README.md 25.7 KB
Newer Older
Rajashekar Reddy's avatar
Rajashekar Reddy committed
1
2
# Overview

3
The `vesctl` tool is a configuration command line utility that allows users to create, debug and diagnose Volterra Services configuration. It is modelled after Volterra API. All Volterra commands are available via `vesctl`.
Rajashekar Reddy's avatar
Rajashekar Reddy committed
4
5
6

## Prerequisites

7
* Volterra account [signup](https://console.ves.volterra.io/signup/account)
8
* vesctl binary [binary](https://gitlab.com/volterra.io/vesctl/blob/main/README.md#installing-vesctl-binary)
9
* [Volterra API credentials](https://gitlab.com/volterra.io/vesctl#obtaining-api-credentials-from-volterra-console)
Rajashekar Reddy's avatar
Rajashekar Reddy committed
10

Harshad Nakil's avatar
Harshad Nakil committed
11
12
## Installing vesctl binary

13
Download the latest Mac OS or Linux `vesctl` binary from
Rajashekar Reddy's avatar
Rajashekar Reddy committed
14
* https://gitlab.com/volterra.io/vesctl/-/releases
Harshad Nakil's avatar
Harshad Nakil committed
15

Jakub Pavlik's avatar
Jakub Pavlik committed
16
17
18
19
* For MacOS
`curl -LO "https://vesio.azureedge.net/releases/vesctl/$(curl -s https://downloads.volterra.io/releases/vesctl/latest.txt)/vesctl.darwin-amd64.gz"`
* For linux `curl -LO "https://vesio.azureedge.net/releases/vesctl/$(curl -s https://downloads.volterra.io/releases/vesctl/latest.txt)/vesctl.linux-amd64.gz"`

20
By proceeding with the installation, download and/or access and use, as applicable, of the Volterra software, and/or Volterra platform, you acknowledge that you have read, understand, and agree to be bound by this [agreement](https://f5.com/pdf/customer-support/eusa.pdf).
Harshad Nakil's avatar
Harshad Nakil committed
21

Jakub Pavlik's avatar
Jakub Pavlik committed
22
23
Note: In case of MacOS, ensure that you allow vesctl app from security settings.

Harshad Nakil's avatar
Harshad Nakil committed
24
25
26
## Running vesctl

```
Rajashekar Reddy's avatar
Rajashekar Reddy committed
27
$ vesctl --help
Harshad Nakil's avatar
Harshad Nakil committed
28
29
30
31
32
33
A command line utility to interact with ves service.

Usage:
  vesctl [command]

Available Commands:
Rajashekar Reddy's avatar
Rajashekar Reddy committed
34
  completion    Generate completion script
Harshad Nakil's avatar
Harshad Nakil committed
35
36
37
  configuration Configure object
  help          Help about any command
  request       Execute Commands
Rajashekar Reddy's avatar
Rajashekar Reddy committed
38
  site          Manage site creation through view.aws_vpc apis
Harshad Nakil's avatar
Harshad Nakil committed
39
40
41
42
43
  version       Print build version

Flags:
  -a, --cacert string         Server CA cert file path
  -c, --cert string           Client cert file path
Rajashekar Reddy's avatar
Rajashekar Reddy committed
44
      --config string         A configuration file to use for API gateway URL and credentials (default "/Users/rajreddy/.vesconfig")
Harshad Nakil's avatar
Harshad Nakil committed
45
46
47
48
49
50
51
52
  -h, --help                  help for vesctl
  -k, --key string            Client key file path
      --outfmt string         Output format for command
  -o, --output string         Output dir for command (default "./")
      --p12-bundle string     Client P12 bundle (key+cert) file path. Any password for this file should be in environment variable VES_P12_PASSWORD
  -u, --server-urls strings   API endpoint URL (default [http://localhost:8001])
      --show-curl             Emit requests from program in CURL format
      --timeout int           Timeout (in seconds) for command to finish (default 5)
Rajashekar Reddy's avatar
Rajashekar Reddy committed
53

Harshad Nakil's avatar
Harshad Nakil committed
54
55
Use "vesctl [command] --help" for more information about a command.
```
Rajashekar Reddy's avatar
Rajashekar Reddy committed
56

57
Before you can start using `vesctl`, you need proper credentials. One of the methods to give credentials is a config file. This file can be given on command line as an option or can be present in users home directory.
Rajashekar Reddy's avatar
Rajashekar Reddy committed
58

