HTTP API

Kuma ships with a RESTful HTTP interface that you can use to retrieve the state of your configuration and policies on every environment, and when running on Universal mode it will also allow to make changes to the state. On Kubernetes, you will use native CRDs to change the state in order to be consistent with Kubernetes best practices.

CI/CD: The HTTP API can be used for infrastructure automation to either retrieve data, or to make changes when running in Universal mode. The kumactl CLI is built on top of the HTTP API, which you can also access with any other HTTP client like curl.

By default the API Server is listening on port 5681 (HTTP) and on 5682 (HTTPS). The endpoints available are:

  • /config
  • /versions
  • /meshes
  • /mesh-insights
  • /mesh-insights/{name}
  • /dataplanes
  • /dataplanes+insights
  • /health-checks
  • /proxytemplates
  • /traffic-logs
  • /traffic-permissions
  • /traffic-routes
  • /fault-injections
  • /service-insights
  • /retries
  • /secrets
  • /global-secrets
  • /global-secrets/{name}
  • /meshes/{name}
  • /meshes/{mesh}/dataplanes
  • /meshes/{mesh}/dataplanes/{name}
  • /meshes/{mesh}/dataplanes/{name}/policies
  • /meshes/{mesh}/dataplanes/{name}/rules
  • /meshes/{mesh}/dataplanes/{name}/xds
  • /zoneingresses/{name}/xds
  • /zoneegresses/{name}/xds
  • /meshes/{mesh}/dataplanes+insights
  • /meshes/{mesh}/dataplanes+insights/{name}
  • /meshes/{mesh}/health-checks
  • /meshes/{mesh}/health-checks/{name}
  • /meshes/{mesh}/proxytemplates
  • /meshes/{mesh}/proxytemplates/{name}
  • /meshes/{mesh}/traffic-logs
  • /meshes/{mesh}/traffic-logs/{name}
  • /meshes/{mesh}/traffic-permissions
  • /meshes/{mesh}/traffic-permissions/{name}
  • /meshes/{mesh}/traffic-routes
  • /meshes/{mesh}/traffic-routes/{name}
  • /meshes/{mesh}/fault-injections
  • /meshes/{mesh}/fault-injections/{name}
  • /meshes/{mesh}/{policy-type}/{policy-name}/dataplanes
  • /meshes/{mesh}/meshgateways/{gateway-name}/dataplanes
  • /meshes/{mesh}/external-services
  • /meshes/{mesh}/external-services/{name}
  • /meshes/{mesh}/service-insights
  • /meshes/{mesh}/service-insights/{name}
  • /meshes/{mesh}/retries
  • /meshes/{mesh}/retries/{name}
  • /meshes/{mesh}/secrets
  • /meshes/{mesh}/secrets/{name}
  • /status/zones
  • /tokens/dataplane
  • /tokens/zone-ingress
  • /zones
  • /zones/{name}
  • /zones+insights
  • /zones+insights/{name}
  • /zone-ingresses
  • /zone-ingresses/{name}
  • /zoneingresses+insights
  • /zoneingresses+insights/{name}
  • /zoneegresses
  • /zoneegresses/{name}
  • /zoneegressoverviews
  • /zoneegressoverviews/{name}
  • /global-insights
  • /policies

You can use GET requests to retrieve the state of Kuma on both Universal and Kubernetes, and PUT and DELETE requests on Universal to change the state.

Pagination

Every resource list in Kuma is paginated. To use pagination, you can use following query parameters:

  • size - size of the page (default - 1000, maximum value - 10000).
  • offset - offset from which the page will be listed. The offset is a string, it does not have to be a number (it depends on the environment).

A response with a pagination contains next field with URL to fetch the next page. Example:

  1. {
  2. "items": [...],
  3. "next": "http://localhost:5681/meshes/default/dataplanes?offset=10"
  4. }

If next field is null there is no more pages to fetch.

