ves-io-schema-virtual_host-API-Replace

Examples of replacing virtual_host

Usecase:

Replace "productpage" virtual_host to now support mTLS Two changes that happens are

  • Trusted CA parameter
  • Flag to require client certificate is set

Request using vesctl:

vesctl configuration replace virtual_host -i virtual_host.yaml

where file virtualhost.yaml has following contents (virtualhost.ReplaceRequest):

metadata:
  labels:
    ves.io/app_type: bookinfo
  name: productpage
  namespace: documentation
spec:
  advertisePolicies:
  - kind: advertise_policy
    name: ppage-advertise
  domains:
  - www.bookinfo.com
  proxy: HTTPS_PROXY
  routes:
  - kind: route
    name: ppage-route
  tlsParameters:
    commonParams:
      cipherSuites: []
      tlsCertificates:
      - certificateUrl: string:///<Base64>
        privateKey:
          blindfoldSecretInfo:
            location: string:///<Base64>
      trustedCaUrl: string:///<Base64>
    requireClientCertificate: true

vesctl yaml response: None

Request using curl:

curl -X 'PUT' -d '{"metadata":{"name":"productpage","namespace":"documentation","labels":{"ves.io/app_type":"bookinfo"}},"spec":{"domains":["www.bookinfo.com"],"routes":[{"kind":"route","name":"ppage-route"}],"advertisePolicies":[{"kind":"advertise_policy","name":"ppage-advertise"}],"tlsParameters":{"commonParams":{"cipherSuites":[],"tlsCertificates":[{"certificateUrl":"string:///\u003cBase64\u003e","privateKey":{"blindfoldSecretInfo":{"location":"string:///\u003cBase64\u003e"}}}],"trustedCaUrl":"string:///\u003cBase64\u003e"},"requireClientCertificate":true},"proxy":"HTTPS_PROXY"}}' -H 'X-Volterra-Useragent: v1/pgm=_tmp_go-build013258245_b001_apidocs.test/host=docker-desktop' 'https://acmecorp.console.ves.volterra.io/api/config/namespaces/documentation/virtual_hosts/productpage'

curl response:

HTTP/1.1 200 OK
Content-Length: 4
Content-Type: application/json
Date: Wed, 16 Sep 2020 10:51:07 GMT
Vary: Accept-Encoding

{

}