Harshad Nakil's avatar
Harshad Nakil committed
59
60
61
```
$HOME/.vesconfig
```
Rajashekar Reddy's avatar
Rajashekar Reddy committed
62

63
64
There are two pertinent options in config file:

65
* `server-urls` URL where the user would access Volterra console. For individual user it will be `https://console.ves.volterra.io/api`. For enterprise user it will be `https://acmecorp.console.ves.volterra.io/api`.
66
67
* `p12-bundle` Is the P12 API credentials downloaded from volterra console e.g. acmecorp.console.ves.volterra.io.api-creds.p12

Harshad Nakil's avatar
Harshad Nakil committed
68
```
69
$ cat /Users/user1/.vesconfig
Jakub Pavlik's avatar
Jakub Pavlik committed
70
server-urls: https://acmecorp.console.ves.volterra.io/api
Madhukar's avatar
Madhukar committed
71
p12-bundle: /Users/user1/acmecorp.console.ves.volterra.io.volterra.us/api
Rajashekar Reddy's avatar
Rajashekar Reddy committed
72

Harshad Nakil's avatar
Harshad Nakil committed
73
```
74

Harshad Nakil's avatar
Harshad Nakil committed
75
## Obtaining API Credentials from Volterra Console
Rajashekar Reddy's avatar
Rajashekar Reddy committed
76

77
P12 file can be downloaded from Volterra console. 
78

79
80
81
82
83
* Log in to Volterra console
* Go to **General** namespace
* Under **Personal Management**
* Select **My Credentails**
* Create credentials with type `API certificate`
84

85
Create form will ask for password for the P12 certificate. This password is required whenever P12 files is used so don't forget this passworod. Download P12 file to your computed or let browser download it to default directory.
Rajashekar Reddy's avatar
Rajashekar Reddy committed
86
87

```
Harshad Nakil's avatar
Harshad Nakil committed
88
89
$ ls ~/Downloads/*.p12*
/Users/user1/Downloads/acmecorp.console.ves.volterra.io.api-creds.p12
Rajashekar Reddy's avatar
Rajashekar Reddy committed
90
```
91

92
This downloaded P12 file can be used to access Volterra using `vesctl`. However when `vesctl` binary needs use the P12 file it will need the password to access certificate and private key inside P12. This password can be set in environment variable.
Rajashekar Reddy's avatar
Rajashekar Reddy committed
93
94

```
95
$ export VES_P12_PASSWORD=myp12password
Harshad Nakil's avatar
Harshad Nakil committed
96
97
98
```

Alternatively, you can extract the certificate and private key out of the P12 file:
99
```
100
$ openssl pkcs12 -in ~/acmecorp.console.ves.volterra.io.api-creds.p12 -nodes -nokeys -out $HOME/vescred.cert
101
102
Enter Import Password:
MAC verified OK
103
$ openssl pkcs12 -in ~/acmecorp.console.ves.volterra.io.api-creds.p12 -nodes -nocerts -out $HOME/vesprivate.key
104
105
Enter Import Password:
MAC verified OK
Rajashekar Reddy's avatar
Rajashekar Reddy committed
106
```
107

108
You can add certificate and private key file path to config file `$HOME/.vesconfig`
109

Harshad Nakil's avatar
Harshad Nakil committed
110
111
112
113
114
115
116
```
$ cat $HOME/.vesconfig
server-urls: https://acmecorp.console.ves.volterra.io/api
key: /Users/user1/vesprivate.key
cert: /Users/user1/vescred.cert
```

117
118
**NOTE**: `vesctl` gives an error if p12-bundle option *and* cert & key options are given in the config file. Add either `p12-bundle` option or `cert` & `key` options in the config file.