Control Plane configuration

Get effective configuration of the Control Plane

Request: GET /config

Response: 200 OK with the effective configuration of the Control Plane (notice that secrets, such as database passwords, will never appear in the response)

Example:

  1. curl http://localhost:5681/config
  1. {
  2. "adminServer": {
  3. "apis": {
  4. "dataplaneToken": {
  5. "enabled": true
  6. }
  7. },
  8. "local": {
  9. "port": 5679
  10. },
  11. "public": {
  12. "clientCertsDir": "/etc/kuma.io/kuma-cp/admin-api/tls/allowed-client-certs.d",
  13. "enabled": true,
  14. "interface": "0.0.0.0",
  15. "port": 5684,
  16. "tlsCertFile": "/etc/kuma.io/kuma-cp/admin-api/tls/server.cert",
  17. "tlsKeyFile": "/etc/kuma.io/kuma-cp/admin-api/tls/server.key"
  18. }
  19. },
  20. "apiServer": {
  21. "corsAllowedDomains": [
  22. ".*"
  23. ],
  24. "port": 5681,
  25. "readOnly": false
  26. },
  27. "bootstrapServer": {
  28. "params": {
  29. "adminAccessLogPath": "/dev/null",
  30. "adminAddress": "127.0.0.1",
  31. "adminPort": 0,
  32. "xdsConnectTimeout": "1s",
  33. "xdsHost": "kuma-control-plane.internal",
  34. "xdsPort": 5678
  35. },
  36. "port": 5682
  37. },
  38. "dataplaneTokenServer": {
  39. "enabled": true,
  40. "local": {
  41. "port": 5679
  42. },
  43. "public": {
  44. "clientCertsDir": "/etc/kuma.io/kuma-cp/admin-api/tls/allowed-client-certs.d",
  45. "enabled": true,
  46. "interface": "0.0.0.0",
  47. "port": 5684,
  48. "tlsCertFile": "/etc/kuma.io/kuma-cp/admin-api/tls/server.cert",
  49. "tlsKeyFile": "/etc/kuma.io/kuma-cp/admin-api/tls/server.key"
  50. }
  51. },
  52. "defaults": {
  53. "mesh": "type: Mesh\nname: default"
  54. },
  55. "discovery": {
  56. "universal": {
  57. "pollingInterval": "1s"
  58. }
  59. },
  60. "environment": "universal",
  61. "general": {
  62. "advertisedHostname": "kuma-control-plane.internal"
  63. },
  64. "guiServer": {
  65. },
  66. "monitoringAssignmentServer": {
  67. "assignmentRefreshInterval": "1s",
  68. "grpcPort": 5676
  69. },
  70. "reports": {
  71. "enabled": true
  72. },
  73. "runtime": {
  74. "kubernetes": {
  75. "admissionServer": {
  76. "address": "",
  77. "certDir": "",
  78. "port": 5443
  79. }
  80. }
  81. },
  82. "sdsServer": {
  83. "grpcPort": 5677,
  84. "tlsCertFile": "/tmp/117637813.crt",
  85. "tlsKeyFile": "/tmp/240596112.key"
  86. },
  87. "store": {
  88. "kubernetes": {
  89. "systemNamespace": "kuma-system"
  90. },
  91. "postgres": {
  92. "connectionTimeout": 5,
  93. "dbName": "kuma",
  94. "host": "127.0.0.1",
  95. "password": "*****",
  96. "port": 15432,
  97. "user": "kuma"
  98. },
  99. "type": "memory"
  100. },
  101. "xdsServer": {
  102. "dataplaneConfigurationRefreshInterval": "1s",
  103. "dataplaneStatusFlushInterval": "1s",
  104. "diagnosticsPort": 5680,
  105. "grpcPort": 5678
  106. }
  107. }

Supported Envoy versions

List supported Envoy versions

Request: GET /versions

Response: 200 OK with versions of Envoy supported by Kuma DPs

Example:

  1. curl http://localhost:5681/versions
  1. {
  2. "kumaDp": {
  3. "1.0.0": {
  4. "envoy": "1.16.0"
  5. },
  6. "1.0.1": {
  7. "envoy": "1.16.0"
  8. },
  9. "1.0.2": {
  10. "envoy": "1.16.1"
  11. },
  12. "1.0.3": {
  13. "envoy": "1.16.1"
  14. },
  15. "1.0.4": {
  16. "envoy": "1.16.1"
  17. },
  18. "1.0.5": {
  19. "envoy": "1.16.2"
  20. },
  21. "1.0.6": {
  22. "envoy": "1.16.2"
  23. },
  24. "1.0.7": {
  25. "envoy": "1.16.2"
  26. },
  27. "1.0.8": {
  28. "envoy": "1.16.2"
  29. }
  30. }
  31. }

