3K2M5MVF6Mm9lRFBaNzZGNGlQMTd5RUgrUFZrMVVUSzBLRU9jCjM2cVpXTUdMK0ptZy9wTnFBNXRsNG1EUTVneFhHTENpa2JiYzRTM0oxL0FicmFVakRtM1FEOTd6UEhSUkZnN2oKN2VXMnB2V3ZEakRTWDZGejY0dEorRHB2NUpGZGRHNU5lQVErZ0hNOWFPVUdCVG1oZlYzZnl1NzkzV0cyUGlxMgpMMlZQU0YycU5DRG96Y3Z3am84VHkxbUpXSzIvTkVjN2ZMd24wbml3UTd3aXpMWHU0N1hvL3Frb2pBMUN6MW9YCkhid1JQMjZXdVNDTGpnNnpHVUh3VnBZWmV4Z3pkY05CRERQTnlPem94RTFwUVlXRXkrZz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=", "client-key-data" : "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBbTNuUDR5N1RGM2tmV1pkWmhXWldkU0lmZTZaZG03VitQaXBEelFhRzE1blNGTUlUClJ4VXJiSEd1aXNqRlBGUDNtQjJPT3I3cFJCMlpvdUN6aThZWEttYmIyeitrY3lmcU9Xa3B4Zk85R0JVekpWMS8KUGhQZTZ0ZFpISndzcW02WFhnbGRxMS82MFJNY3BRVTEvSzlzWTR4VkNXY0pDeEhJL056eFQ2NE1Oc0JRd1ZXTgo1dlZNMk5QMm1kMU5rbHZLcnZucVFQRFdMbFVYTHZMcitjREpOdFcrcXBXOHc1a3lxeWFqdWR0OGRsNHc2UmNxCmcvdWdtdFUwdGdUR3FwV1JibnJmUUxLMGxoYkp6NUxOZitaTU40QmJZcVhkQWdoRTEzRHh4WHdrR1B3Zy94dGgKWExqcFpDOGN5M2VXSEJ6dXZxZjVpYnZLSFFDbTNGYWM4QU5VaVFJREFRQUJBb0lCQURSeCs3RTd5MU1ndFhXSQpPMWRuZFFTZ0ZSU2x3dS9TWWhwZ01XeklwZFcyZW9vc0NVcXlGbXJIVWtSWWcwZmRYeWk5MTR0emVNWlVZYzN5CmxENHkvUDk5b080dFlyREJweDNrbm9XNnVXK1ZQeUo4am42SFAydmlacG5qQ0tJWkdoQkxnb0JicVFTN3VLN2wKdWhkWnFXdFBIQ1JHMEdNZWhiamVZcndwRHMrc3V5Y0tUNlh2OGR0am9PRGlSenpodTBBWjErSDBMbC9MaUp5NgpubUF1M3IzUDN2dGt1ZndoOXB2SjA2TjhHVWhRZFlvVENBMHQ4c0lEN0Q0ZUZGcXdjM2FVTmlyVGdtcllmcVFkCnJQMnRUMkYxbEE5bEJ1bUJmNDBCUFMrejR0MS92Tk5XSEtseFFzaDRkTnNJczlFbHB1YkVTMlovbmJkUHpEOXUKUHlmWmNCMENnWUVBemZEZ21TVVZ2REpJMEZWWnNENWszNWxRWFpmQ3ZLZWpaaU5ScTZzaDlROUhBcTdaN3dESwo3RmNHSGZFQVhNZ1YyQ2VibUtkbFZ4aFJMQUVQb0todzNCbG94RlhiNC9ESytYdmV0ek4vUnQzQ0VGN29jZTFECko0eXVTS0pYR25RVW82NXV6RVBJMmVVdi81Njh5dEdDdXlNRmdIZDNTRHBxeUZqSjhlVXp3RGNDZ1lFQXdVU2kKVVpkMTEzVnFWeEpUQytSeTlsRzNIeGZFekhBbUdkMXNQNFdmYm9nZ3hjbmZrZk9ndU1ua0dzVVNnNGZjN3BKNworVDd2dFg2QVRXQkUzeUV1SHdMcytJd2VQT2RFeDNBZytSYnBKU25pTEc2WmUxdER0K2NtdTdObGZGRWRuR0l2CkUvTkt1c3FLdmduN3FzK216OHR5UmwxZ0pYMGdjT3J1TFVnbnNUOENnWUVBaGlUdUY3TnBXZ0lqSGRsS3A1dXMKMTEwbFZTR2lqb0pmMUFzVGlzL1pPYWh1NTlkL1M4aG5aZFUxdmRFYkhGU1VyZ3oydEZQdGxmTFlCT0xZREIxTQpEb0phbFBFY1gzaWNyaSs2bmZqa1lnUFhBaFRnTWoyTExicmNWNkd2UFNMNXdyaS9vVHhTRzJUSGhDa2c3cmZVCkFSUEo1S2xzd0ZhVThkV3NEVzN2N0xjQ2dZQlhlZGc2TStLcmpjSisvSlZJR2JPTEY3dFp3R2xiMnhyenRBdk4KeUk0NytqTlRNcWNWcVg3Q2hPYlEwd2dwTG5KcUxUVWR3RVhCRVN2RFdlSnlWOU5IU0F5NEJydWM5MVJqTExaUAo1L1hJMDJkQ2t5QzIrN3p2M1JqajlqUG1DOVRxTm1wMmpqVHh6TUQxZVJGRzQ4dnQyM2l5cm9yWkRRU0U5MkNzCmNDOC9Bd0tCZ1FDamRrVTNOcWFPZHUzMlpkWm5IK0cxY0NwbGtRK1VFZXNmTlcrWjdiWWtocng2Z2l6eCtjY0UKS3FhNTRxTmJkQVdLQXRzSU5lZ3pQU0toV0g0eXFnaWYrNmQ1aVVZUlFoUUhNVG0yTHpEQ2xGQ001N2FPdmQ3YQpNUEZxR3BNV2tqVmlnZjlwdHV3YW1qWkYwbm5MUVE5dWIzMlB3Zjk0Yzl4NFBEdkpmdTQrUHc9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=" } } ] }