Rajashekar Reddy's avatar
Rajashekar Reddy committed
119

Rajashekar Reddy's avatar
Rajashekar Reddy committed
120
121
122
## vesctl Basic Syntax and Options

```
Rajashekar Reddy's avatar
Rajashekar Reddy committed
123
$ vesctl --help
Rajashekar Reddy's avatar
Rajashekar Reddy committed
124
125
126
127
128
129
A command line utility to interact with ves service.

Usage:
  vesctl [command]

Available Commands:
Rajashekar Reddy's avatar
Rajashekar Reddy committed
130
  completion    Generate completion script
Rajashekar Reddy's avatar
Rajashekar Reddy committed
131
132
133
  configuration Configure object
  help          Help about any command
  request       Execute Commands
Rajashekar Reddy's avatar
Rajashekar Reddy committed
134
  site          Manage site creation through view.aws_vpc apis
Harshad Nakil's avatar
Harshad Nakil committed
135
  version       Print build version
Rajashekar Reddy's avatar
Rajashekar Reddy committed
136
137
138
139

Flags:
  -a, --cacert string         Server CA cert file path
  -c, --cert string           Client cert file path
Rajashekar Reddy's avatar
Rajashekar Reddy committed
140
      --config string         A configuration file to use for API gateway URL and credentials (default "/Users/rajreddy/.vesconfig")
Rajashekar Reddy's avatar
Rajashekar Reddy committed
141
142
143
144
  -h, --help                  help for vesctl
  -k, --key string            Client key file path
      --outfmt string         Output format for command
  -o, --output string         Output dir for command (default "./")
Harshad Nakil's avatar
Harshad Nakil committed
145
146
      --p12-bundle string     Client P12 bundle (key+cert) file path. Any password for this file should be in environment variable VES_P12_PASSWORD
  -u, --server-urls strings   API endpoint URL (default [http://localhost:8001])
Rajashekar Reddy's avatar
Rajashekar Reddy committed
147
148
      --show-curl             Emit requests from program in CURL format
      --timeout int           Timeout (in seconds) for command to finish (default 5)
Harshad Nakil's avatar
Harshad Nakil committed
149
150

Use "vesctl [command] --help" for more information about a command.
Rajashekar Reddy's avatar
Rajashekar Reddy committed
151
152
```

153
Basic syntax that `vesctl` follows is
Harshad Nakil's avatar
Harshad Nakil committed
154
155
156
157
158
159
160
```
vesctl high-level-command verb ...
```
High-level-command 

* `help` is available at every level and it prints what next level of options are available. It is also displayed on error at given level.
* `configuration` is cmd is used for CRUD operations on configuration objects.
161
* `request` is used to implement custom commands and custom RPC access to Volterra API.
Rajashekar Reddy's avatar
Rajashekar Reddy committed
162
* `site` site command is used to manage cloud site through objects aws_vpc_site, azure_vnet_site
Harshad Nakil's avatar
Harshad Nakil committed
163

164
For most of cases in both `configuration` and `request` commands final parameter will be in form of YAML files. Schema for these YAML files can be found in [Volterra API reference](https://https://volterra.io/docs/api)
Harshad Nakil's avatar
Harshad Nakil committed
165

166
## `configuration` Command
Rajashekar Reddy's avatar
Rajashekar Reddy committed
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188

```
$ vesctl configuration
Configure object

Usage:
  vesctl configuration [command]

Aliases:
  configuration, cfg, c

Examples:
vesctl configuration create virtual_host

Available Commands:
  create      Create configuration object
  delete      Delete configuration object
  get         Get configuration object
  list        List configuration objects
  replace     Replace configuration object
  status      Status of configuration object
```
189
190

Here you can see available verbs are `create`, `get`, `list` etc.
Harshad Nakil's avatar
Harshad Nakil committed
191
Generic format for configuration command is
192

Rajashekar Reddy's avatar
Rajashekar Reddy committed
193
```
Harshad Nakil's avatar
Harshad Nakil committed
194
195
vesctl configuration verb kind name -n namespace
```
196

Rajashekar Reddy's avatar
Rajashekar Reddy committed
197

Harshad Nakil's avatar
Harshad Nakil committed
198
To see all available kinds
199