Meshes

Get Mesh

Request: GET /meshes/{name}

Response: 200 OK with Mesh entity

Example:

  1. curl http://localhost:5681/meshes/mesh-1
  1. {
  2. "name": "mesh-1",
  3. "type": "Mesh",
  4. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  5. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  6. "mtls": {
  7. "backends": [
  8. {
  9. "name": "ca-1",
  10. "type": "builtin"
  11. },
  12. {
  13. "name": "ca-2",
  14. "type": "provided",
  15. "conf": {
  16. "cert": {
  17. "secret": "provided-cert"
  18. },
  19. "key": {
  20. "secret": "provided-cert"
  21. }
  22. }
  23. }
  24. ],
  25. "enabledBackend": "ca-1"
  26. },
  27. "tracing": {
  28. "defaultBackend": "zipkin-1",
  29. "backends": [
  30. {
  31. "name": "zipkin-1",
  32. "type": "zipkin",
  33. "conf": {
  34. "url": "http://zipkin.local:9411/api/v2/spans"
  35. }
  36. }
  37. ]
  38. },
  39. "logging": {
  40. "backends": [
  41. {
  42. "name": "file-tmp",
  43. "format": "{ \"destination\": \"%KUMA_DESTINATION_SERVICE%\", \"destinationAddress\": \"%UPSTREAM_LOCAL_ADDRESS%\", \"source\": \"%KUMA_SOURCE_SERVICE%\", \"sourceAddress\": \"%KUMA_SOURCE_ADDRESS%\", \"bytesReceived\": \"%BYTES_RECEIVED%\", \"bytesSent\": \"%BYTES_SENT%\"}",
  44. "type": "file",
  45. "conf": {
  46. "path": "/tmp/access.log"
  47. }
  48. },
  49. {
  50. "name": "logstash",
  51. "type": "tcp",
  52. "conf": {
  53. "address": "logstash.internal:9000"
  54. }
  55. }
  56. ]
  57. },
  58. "metrics": {
  59. "enabledBackend": "prometheus-1",
  60. "backends": [
  61. {
  62. "name": "prometheus-1",
  63. "type": "prometheus",
  64. "conf": {
  65. "port": 1234,
  66. "path": "/metrics"
  67. }
  68. }
  69. ]
  70. }
  71. }

Create/Update Mesh

Request: PUT /meshes/{name} with Mesh entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/meshes/mesh-1 --data @mesh.json -H'content-type: application/json'
  1. {
  2. "name": "mesh-1",
  3. "type": "Mesh",
  4. "mtls": {
  5. "backends": [
  6. {
  7. "name": "ca-1",
  8. "type": "builtin"
  9. },
  10. {
  11. "name": "ca-2",
  12. "type": "provided",
  13. "conf": {
  14. "cert": {
  15. "secret": "provided-cert"
  16. },
  17. "key": {
  18. "secret": "provided-cert"
  19. }
  20. }
  21. }
  22. ],
  23. "enabledBackend": "ca-1"
  24. },
  25. "tracing": {
  26. "defaultBackend": "zipkin-1",
  27. "backends": [
  28. {
  29. "name": "zipkin-1",
  30. "type": "zipkin",
  31. "conf": {
  32. "url": "http://zipkin.local:9411/api/v2/spans"
  33. }
  34. }
  35. ]
  36. },
  37. "logging": {
  38. "backends": [
  39. {
  40. "name": "file-tmp",
  41. "format": "{ \"destination\": \"%KUMA_DESTINATION_SERVICE%\", \"destinationAddress\": \"%UPSTREAM_LOCAL_ADDRESS%\", \"source\": \"%KUMA_SOURCE_SERVICE%\", \"sourceAddress\": \"%KUMA_SOURCE_ADDRESS%\", \"bytesReceived\": \"%BYTES_RECEIVED%\", \"bytesSent\": \"%BYTES_SENT%\"}",
  42. "type": "file",
  43. "conf": {
  44. "path": "/tmp/access.log"
  45. }
  46. },
  47. {
  48. "name": "logstash",
  49. "type": "tcp",
  50. "conf": {
  51. "address": "logstash.internal:9000"
  52. }
  53. }
  54. ]
  55. },
  56. "metrics": {
  57. "enabledBackend": "prometheus-1",
  58. "backends": [
  59. {
  60. "name": "prometheus-1",
  61. "type": "prometheus",
  62. "conf": {
  63. "port": 1234,
  64. "path": "/metrics"
  65. }
  66. }
  67. ]
  68. }
  69. }