3. PUT (Change logical cloud contents)
URL: /v2/projects/<project-name>/logical-clouds/<name> PUT BODY: { "logical-cloud-name" : "logical-cloud-1", "namespace" : "ns-1", // one namespace per logical cloud "description": "logical cloud for walmart finance department", //description for the logical cloud "user" : { "user-name" : "user-1", //name of user for this cloud "type" : "certificate", //type of authentication credentials used by user (certificate, Token, UNPW) "user-key" : "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA+mQXMRYV4H6/YhLQHTQ7brwP9AhRgU87HweU9TJ7+iJsFfAh\nOGWkURUPriF5dZYRqO451HyizZ5gWGFgvPhRexiBv1OB7FbVa6PSHkn5UhqmONFo\nGG4bqsEe7vr8ZU/cJIaUIGu9IdQ4ww3JyUQ9dB2O8YdnGELeWcmcc9VdHh/J/dg5\n1noP4lFTMZoHNIrFZ0MtvMQrz+SE6Xd1nDK0BaRjllzqta0lqkdweEYUwtQUKq6m\n6XcC8latnnICNimb9h7jHo0MS+sQVFAwgAzu2Z4ryt9lRAC8qmBPDPpRRcutyJAF\n2Lv4UMHI41evHh8q37BCPZn8SXZ3mVlVRkkWRQIDAQABAoIBAQCNxWxIM7wRT1Kn\nggVp87APA9Z4ktkrQSQ1boKNzpbZyvGt/jehChPegPFO4880n9LB9pix0hwQFjNw\n9znh5SulafvUy8CNg6D1gF0xHytWrJYfJ5or8vQhW5VbNKsB5hS8baKjNL1y0QmO\nj1kIZ2XwP+g2ozbhSsNAzWGTSGSf77sljH1UfR8rU1DloSTGOcDv+PHfFtZ/ICbC\n/jwHW9Gzej7ZRVfX7W5bLQjPlHq4p0pD02L26byaYLZEC/KA6ZX/ZtAbR8ZsUAw4\ngCTkIKgwzPMooyxbp7bjwMl7BebhLmFkZL9FlDLOT6ldh07CWKsMgYNxklgOQqMq\n+wHb2shBAoGBAP7xgqNOZPtQ5a2Lt+OuVj/mFGgbwHxhx2oKimc+xkwUvPN4GW5x\nHbbS3XoZc7UgxAyGmikNly+ZzrOCyDKeR6M/wkGxAn8/DlNZ7IPM+8X0IHCNmZc7\nGbR16Yzj/dclDxwD9j29RId6U33IveH64PsdYHMZvOHhDX7/QnPLXMfxAoGBAPtt\nwBFI+XBEG3j9yGcf6twvZXDDt9yQPQi/CDeaVeMrGOM0B04QRWe0KFGcpfhASJFE\nhJgrYxFmuFylzomHQW0gKKg6yUyUKyCjBK/ZthWTgLnQaVy05Ks5bS5Z3N+hvtlY\nqJNLHxN9trpVrAiGwCyXWRauipLIpVdMvmxfAyeVAoGBAPRstjQ96AEvWVUe/IoU\nzmpq+6uo184orNjVDEbaX6H3zASdY7yIRNXQqzjyCAZjSLM9pbWwav/fNdbTj39A\nUyyH54W14NAAs4pkT6c5szXhzew7RkNBDW8AEY/b0rYfuLHCdqZQvNArDrss6Cgt\nsN/xFVSlG3twmtDXBXBEG3jYYREWO89REwkjleOPLmnjleOPLmnFZaqlLrB+1K4u\n1niUx6K77SGlEnqNV1caqfzl7tkKPfdnL7NCQPWZS9VRok/S/GiSoislNnpNXOmQ\nNCVgp3gLCw+k0R/2WgnZLpGCAmaaLkmjwm9nXsOcZaHnti9x3pGb5CCwvFfECOLz\nF6NaMBUCgYBvvQ0/eLqlHj1YXBEG3jYYREWO89REwkjleOPLmn1fQsa4vZBXN8yN\nZBHj6mPaIm9s+Ca/a1kfAo/Kv5aqaNN5A0GmHOaUNZaYnJ46aH/Qieoa5ICs02J/\n/jHwoXzvehtr3b8ncDXq9PS+4eDfHwJjIDbmQ0FRcH4wmZLg45zlwg==\n-----END