Harshad Nakil's avatar
Harshad Nakil committed
200
201
```
./vesctl configuration create --help
Rajashekar Reddy's avatar
Rajashekar Reddy committed
202
203
204
205
206
207
Create configuration object

Usage:
  vesctl configuration create [command]

Examples:
Harshad Nakil's avatar
Harshad Nakil committed
208
vesctl configuration create virtual_host -i <file>
Rajashekar Reddy's avatar
Rajashekar Reddy committed
209

Harshad Nakil's avatar
Harshad Nakil committed
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
Available Commands:
  advertise_policy         Create advertise_policy
  app_setting              Create app_setting
  app_type                 Create app_type
  bgp                      Create bgp
  bgp_asn_set              Create bgp_asn_set
  cluster                  Create cluster
  contact                  Create contact
  customer_support         Create customer_support
  discovery                Create discovery
  endpoint                 Create endpoint
  fast_acl                 Create fast_acl
  fast_acl_rule            Create fast_acl_rule
  fleet                    Create fleet
  healthcheck              Create healthcheck
  ip_prefix_set            Create ip_prefix_set
  kms_key                  Create kms_key
  kms_policy               Create kms_policy
  kms_policy_rule          Create kms_policy_rule
  namespace                Create namespace
  namespace_role           Create namespace_role
  network_connector        Create network_connector
  network_firewall         Create network_firewall
  network_interface        Create network_interface
  network_policy           Create network_policy
  network_policy_rule      Create network_policy_rule
  network_policy_set       Create network_policy_set
  policer                  Create policer
  protocol_policer         Create protocol_policer
  registration             Create registration
  role                     Create role
  route                    Create route
  secret_management_access Create secret_management_access
  secret_policy            Create secret_policy
  secret_policy_rule       Create secret_policy_rule
  service_policy           Create service_policy
  service_policy_rule      Create service_policy_rule
  service_policy_set       Create service_policy_set
  site                     Create site
  site_mesh_group          Create site_mesh_group
  token                    Create token
  user                     Create user
  virtual_host             Create virtual_host
  virtual_k8s              Create virtual_k8s
  virtual_network          Create virtual_network
  virtual_site             Create virtual_site
  waf                      Create waf
  waf_rules                Create waf_rules
Rajashekar Reddy's avatar
Rajashekar Reddy committed
258

Harshad Nakil's avatar
Harshad Nakil committed
259
260
261
Flags:
  -h, --help                help for create
  -i, --input-file string   File containing CreateRequest contents
Rajashekar Reddy's avatar
Rajashekar Reddy committed
262

Harshad Nakil's avatar
Harshad Nakil committed
263
264
265
Global Flags:
  -a, --cacert string         Server CA cert file path
  -c, --cert string           Client cert file path
266
      --config string         A configuration file to use for API gateway URL and credentials (default "/Users/user1/.vesconfig")
Harshad Nakil's avatar
Harshad Nakil committed
267
268
269
270
271
272
273
  -k, --key string            Client key file path
      --outfmt string         Output format for command
  -o, --output string         Output dir for command (default "./")
      --p12-bundle string     Client P12 bundle (key+cert) file path. Any password for this file should be in environment variable VES_P12_PASSWORD
  -u, --server-urls strings   API endpoint URL (default [http://localhost:8001])
      --show-curl             Emit requests from program in CURL format
      --timeout int           Timeout (in seconds) for command to finish (default 5)
Rajashekar Reddy's avatar
Rajashekar Reddy committed
274
275
```

Rajashekar Reddy's avatar
Rajashekar Reddy committed
276
### `configuration create` Command
Rajashekar Reddy's avatar
Rajashekar Reddy committed
277

278
279
280
281
following example creates advertise policy in documentation namespace for acmecorp tenant:

(`string:///<base64>` base64 here represents certificate and blindfold secret. Deleted from output to remove clutter)

Rajashekar Reddy's avatar
Rajashekar Reddy committed
282
```
283
$ cat advertise_policy.yaml
Rajashekar Reddy's avatar
Rajashekar Reddy committed
284
metadata:
Harshad Nakil's avatar
Harshad Nakil committed
285
286
  name: advertise-on-public
  namespace: documentation
Rajashekar Reddy's avatar
Rajashekar Reddy committed
287
spec:
Harshad Nakil's avatar
Harshad Nakil committed
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
  port: 443
  protocol: TCP
  tlsParameters:
    commonParams:
      tlsCertificates:
      - certificateUrl: string:///<Base64>
        privateKey:
          blindfoldSecretInfo:
            location: string:///<Base64>
  where:
    virtualNetwork:
      ref:
      - kind: virtual_network
        name: public
        namespace: shared
        tenant: ves-io
304
305

$ vesctl configuration create advertise_policy -i advertise_policy.yaml
Harshad Nakil's avatar
Harshad Nakil committed
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
metadata:
  annotations: {}
  labels: {}
  name: advertise-on-acmecrop-vsite-1
  namespace: documentation
spec:
  where:
    virtualSite:
      ref:
      - kind: virtual_site
        name: acmecrop-vsite1
        namespace: documentation
        tenant: acmecorp
        uid: ffffffff-ffff-ffff-ffff-ffffffffffff
systemMetadata:
  creationTimestamp: "2019-11-02T13:10:47.549939800Z"
  finalizers: []
  tenant: acmecorp
  uid: 1a2c442a-b0fa-4439-9434-9de2521bfd3b
Rajashekar Reddy's avatar
Rajashekar Reddy committed
325
```
326

