ves-io-schema-fast_acl-API-Create

Examples of creating fast_acl

Usecase:

Create acmecorp-fast-acl to allow access to all VIPs in site from white list

Request using vesctl:

vesctl configuration create fast_acl -i fast_acl.yaml

where file fastacl.yaml has following contents (fastacl.CreateRequest):

metadata:
  name: acmecorp-fast-acl
  namespace: system
spec:
  legacyAcl:
    destinationType:
      vipServices: {}
    networkType:
      siteLocal: {}
    sourceRules:
    - name: fast-acl-rule-white-list
      namespace: system
      tenant: acmecorp

vesctl yaml response:

metadata:
  annotations: {}
  labels: {}
  name: acmecorp-fast-acl
  namespace: system
spec: {}
systemMetadata:
  creationTimestamp: "2021-08-25T09:02:59.586244537Z"
  creatorClass: examplesvc
  creatorId: examplesvc
  finalizers: []
  tenant: acmecorp
  uid: 31e58559-a9cf-447f-8758-151ae64d4857

Request using curl:

curl -X 'POST' -d '{"metadata":{"name":"acmecorp-fast-acl","namespace":"system"},"spec":{"legacyAcl":{"networkType":{"siteLocal":{}},"destinationType":{"vipServices":{}},"sourceRules":[{"tenant":"acmecorp","namespace":"system","name":"fast-acl-rule-white-list"}]}}}' -H 'Content-Type: application/json' -H 'X-Volterra-Useragent: v1/pgm=_tmp_go-build970361017_b001_apidocs.test/host=docker-desktop' 'https://acmecorp.console.ves.volterra.io/api/config/namespaces/system/fast_acls'

curl response:

HTTP/1.1 200 OK
Content-Length: 623
Content-Type: application/json
Date: Wed, 25 Aug 2021 09:02:59 GMT
Vary: Accept-Encoding

{
  "metadata": {
    "name": "acmecorp-fast-acl",
    "namespace": "system",
    "labels": {
    },
    "annotations": {
    },
    "description": "",
    "disable": false
  },
  "system_metadata": {
    "uid": "31e58559-a9cf-447f-8758-151ae64d4857",
    "creation_timestamp": "2021-08-25T09:02:59.586244537Z",
    "deletion_timestamp": null,
    "modification_timestamp": null,
    "initializers": null,
    "finalizers": [
    ],
    "tenant": "acmecorp",
    "creator_class": "examplesvc",
    "creator_id": "examplesvc",
    "object_index": 0,
    "owner_view": null
  },
  "spec": {
    "protocol_policer": null
  }
}

Usecase:

Create fast-acl-1234vip to protect single destination IP

Request using vesctl:

vesctl configuration create fast_acl -i fast_acl.yaml

where file fastacl.yaml has following contents (fastacl.CreateRequest):

metadata:
  name: fast-acl-1234vip
  namespace: system
spec:
  legacyAcl:
    destinationType:
      vipServices: {}
    networkType:
      siteLocal: {}
    sourceRules:
    - name: fast-acl-1234vip-rule1
      namespace: system
      tenant: acmecorp
    - name: fast-acl-1234vip-rule2
      namespace: system
      tenant: acmecorp

vesctl yaml response:

metadata:
  annotations: {}
  labels: {}
  name: fast-acl-1234vip
  namespace: system
spec: {}
systemMetadata:
  creationTimestamp: "2021-08-25T09:02:59.589704640Z"
  creatorClass: examplesvc
  creatorId: examplesvc
  finalizers: []
  tenant: acmecorp
  uid: d5643377-f347-4901-94c3-a07dd83e506f

Request using curl:

curl -X 'POST' -d '{"metadata":{"name":"fast-acl-1234vip","namespace":"system"},"spec":{"legacyAcl":{"networkType":{"siteLocal":{}},"destinationType":{"vipServices":{}},"sourceRules":[{"tenant":"acmecorp","namespace":"system","name":"fast-acl-1234vip-rule1"},{"tenant":"acmecorp","namespace":"system","name":"fast-acl-1234vip-rule2"}]}}}' -H 'Content-Type: application/json' -H 'X-Volterra-Useragent: v1/pgm=_tmp_go-build970361017_b001_apidocs.test/host=docker-desktop' 'https://acmecorp.console.ves.volterra.io/api/config/namespaces/system/fast_acls'

curl response:

HTTP/1.1 200 OK
Content-Length: 622
Content-Type: application/json
Date: Wed, 25 Aug 2021 09:02:59 GMT
Vary: Accept-Encoding

{
  "metadata": {
    "name": "fast-acl-1234vip",
    "namespace": "system",
    "labels": {
    },
    "annotations": {
    },
    "description": "",
    "disable": false
  },
  "system_metadata": {
    "uid": "d5643377-f347-4901-94c3-a07dd83e506f",
    "creation_timestamp": "2021-08-25T09:02:59.589704640Z",
    "deletion_timestamp": null,
    "modification_timestamp": null,
    "initializers": null,
    "finalizers": [
    ],
    "tenant": "acmecorp",
    "creator_class": "examplesvc",
    "creator_id": "examplesvc",
    "object_index": 0,
    "owner_view": null
  },
  "spec": {
    "protocol_policer": null
  }
}