RSA PRIVATE KEY-----\n", "user-csr" : "-----BEGIN CERTIFICATE REQUEST-----\nMIICajCCAVICAQAwJTERMA8GA1UEAwwIZW1wbG95ZWUxEDAOBgNVBAoMB2JpdG5h\nbWkwggEiMXBEG3jYYREWO89REwkjleOPLmnAwggEKAoIBAQD6ZBcxFhXgr9iEtAd\nNDtuvA/0CFGBTzsfB5T1Mnv6ImwV8CE4ZaRRFQ+uIXl1lhGo7jnUfKLNnmBYYWC8\n+FF7GIG/U4HsVteeeeeeflSGqY40WgYbhruqwR7u+vxlT9wkhpQga70h1DjDDcnJ\nRD10HY7xh2cYQt5ZyZxz1V0123jldoewjg/iUVMxmgc0isVnQy28xCvP5ITpd3Wc\nMrQFpGOWXOq1rSWqR3B4RhTC1BQqrqbpdwLyVq2ecgI2KZv2HuMejQxL6xBUUDCA\nDO7ZnivK32VEALyqYE8M+lFFy63IkAXYu/hQwcjjV68eHyrfsEI9mfxJdneZWVVG\nSRZFAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAyuTVpshvkTo9bQkhMHFaPSdU\neqNM8NF/SZAdM/nWE5Q9wIeQLxu7FFP1UGz+b/bmxGp/o4bfrjC/4yjUWA4zUAfP\nBf7kUvJFSCdcTClyD5u9oL0ZGDc3ZZM3BgFT2PjXdr8cufkh3OjY6IVExA365NFP\nVyk7Bo13FhORHgVZUinK7s2COylidSOEMnwg71Rxf1S2UMm8sV4duWdVqep6ic31\nK8ghF27F5XBEG3jYYREWO89REwkjleOPLmnaN+n2I4nSD0JkD3w1v6XUQqXSV9WC\n3cNAmRWv0JJVRXvXk5x5Etr0oza2BDPrrZzKw94dsjsu5fWvWeeqtovWzUboiw==\n-----END CERTIFICATE REQUEST-----\n", "cloud-ca-key" : "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA+mQXMRYV4H6/YhLQHTQ7brwP9AhRgU87HweU9TJ7+iJsFfAh\nOGWkURUPriF5dZYRqO451HyizZ5gWGFgvPhRexiBv1OB7FbVa6PSHkn5UhqmONFo\nGG4bqsEe7vr8ZU/cJIaUIGu9IdQ4ww3JyUQ9dB2O8YdnGELeWcmcc9VdHh/J/dg5\n1noP4lFTMZoXBEG3jYYREWO89REwkjleOPLmnllzqta0lqkdwXBEG3jYYREWO89R\n6XcC8latnnICNimb9h7jHo0MS+sQVFAwgAzu2Z4ryt9lRAC8qmBPDPpRRcutyJAF\n2Lv4UMHI41evHh8XBEG3jYYREWO89REwkjleOPLmnQABAoIBAQCNxWxIM7wRT1Kn\nggVp87APA9Z4ktkrQSQ1boKNzpbZyvGt/jehChPegPFO4880n9LB9pix0hwQFjNw\n9znh5SulafvUy8CNg6D1gF0xHytWrJYfJ5or8vQhW5VbNKsB5hS8baKjNL1y0QmO\nj1kIZ2XwP+g2ozbhSsNAzWGTSGSf77sljH1UfR8rU1DloSTGOcDv+PHfFtZ/ICbC\n/jwHW9Gzej7ZRVfX7W5bLQjPlHq4p0pD02L26byaYLZEC/KA6ZX/ZtAbR8ZsUAw4\ngCTkIKgwzPMooyXBEG3jYYREWO89REwkjleOPLmnFlDLOT6ldKsMgYNxklgOQqMq\n+wHb2shBAoGBAP7xgqNOZPtQ5a2Lt+OuVj/mFGgbwHxhx2oKimc+xkwUvPN4GW5x\nHbbS3XoZc7UgxAyGmikNly+ZzrOCyDKeR6M/wkGxAn8/DlNZ7IPM+8X0IHCNmZc7\nGbR16Yzj/dclDxwD9j29RId6U33IveH64PsdYHMZvOHhDX7/QnPLXMfxAoGBAPtt\nwBFI+XBEG3jYYREWO89REwkjleOPLmn/CDeaVeMrGOM0B04QRWe0KFGcpfhASJFE\nhJgrYxFmuFylzomHQW0gKKg6yUyUKyCjBK/ZthWTgLnQaVy05Ks5bS5Z3N+hvtlY\nqJNLHxN9trpVrAiGwCyXWRauipLIpVdMvmxfAyeVAoGBAPRstjQ96AEvWVUe/IoU\nzmpq+6uo1XBEG3jYYREWO89REwkjleOPLmnRNXQqzjyCAZjSLM9pbW/fNdbTj39A\nUyyH54W14NAAs4pkT6c5szXhzew7RkNBDW8AEY/b0rYfuLHCdqZQvNArDrss6Cgt\nsN/xFVSlG3twmtDkiGCeW/DxAoGAVhAWO5RwFZaqlLrB+1K4kNAEeBn2eKBC1BiX\n1niUx6K77SGlEnqNV1caqXBEG3jYYREWO89REwkjleOPLmn/S/GiSislNnpNXOmQ\nNCVgp3gLCw+k0R/2WgnZLpGCAmaaLkmjwm9nXsOcZaHnti9x3pGb5CCwvFfECOLz\nF6NaMBUCgYBvvQ0/eLqlHj1Yj5GvetLJmMtc25fsyP4xily1fQsa4vZBqTNXN8yN\nZBHj6mPaIm9s+Ca/a1kfAo/Kv5aqaNN5A0GmHOaUNZaYnJ46aH/Qieoa5ICs02J/\n/jHwoXzvehtr3b8ncDXq9PS+4eDfHwJjIDbmQ0FRcH4wmZLg45zlwg==\n-----END