Rajashekar Reddy's avatar
Rajashekar Reddy committed
327
### `configuration list` command
Rajashekar Reddy's avatar
Rajashekar Reddy committed
328

329
330
To list advertise_policy that was created above:

Rajashekar Reddy's avatar
Rajashekar Reddy committed
331
```
332
$ vesctl configuration list advertise_policy --namespace documentation --outfmt yaml
Harshad Nakil's avatar
Harshad Nakil committed
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
items:
- labels: {}
  name: advertise-on-acmecrop-vsite-1
  namespace: documentation
  statusSet: []
  tenant: acmecorp
  uid: c3efffae-f8de-4d6c-9946-9924343605d4

----
- labels: {}
  name: advertise-on-public
  namespace: documentation
  statusSet: []
  tenant: acmecorp
  uid: 04b97502-5930-4d40-9c1e-48b2f7ee04e0

----
Rajashekar Reddy's avatar
Rajashekar Reddy committed
350
```
351

Rajashekar Reddy's avatar
Rajashekar Reddy committed
352
### `configuration get` command
Rajashekar Reddy's avatar
Rajashekar Reddy committed
353

354
355
To get advertise_policy that was created above:

Rajashekar Reddy's avatar
Rajashekar Reddy committed
356
```
357
$ vesctl configuration get advertise_policy advertise-on-public --namespace documentation
Harshad Nakil's avatar
Harshad Nakil committed
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
metadata:
  annotations: {}
  labels: {}
  name: advertise-on-public
  namespace: documentation
resourceVersion: "80877291"
spec:
  port: 443
  protocol: TCP
  tlsParameters:
    commonParams:
      cipherSuites: []
      tlsCertificates:
      - certificateUrl: string:///<Base64>
        privateKey:
          blindfoldSecretInfo:
            location: string:///<Base64>
  where:
    virtualNetwork:
      ref:
      - kind: virtual_network
        name: public
        namespace: shared
        tenant: ves-io
Harshad Nakil's avatar
Harshad Nakil committed
382
status: []
Harshad Nakil's avatar
Harshad Nakil committed
383
384
```

Rajashekar Reddy's avatar
Rajashekar Reddy committed
385
### `configuration replace` command
Rajashekar Reddy's avatar
Rajashekar Reddy committed
386

387
To change HTTP to HTTPS in advertise policy. Advertise bookinfo productpage on all sites represented by the virtual site acmecrop-vsite1. It is advertised as HTTPS on site local network. VIP is automatically chosen by the system:
Harshad Nakil's avatar
Harshad Nakil committed
388
389

```
390
$ cat advertise_policy.yaml
Harshad Nakil's avatar
Harshad Nakil committed
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
metadata:
  name: advertise-on-acmecrop-vsite-1
  namespace: documentation
spec:
  port: 443
  protocol: TCP
  tlsParameters:
    commonParams:
      tlsCertificates:
      - certificateUrl: string:///<Base64>
        privateKey:
          blindfoldSecretInfo:
            location: string:///<Base64>
  where:
    virtualSite:
      ref:
      - kind: virtual_site
        name: acmecrop-vsite1
        namespace: documentation
        tenant: acmecorp
411
$ vesctl configuration replace advertise_policy -n documentation -i advertise_policy.yaml
Harshad Nakil's avatar
Harshad Nakil committed
412
413
```

Rajashekar Reddy's avatar
Rajashekar Reddy committed
414
### `configuration delete` command
Rajashekar Reddy's avatar
Rajashekar Reddy committed
415

416
417
To delete a advertise policy that advertise product page in public network:

Harshad Nakil's avatar
Harshad Nakil committed
418
```
419
$ vesctl configuration delete advertise_policy advertise-on-public --namespace documentation
420
421
```

Rajashekar Reddy's avatar
Rajashekar Reddy committed
422
### `configuration status` command
Rajashekar Reddy's avatar
Rajashekar Reddy committed
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743