RSA PRIVATE KEY-----\n", "cloud-ca-crt" : "-----BEGIN CERTIFICATE-----\nYYECyDCCAbCgAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5lAf8UUUUwjeiikoRtEWVFgQADggEBAHFByNTQyMloXDTMwMDExMzIyNTQyMlo\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMvy\nZR2kGgm58rmEF1gAf8UUUUwjeiikoRtEWVFgQADggEBAHFBGrjw1f8dpZkMI7TXn\nvVCbaJnPpFoVsH211LEV1kZjCdYjH+Bp8UCZtZNfrakZ5MOuEn41yil4qU1qFpXr\nuuIVFWKI74o7XJ+9WeT6fu0RtF4c+Zz+r3mf7aagzopxJ5O727MtZCyo2GicIw82\nMnJe+lpg47Du3p+Bs9VxpCMV8TLPCYaqUFGefuSnsLzB9aGPbZ2/dZS+BYzTbuub\ngJsnlJwZ6gZ+VBJXkqpSxfbSXQ7WeKGPd2JmbM8Lqmwe1pKH2sgTK4rpn3wJw95S\nysMKejyi/SrfVr/YvdMCAwEAAaMjMCEwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8UUUUwjeiikoRtEWVFgQADggEBAHFBwUBkDNz05wpiUVHZzWwgBVY8\nLTHWdYaIbi6sx+oEwuoIPWQw098/0OJVfsMW5wvzWSXM9wo3Gim2V16pl7A7etd/\n79fbOAZM8tmAG1YkhYIn7474ohNFV8Kv1jcvHQ+HDFYE4Gu0WQxAAOlFhvICJsUC\ndk7nfDJLE20kQ43VH2w7RH7rQUqEMVxUSeSMgbwLDBk9maP6o7F7lOFjBrbnhZVX\n407Svvi1Q3Lzx+nnIactbvFZPaAf8UUUUwjeiikoRtEWVFgQADggEBAHFBK13upx\nf+qHHV/0uUWf3obiICSOOjR1yVpwywHTW+Lxr3PYqt9oCSEq+b+OP16IUyk=\n-----END CERTIFICATE-----\n", "user-permissions" : [ { "permission-name" : "permission-1", "apiGroups" : ["stable.example.com"], "resources" : ["secrets", "pods"], "verbs" : ["get", "watch", "list", "create"] }, { "permission-name" : "permission-2", "apiGroups" : [""], "resources" : ["configmaps"], "verbs" : ["*"] } ] } } Return Status: 200 (OK) Return Body: { "name" : "logical-cloud-1", "logical-cloud-name" : "logical-cloud-1", "namespace" : "ns-1", "user" : "user-1" }
4. POST (Associate cluster with logical cloud )
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/cluster-references/ POST BODY: { "name": "cluster-reference-1", //cluster reference record "description" : "edge a cluster", //cluster description "cluster-name" : "cluster-1" //Name of the cluster } Return Status: 200 (OK) Return Body: { "name" : "cluster-reference-1", "cluster-name" : "cluster-1" }
5. GET Logical Cloud
GET URL: /v2/projects/<project-name>/logical-clouds/<name> RESPONSE BODY: { "logical-cloud-name" : "logical-cloud-1", "namespace" : "ns-1", // one namespace per logical cloud "description": "logical cloud for walmart finance department", //description for the logical cloud "user" : { "user-name" : "user-1", //name of user for this cloud "type" : "certificate", //type of authentication credentials used by user (certificate, Token, UNPW) "user-key" : "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA+mQXMRYV4H6/YhLQHTQ7brwP9AhRgU87HweU9TJ7+iJsFfAh\nOGWkURUPriF5dZYRqO451HyizZ5gWGFgvPhRexiBv1OB7FbVa6PSHkn5UhqmONFo\nGG4bqsEe7vr8ZU/cJIaUIGu9IdQ4ww3JyUQ9dB2O8YdnGELeWcmcc9VdHh/J/dg5\n1noP4lFTMZoHNIrFZ0MtvMQrz+SE6Xd1nDK0BaRjllzqta0lqkdweEYUwtQUKq6m\n6XcC8latnnICNimb9h7jHo0MS+sQVFAwgAzu2Z4ryt9lRAC8qmBPDPpRRcutyJAF\n2Lv4UMHI41evHh8q37BCPZn8SXZ3mVlVRkkWRQIDAQABAoIBAQCNxWxIM7wRT1Kn\nggVp87APA9Z4ktkrQSQ1boKNzpbZyvGt/jehChPegPFO4880n9LB9pix0hwQFjNw\n9znh5SulafvUy8CNg6D1gF0xHytWrJYfJ5or8vQhW5VbNKsB5hS8baKjNL1y0QmO\nj1kIZ2XwP+g2ozbhSsNAzWGTSGSf77sljH1UfR8rU1DloSTGOcDv+PHfFtZ/ICbC\n/jwHW9Gzej7ZRVfX7W5bLQjPlHq4p0pD02L26byaYLZEC/KA6ZX/ZtAbR8ZsUAw4\ngCTkIKgwzPMooyxbp7bjwMl7BebhLmFkZL9FlDLOT6ldh07CWKsMgYNxklgOQqMq\n+wHb2shBAoGBAP7xgqNOZPtQ5a2Lt+OuVj/mFGgbwHxhx2oKimc+xkwUvPN4GW5x\nHbbS3XoZc7UgxAyGmikNly+ZzrOCyDKeR6M/wkGxAn8/DlNZ7IPM+8X0IHCNmZc7\nGbR16Yzj/dclDxwD9j29RId6U33IveH64PsdYHMZvOHhDX7/QnPLXMfxAoGBAPtt\nwBFI+XBEG3j9yGcf6twvZXDDt9yQPQi/CDeaVeMrGOM0B04QRWe0KFGcpfhASJFE\nhJgrYxFmuFylzomHQW0gKKg6yUyUKyCjBK/ZthWTgLnQaVy05Ks5bS5Z3N+hvtlY\nqJNLHxN9trpVrAiGwCyXWRauipLIpVdMvmxfAyeVAoGBAPRstjQ96AEvWVUe/IoU\nzmpq+6uo184orNjVDEbaX6H3zASdY7yIRNXQqzjyCAZjSLM9pbWwav/fNdbTj39A\nUyyH54W14NAAs4pkT6c5szXhzew7RkNBDW8AEY/b0rYfuLHCdqZQvNArDrss6Cgt\nsN/xFVSlG3twmtDXBXBEG3jYYREWO89REwkjleOPLmnjleOPLmnFZaqlLrB+1K4u\n1niUx6K77SGlEnqNV1caqfzl7tkKPfdnL7NCQPWZS9VRok/S/GiSoislNnpNXOmQ\nNCVgp3gLCw+k0R/2WgnZLpGCAmaaLkmjwm9nXsOcZaHnti9x3pGb5CCwvFfECOLz\nF6NaMBUCgYBvvQ0/eLqlHj1YXBEG3jYYREWO89REwkjleOPLmn1fQsa4vZBXN8yN\nZBHj6mPaIm9s+Ca/a1kfAo/Kv5aqaNN5A0GmHOaUNZaYnJ46aH/Qieoa5ICs02J/\n/jHwoXzvehtr3b8ncDXq9PS+4eDfHwJjIDbmQ0FRcH4wmZLg45zlwg==\n-----END RSA PRIVATE KEY-----\n", "user-csr" : "-----BEGIN CERTIFICATE