1. for a given object configuration status command gives the global status of the object aggregated in volterra global controller. This is applicable only to certain objects viz. discovery, endpoint, site.
2. with the option --at-site, configuration status command gives the status of the object at a given site. The status includes whether the object was validated and installed on that site.

example of both these forms in given below

```
# vesctl --config ~/.vesconfig.demo1.testcorp configuration status endpoint ves-io-origin-pool-apache-85487c5ffb -n rajreddy-test
create_form: null
metadata: null
object: null
replace_form: null
resource_version: ""
spec: null
status:
- conditions:
  - hostname: ""
    last_update_time: "2021-02-24T07:27:55.604060076Z"
    reason: ""
    service_name: ""
    status: Success
    type: Validation
  - hostname: ""
    last_update_time: "2021-02-24T07:27:55.604060076Z"
    reason: ""
    service_name: ""
    status: Installed
    type: Operational
  metadata:
    creation_timestamp: null
    creator_class: pa4-par-dev
    creator_id: ver
    publish: STATUS_PUBLISH
    status_id: ba087263-fd1a-4096-953a-b56e2a064c87_VerCfgMgr
    uid: c808930f-0c4b-471d-b31f-a3670e269804
  object_refs:
  - kind: ves.io.vega.cfg.adc.endpoint.Object
    name: ""
    namespace: ""
    tenant: ""
    uid: 7103712d-0f46-451a-ba54-a07746240a71
  ver_status:
  - allocated_ip:
      addr: ff::19:5200:bc15
    discovered_info: null
    discovered_ip:
      ipv4:
        addr: 95.216.26.30
    discovered_port: 80
    health_status: {}
    service_name: ""
    site: pa4-par-dev
  - allocated_ip:
      addr: ff::19:5200:c4a2
    discovered_info: null
    discovered_ip:
      ipv4:
        addr: 207.244.88.140
    discovered_port: 80
    health_status: {}
    service_name: ""
    site: pa4-par-dev
- conditions:
  - hostname: ""
    last_update_time: "2021-02-24T07:30:03.858953038Z"
    reason: ""
    service_name: ""
    status: Success
    type: Validation
  - hostname: ""
    last_update_time: "2021-02-24T07:30:03.858953038Z"
    reason: ""
    service_name: ""
    status: Installed
    type: Operational
  metadata:
    creation_timestamp: null
    creator_class: pa4-par-dev
    creator_id: ver
    publish: STATUS_PUBLISH
    status_id: b279f777-7aaf-4c3a-b01a-25186d6b1400_VerCfgMgr
    uid: 1cab3ee8-eab5-4c72-9212-3099f116f7f0
  object_refs:
  - kind: ves.io.vega.cfg.adc.endpoint.Object
    name: ""
    namespace: ""
    tenant: ""
    uid: 7103712d-0f46-451a-ba54-a07746240a71
  ver_status:
  - allocated_ip:
      addr: ff::19:5200:bc15
    discovered_info: null
    discovered_ip:
      ipv4:
        addr: 95.216.26.30
    discovered_port: 80
    health_status: {}
    service_name: ""
    site: pa4-par-dev
  - allocated_ip:
      addr: ff::19:5200:c4a2
    discovered_info: null
    discovered_ip:
      ipv4:
        addr: 207.244.88.140
    discovered_port: 80
    health_status: {}
    service_name: ""
    site: pa4-par-dev
- conditions:
  - hostname: ""
    last_update_time: "2021-02-24T07:35:01.554259904Z"
    reason: ""
    service_name: ""
    status: Success
    type: Validation
  - hostname: ""
    last_update_time: "2021-02-24T07:35:01.554259904Z"
    reason: ""
    service_name: ""
    status: Installed
    type: Operational
  metadata:
    creation_timestamp: null
    creator_class: pa4-par-dev
    creator_id: ver
    publish: STATUS_PUBLISH
    status_id: b7b6fee5-4fa2-4f9e-904e-c84695cebf19_VerCfgMgr
    uid: 53163f26-13f6-49df-8723-177227fdc9b2
  object_refs:
  - kind: ves.io.vega.cfg.adc.endpoint.Object
    name: ""
    namespace: ""
    tenant: ""
    uid: 7103712d-0f46-451a-ba54-a07746240a71
  ver_status:
  - allocated_ip:
      addr: ff::19:5200:bc15
    discovered_info: null
    discovered_ip:
      ipv4:
        addr: 95.216.26.30
    discovered_port: 80
    health_status: {}
    service_name: ""
    site: pa4-par-dev
  - allocated_ip:
      addr: ff::19:5200:c4a2
    discovered_info: null
    discovered_ip:
      ipv4:
        addr: 207.244.88.140