REQUEST-----\nMIICajCCAVICAQAwJTERMA8GA1UEAwwIZW1wbG95ZWUxEDAOBgNVBAoMB2JpdG5h\nbWkwggEiMXBEG3jYYREWO89REwkjleOPLmnAwggEKAoIBAQD6ZBcxFhXgr9iEtAd\nNDtuvA/0CFGBTzsfB5T1Mnv6ImwV8CE4ZaRRFQ+uIXl1lhGo7jnUfKLNnmBYYWC8\n+FF7GIG/U4HsVteeeeeeflSGqY40WgYbhruqwR7u+vxlT9wkhpQga70h1DjDDcnJ\nRD10HY7xh2cYQt5ZyZxz1V0123jldoewjg/iUVMxmgc0isVnQy28xCvP5ITpd3Wc\nMrQFpGOWXOq1rSWqR3B4RhTC1BQqrqbpdwLyVq2ecgI2KZv2HuMejQxL6xBUUDCA\nDO7ZnivK32VEALyqYE8M+lFFy63IkAXYu/hQwcjjV68eHyrfsEI9mfxJdneZWVVG\nSRZFAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAyuTVpshvkTo9bQkhMHFaPSdU\neqNM8NF/SZAdM/nWE5Q9wIeQLxu7FFP1UGz+b/bmxGp/o4bfrjC/4yjUWA4zUAfP\nBf7kUvJFSCdcTClyD5u9oL0ZGDc3ZZM3BgFT2PjXdr8cufkh3OjY6IVExA365NFP\nVyk7Bo13FhORHgVZUinK7s2COylidSOEMnwg71Rxf1S2UMm8sV4duWdVqep6ic31\nK8ghF27F5XBEG3jYYREWO89REwkjleOPLmnaN+n2I4nSD0JkD3w1v6XUQqXSV9WC\n3cNAmRWv0JJVRXvXk5x5Etr0oza2BDPrrZzKw94dsjsu5fWvWeeqtovWzUboiw==\n-----END CERTIFICATE REQUEST-----\n", "cloud-ca-key" : "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA+mQXMRYV4H6/YhLQHTQ7brwP9AhRgU87HweU9TJ7+iJsFfAh\nOGWkURUPriF5dZYRqO451HyizZ5gWGFgvPhRexiBv1OB7FbVa6PSHkn5UhqmONFo\nGG4bqsEe7vr8ZU/cJIaUIGu9IdQ4ww3JyUQ9dB2O8YdnGELeWcmcc9VdHh/J/dg5\n1noP4lFTMZoXBEG3jYYREWO89REwkjleOPLmnllzqta0lqkdwXBEG3jYYREWO89R\n6XcC8latnnICNimb9h7jHo0MS+sQVFAwgAzu2Z4ryt9lRAC8qmBPDPpRRcutyJAF\n2Lv4UMHI41evHh8XBEG3jYYREWO89REwkjleOPLmnQABAoIBAQCNxWxIM7wRT1Kn\nggVp87APA9Z4ktkrQSQ1boKNzpbZyvGt/jehChPegPFO4880n9LB9pix0hwQFjNw\n9znh5SulafvUy8CNg6D1gF0xHytWrJYfJ5or8vQhW5VbNKsB5hS8baKjNL1y0QmO\nj1kIZ2XwP+g2ozbhSsNAzWGTSGSf77sljH1UfR8rU1DloSTGOcDv+PHfFtZ/ICbC\n/jwHW9Gzej7ZRVfX7W5bLQjPlHq4p0pD02L26byaYLZEC/KA6ZX/ZtAbR8ZsUAw4\ngCTkIKgwzPMooyXBEG3jYYREWO89REwkjleOPLmnFlDLOT6ldKsMgYNxklgOQqMq\n+wHb2shBAoGBAP7xgqNOZPtQ5a2Lt+OuVj/mFGgbwHxhx2oKimc+xkwUvPN4GW5x\nHbbS3XoZc7UgxAyGmikNly+ZzrOCyDKeR6M/wkGxAn8/DlNZ7IPM+8X0IHCNmZc7\nGbR16Yzj/dclDxwD9j29RId6U33IveH64PsdYHMZvOHhDX7/QnPLXMfxAoGBAPtt\nwBFI+XBEG3jYYREWO89REwkjleOPLmn/CDeaVeMrGOM0B04QRWe0KFGcpfhASJFE\nhJgrYxFmuFylzomHQW0gKKg6yUyUKyCjBK/ZthWTgLnQaVy05Ks5bS5Z3N+hvtlY\nqJNLHxN9trpVrAiGwCyXWRauipLIpVdMvmxfAyeVAoGBAPRstjQ96AEvWVUe/IoU\nzmpq+6uo1XBEG3jYYREWO89REwkjleOPLmnRNXQqzjyCAZjSLM9pbW/fNdbTj39A\nUyyH54W14NAAs4pkT6c5szXhzew7RkNBDW8AEY/b0rYfuLHCdqZQvNArDrss6Cgt\nsN/xFVSlG3twmtDkiGCeW/DxAoGAVhAWO5RwFZaqlLrB+1K4kNAEeBn2eKBC1BiX\n1niUx6K77SGlEnqNV1caqXBEG3jYYREWO89REwkjleOPLmn/S/GiSislNnpNXOmQ\nNCVgp3gLCw+k0R/2WgnZLpGCAmaaLkmjwm9nXsOcZaHnti9x3pGb5CCwvFfECOLz\nF6NaMBUCgYBvvQ0/eLqlHj1Yj5GvetLJmMtc25fsyP4xily1fQsa4vZBqTNXN8yN\nZBHj6mPaIm9s+Ca/a1kfAo/Kv5aqaNN5A0GmHOaUNZaYnJ46aH/Qieoa5ICs02J/\n/jHwoXzvehtr3b8ncDXq9PS+4eDfHwJjIDbmQ0FRcH4wmZLg45zlwg==\n-----END RSA PRIVATE KEY-----\n", "cloud-ca-crt" : "-----BEGIN CERTIFICATE-----\nYYECyDCCAbCgAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5lAf8UUUUwjeiikoRtEWVFgQADggEBAHFByNTQyMloXDTMwMDExMzIyNTQyMlo\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMvy\nZR2kGgm58rmEF1gAf8UUUUwjeiikoRtEWVFgQADggEBAHFBGrjw1f8dpZkMI7TXn\nvVCbaJnPpFoVsH211LEV1kZjCdYjH+Bp8UCZtZNfrakZ5MOuEn41yil4qU1qFpXr\nuuIVFWKI74o7XJ+9WeT6fu0RtF4c+Zz+r3mf7aagzopxJ5O727MtZCyo2GicIw82\nMnJe+lpg47Du3p+Bs9VxpCMV8TLPCYaqUFGefuSnsLzB9aGPbZ2/dZS+BYzTbuub\ngJsnlJwZ6gZ+VBJXkqpSxfbSXQ7WeKGPd2JmbM8Lqmwe1pKH2sgTK4rpn3wJw95S\nysMKejyi/SrfVr/YvdMCAwEAAaMjMCEwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8UUUUwjeiikoRtEWVFgQADggEBAHFBwUBkDNz05wpiUVHZzWwgBVY8\nLTHWdYaIbi6sx+oEwuoIPWQw098/0OJVfsMW5wvzWSXM9wo3Gim2V16pl7A7etd/\n79fbOAZM8tmAG1YkhYIn7474ohNFV8Kv1jcvHQ+HDFYE4Gu0WQxAAOlFhvICJsUC\ndk7nfDJLE20kQ43VH2w7RH7rQUqEMVxUSeSMgbwLDBk9maP6o7F7lOFjBrbnhZVX\n407Svvi1Q3Lzx+nnIactbvFZPaAf8UUUUwjeiikoRtEWVFgQADggEBAHFBK13upx\nf+qHHV/0uUWf3obiICSOOjR1yVpwywHTW+Lxr3PYqt9oCSEq+b+OP16IUyk=\n-----END CERTIFICATE-----\n", "user-permissions" : [ { "permission-name" : "permission-1", "apiGroups" : ["stable.example.com"], "resources" : ["secrets", "pods"], "verbs" : ["get", "watch", "list", "create"] }, { "permission-name" : "permission-2", "apiGroups" : [""], "resources" : ["configmaps"], "verbs" : ["*"] } ] "clusters" : ["cluster-1", "cluster-2", "cluster-3] } }
6. DELETE Logical Cloud
DELETE URL: /v2/projects/<project-name>/logical-clouds/<name> RESPONSE STATUS: 204
7. Add user permissions
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/user-permissions POST BODY: { "name" : "permission-3", "apiGroups" : [""], "resources" : ["jobs"], "verbs" : ["list"] } Return Status: 200 (OK) Return Body: { "name" : "permission-3", "apiGroups" : [""], "resources" : ["jobs"], "verbs" : ["list"] }
8. GET User Permissions
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/user-permissions GET: Return Body: {"permissions" : [ { "name" : "permission-1", "apiGroups" : ["stable.example.com"], "resources" : ["secrets", "pods"], "verbs" : ["get", "watch", "list", "create"] }, { "name" : "permission-2", "apiGroups" : [""], "resources" : ["configmaps"], "verbs" : ["*"] }, { "name" : "permission-3", "apiGroups" : [""], "resources" : ["jobs"], "verbs" : ["list"] } ] }
9. PUT (Update User permissions)
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/user-permissions/permission-3 POST BODY: { "apiGroups" : [""], "resources" : ["pvc"], "verbs" : ["list"] } Return Status: 200 (OK) Return Body: { "name" : "permission-3", "apiGroups" : [""], "resources" : ["pvc"], "verbs" : ["list"] }