    discovered_port: 80
    health_status: {}
    service_name: ""
    site: pa4-par-dev
- conditions:
  - hostname: ""
    last_update_time: "2021-02-23T18:26:21.944978794Z"
    reason: ""
    service_name: ""
    status: Success
    type: Validation
  - hostname: ""
    last_update_time: "2021-02-23T18:26:21.944978794Z"
    reason: ""
    service_name: ""
    status: Installed
    type: Operational
  metadata:
    creation_timestamp: null
    creator_class: re01
    creator_id: ver
    publish: STATUS_PUBLISH
    status_id: f20f8b64-0bd1-4cea-900c-26421c1527d9_VerCfgMgr
    uid: 74f9ea20-453a-4fd8-9137-c9c35baeebab
  object_refs:
  - kind: ves.io.vega.cfg.adc.endpoint.Object
    name: ""
    namespace: ""
    tenant: ""
    uid: 7103712d-0f46-451a-ba54-a07746240a71
  ver_status:
  - allocated_ip:
      addr: ff::18:2800:10
    discovered_info: null
    discovered_ip:
      ipv4:
        addr: 207.244.88.140
    discovered_port: 80
    health_status: {}
    service_name: ""
    site: re01
  - allocated_ip:
      addr: ff::18:2800:11
    discovered_info: null
    discovered_ip:
      ipv4:
        addr: 95.216.26.30
    discovered_port: 80
    health_status: {}
    service_name: ""
    site: re01
- conditions:
  - hostname: ""
    last_update_time: "2021-02-24T07:29:44.078915641Z"
    reason: ""
    service_name: ""
    status: Success
    type: Validation
  - hostname: ""
    last_update_time: "2021-02-24T07:29:44.078915641Z"
    reason: ""
    service_name: ""
    status: Installed
    type: Operational
  metadata:
    creation_timestamp: null
    creator_class: re02
    creator_id: ver
    publish: STATUS_PUBLISH
    status_id: 5ba5078a-e8dc-4b61-bbf5-97986f6eadcf_VerCfgMgr
    uid: a0a1cda2-6750-4a7b-bb67-157cafeb0f5f
  object_refs:
  - kind: ves.io.vega.cfg.adc.endpoint.Object
    name: ""
    namespace: ""
    tenant: ""
    uid: 7103712d-0f46-451a-ba54-a07746240a71
  ver_status:
  - allocated_ip:
      addr: ff::1e00:31cf
    discovered_info: null
    discovered_ip:
      ipv4:
        addr: 95.216.26.30
    discovered_port: 80
    health_status: {}
    service_name: ""
    site: re02
  - allocated_ip:
      addr: ff::1e00:6875
    discovered_info: null
    discovered_ip:
      ipv4:
        addr: 207.244.88.140
    discovered_port: 80
    health_status: {}
    service_name: ""
    site: re02
- conditions:
  - hostname: ""
    last_update_time: "2021-02-24T07:30:03.861350810Z"
    reason: ""
    service_name: ""
    status: Success
    type: Validation
  - hostname: ""
    last_update_time: "2021-02-24T07:30:03.861350810Z"
    reason: ""
    service_name: ""
    status: Installed
    type: Operational
  metadata:
    creation_timestamp: null
    creator_class: pa4-par-dev
    creator_id: ver
    publish: STATUS_PUBLISH
    status_id: 628fd05f-64b7-4d92-a1b0-fd3fa2ebcb0f_VerCfgMgr
    uid: b0b6af1b-a41b-419d-bdd8-3726a74256b5
  object_refs:
  - kind: ves.io.vega.cfg.adc.endpoint.Object
    name: ""
    namespace: ""
    tenant: ""
    uid: 7103712d-0f46-451a-ba54-a07746240a71
  ver_status:
  - allocated_ip:
      addr: ff::19:5200:bc15
    discovered_info: null
    discovered_ip:
      ipv4:
        addr: 95.216.26.30
    discovered_port: 80
    health_status: {}
    service_name: ""
    site: pa4-par-dev
  - allocated_ip:
      addr: ff::19:5200:c4a2
    discovered_info: null
    discovered_ip:
      ipv4:
        addr: 207.244.88.140
    discovered_port: 80
    health_status: {}
    service_name: ""
    site: pa4-par-dev
system_metadata: null

# vesctl --config ~/.vesconfig.demo1.testcorp configuration status virtual_host ves-io-http-loadbalancer-apache -n rajreddy-test --at-site rajreddy-igw-demo1
conditions:
- hostname: master-0
  last_update_time: "2021-02-24T18:37:57.225890447Z"
  reason: ""
  service_name: ver
  status: Success
  type: Validation
- hostname: master-0
  last_update_time: "2021-02-24T18:37:57.225890447Z"
  reason: ""
  service_name: ver
  status: Installed
  type: Operational
error:
  code: EOK
  error_obj: null
  message: ""


```

Rajashekar Reddy's avatar
Rajashekar Reddy committed
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
## `request` Command

```
$ vesctl request --help
Execute Commands

Usage:
  vesctl request [command]

Examples:
vesctl request secrets encrypt --policy-doc temp_policy --public-key pub_key secret

Available Commands:
  rpc         RPC Invocation
  secrets     Execute commands for secret_management

Flags:
  -h, --help   help for request

Global Flags:
  -a, --cacert string         Server CA cert file path
  -c, --cert string           Client cert file path
      --config string         A configuration file to use for API gateway URL and credentials (default "/Users/harshadnakil/.vesconfig")
  -k, --key string            Client key file path
      --outfmt string         Output format for command
  -o, --output string         Output dir for command (default "./")
      --p12-bundle string     Client P12 bundle (key+cert) file path. Any password for this file should be in environment variable VES_P12_PASSWORD
  -u, --server-urls strings   API endpoint URL (default [http://localhost:8001])
      --show-curl             Emit requests from program in CURL format
      --timeout int           Timeout (in seconds) for command to finish (default 5)

Use "vesctl request [command] --help" for more information about a command.
```

Request command is mechanism to provide custom commands and custom API(s), that do not fit within the structure of configuration objects.

* `rpc` command provides all the custom API(s) provided by Volterra
* `secrets` command provides various operation to upload blindfold secrets to be used by Volterra services and tenant services

### `request rpc` Command

Generic syntax for rpc command is

```
vesctl request rpc rpc-name --uri path --http-method method -i input yaml-file
```

* `rpc-name` is a name of the custom API service e.g `known_label.CustomAPI.Get`
* `path` for custom API e.g /public/namespaces/shared/known_labels
* `method` is HTTP method like `GET` or `POST`
* `yaml-file` will have either query parameters or post body

```
$ vesctl request rpc known_label.CustomAPI.Get --uri /public/namespaces/shared/known_labels --http-method GET -i kl.yaml 
Response:
label:
- description: 'Fleet label for fleet acmecorp superstore fleet'
  key: ves.io/fleet
  value: superstore
- key: app
  value: productpage
- key: ves.io/region
  value: ves-io-london
- key: ves.io/region
  value: ves-io-frankfurt
- key: ves.io/region
  value: ves-io-osaka
- key: ves.io/country
  value: ves-io-uk
- key: ves.io/region
  value: ves-io-sanjose
- key: ves.io/region
  value: ves-io-toronto
- key: ves.io/country
  value: ves-io-sgp
- key: ves.io/region
  value: ves-io-seattle
- key: ves.io/country
  value: ves-io-usa
- key: ves.io/country
  value: ves-io-jpn
- key: ves.io/country
  value: ves-io-fra
- key: ves.io/country
  value: ves-io-ukr
- key: ves.io/region
  value: ves-io-amsterdam
- key: ves.io/region
  value: ves-io-singapore
- key: ves.io/region
  value: ves-io-ashburn
- key: ves.io/region
  value: ves-io-newyork
- key: ves.io/country
  value: ves-io-cze
- key: ves.io/region
  value: ves-io-ohio
- key: ves.io/country
  value: ves-io-isr
- key: ves.io/country
  value: ves-io-can
- key: ves.io/region
  value: ves-io-tokyo
- key: ves.io/country
  value: ves-io-ind
- key: ves.io/region
  value: ves-io-paris
- key: ves.io/country
  value: ves-io-ger
```


Rajashekar Reddy's avatar
Rajashekar Reddy committed
856

Rajashekar Reddy's avatar
Rajashekar Reddy committed
857
### `request secrets` Command
858

859
Secrets description is coming soon.