10. Delete Permissions
DELETE URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/user-permissions/<permission-name> RETURN STATUS: 204
11. Create logical cloud Quota
This allows resources to be tuned for the logical cloud
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/quotas POST BODY: { "cpu": "400", "memory": "1000Gi", "pods": "500" } RETURN STATUS: 201
12. GET logical cloud Quota
GET URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/quotas RETURN BODY: { "cpu": "400", "memory": "1000Gi", "pods": "500" }
13. Update Logical Cloud Quota
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/quotas PUT BODY: { "cpu": "400", "memory": "1000Gi", "pods": "500" } RETURN STATUS: 201
8. POST (Apply all the created configuration, this creates the K8s resources)
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/apply Return Status: 200 (OK) Return Body: { "logical-cloud-name" : "logical-cloud-1", "namespace" : "ns-1", // one namespace per logical cloud "description": "logical cloud for walmart finance department", //description for the logical cloud "user" : "user-1", }
9. GET (Check status of operation)
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name> GET BODY: GET Return Status: 201 Return Body : { "name" : "logical-cloud-1" "user" : "user-1", "status": "Creation in Progress " //Created, Creation Failed }
10. Add Key Value pair to logical cloud database
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kv-pairs POST BODY { "name" : "<name>", "description" : "<description>", "kv":[ { "key1":"val1" }, { "key2":"val2" } ] } RETURN STATUS: 201 RETURN BODY: { "name" : "<name>", "description" : "<description>", "kv":[ { "key1":"val1" }, { "key2":"val2" } ] }
11. PUT (Update kv pair)
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kv-pairs/<name> PUT BODY { "description" : "<description>", "kv":[ { "key1":"val3" }, { "key2":"val4" } ] } RETURN STATUS: 201 RETURN BODY: { "key1":"val10" }
12. GET KV pair
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kv-pairs/<name> RETURN STATUS: 200 RETURN BODY: { "name" : "<name>", "description" : "<description>", "kv":[ { "key1":"val1" }, { "key2":"val2" } ] }
13. DELETE KV pair
URL: /v2/projects/<project-name>/logical-clouds/<logical-cloud-name>/kv-pairs/<name> RETURN STATUS: 204