List Meshes

Request: GET /meshes

Response: 200 OK with body of Mesh entities

Example:

  1. curl http://localhost:5681/meshes
  1. {
  2. "items": [
  3. {
  4. "name": "mesh-1",
  5. "type": "Mesh",
  6. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  7. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  8. "mtls": {
  9. "backends": [
  10. {
  11. "name": "ca-1",
  12. "type": "builtin"
  13. },
  14. {
  15. "name": "ca-2",
  16. "type": "provided",
  17. "conf": {
  18. "cert": {
  19. "secret": "provided-cert"
  20. },
  21. "key": {
  22. "secret": "provided-cert"
  23. }
  24. }
  25. }
  26. ],
  27. "enabledBackend": "ca-1"
  28. },
  29. "tracing": {
  30. "defaultBackend": "zipkin-1",
  31. "backends": [
  32. {
  33. "name": "zipkin-1",
  34. "type": "zipkin",
  35. "conf": {
  36. "url": "http://zipkin.local:9411/api/v2/spans"
  37. }
  38. }
  39. ]
  40. },
  41. "logging": {
  42. "backends": [
  43. {
  44. "name": "file-tmp",
  45. "format": "{ \"destination\": \"%KUMA_DESTINATION_SERVICE%\", \"destinationAddress\": \"%UPSTREAM_LOCAL_ADDRESS%\", \"source\": \"%KUMA_SOURCE_SERVICE%\", \"sourceAddress\": \"%KUMA_SOURCE_ADDRESS%\", \"bytesReceived\": \"%BYTES_RECEIVED%\", \"bytesSent\": \"%BYTES_SENT%\"}",
  46. "type": "file",
  47. "conf": {
  48. "path": "/tmp/access.log"
  49. }
  50. },
  51. {
  52. "name": "logstash",
  53. "type": "tcp",
  54. "conf": {
  55. "address": "logstash.internal:9000"
  56. }
  57. }
  58. ]
  59. },
  60. "metrics": {
  61. "enabledBackend": "prometheus-1",
  62. "backends": [
  63. {
  64. "name": "prometheus-1",
  65. "type": "prometheus",
  66. "conf": {
  67. "port": 1234,
  68. "path": "/metrics"
  69. }
  70. }
  71. ]
  72. }
  73. }
  74. ],
  75. "next": "http://localhost:5681/meshes?offset=1"
  76. }

Delete Mesh

Request: DELETE /meshes/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/meshes/mesh-1

Mesh Insights

Get Mesh Insights

Request: GET /mesh-insights/{name}

Response: 200 OK with MeshInsight entity

Example:

  1. curl http://localhost:5681/mesh-insights/default
  1. {
  2. "type": "MeshInsight",
  3. "name": "default",
  4. "creationTime": "2020-11-17T08:10:24.886346Z",
  5. "modificationTime": "2020-11-17T19:21:39.912878Z",
  6. "lastSync": "2020-11-17T12:21:39.912877Z",
  7. "dataplanes": {
  8. "total": 4,
  9. "offline": 2,
  10. "partiallyDegraded": 2
  11. },
  12. "dataplanesByType": {
  13. "standard": {
  14. "total": 2,
  15. "offline": 1,
  16. "partiallyDegraded": 1
  17. },
  18. "gateway": {
  19. "total": 2,
  20. "offline": 1,
  21. "partiallyDegraded": 1
  22. }
  23. },
  24. "policies": {
  25. "Secret": {
  26. "total": 1
  27. },
  28. "TrafficPermission": {
  29. "total": 1
  30. },
  31. "TrafficRoute": {
  32. "total": 1
  33. }
  34. },
  35. "dpVersions": {
  36. "kumaDp": {
  37. "1.0.0-rc2-119-g50e35395": {
  38. "total": 1,
  39. "online": 1,
  40. "partiallyDegraded": 1
  41. },
  42. "1.0.4": {
  43. "total": 1,
  44. "online": 1,
  45. "partiallyDegraded": 1
  46. },
  47. "unknown": {
  48. "total": 1,
  49. "online": 1,
  50. "partiallyDegraded": 1
  51. }
  52. },
  53. "envoy": {
  54. "1.15.0": {
  55. "total": 2,
  56. "online": 2,
  57. "partiallyDegraded": 1
  58. },
  59. "unknown": {
  60. "total": 1,
  61. "online": 1,
  62. "partiallyDegraded": 1
  63. }
  64. }
  65. },
  66. "mTLS": {
  67. "issuedBackends": {
  68. "ca-1": {
  69. "total": 1,
  70. "online": 1,
  71. "partiallyDegraded": 1
  72. }
  73. },
  74. "supportedBackends": {
  75. "ca-1": {
  76. "total": 1,
  77. "online": 1,
  78. "partiallyDegraded": 1
  79. }
  80. }
  81. },
  82. "services": {
  83. "total": 3,
  84. "internal": 2,
  85. "external": 1
  86. }
  87. }

List Mesh Insights

Request: GET /mesh-insights

Response: 200 OK with body of Mesh Insight entities

Example:

  1. curl http://localhost:5681/mesh-insights
  1. {
  2. "total": 2,
  3. "items": [
  4. {
  5. "type": "MeshInsight",
  6. "name": "default",
  7. "creationTime": "0001-01-01T00:00:00Z",
  8. "modificationTime": "0001-01-01T00:00:00Z",
  9. "lastSync": "2020-11-17T12:24:11.905350Z",
  10. "dataplanes": {
  11. "total": 4,
  12. "offline": 2,
  13. "partiallyDegraded": 2
  14. },
  15. "dataplanesByType": {
  16. "standard": {
  17. "total": 2,
  18. "offline": 1,
  19. "partiallyDegraded": 1
  20. },
  21. "gateway": {
  22. "total": 2,
  23. "offline": 1,
  24. "partiallyDegraded": 1
  25. }
  26. },
  27. "policies": {
  28. "Secret": {
  29. "total": 1
  30. },
  31. "TrafficPermission": {
  32. "total": 1
  33. },
  34. "TrafficRoute": {
  35. "total": 1
  36. }
  37. },
  38. "dpVersions": {
  39. "kumaDp": {
  40. "1.0.0-rc2-119-g50e35395": {
  41. "total": 1,
  42. "online": 1,
  43. "partiallyDegraded": 1
  44. },
  45. "1.0.4": {
  46. "total": 1,
  47. "online": 1,
  48. "partiallyDegraded": 1
  49. },
  50. "unknown": {
  51. "total": 1,
  52. "online": 1,
  53. "partiallyDegraded": 1
  54. }
  55. },
  56. "envoy": {
  57. "1.15.0": {
  58. "total": 2,
  59. "online": 2,
  60. "partiallyDegraded": 1
  61. },
  62. "unknown": {
  63. "total": 1,
  64. "online": 1,
  65. "partiallyDegraded": 1
  66. }
  67. }
  68. },
  69. "mTLS": {
  70. "issuedBackends": {
  71. "ca-1": {
  72. "total": 1,
  73. "online": 1,
  74. "partiallyDegraded": 1
  75. }
  76. },
  77. "supportedBackends": {
  78. "ca-1": {
  79. "total": 1,
  80. "online": 1,
  81. "partiallyDegraded": 1
  82. }
  83. }
  84. },
  85. "services": {
  86. "total": 3,
  87. "internal": 2,
  88. "external": 1
  89. }
  90. },
  91. {
  92. "type": "MeshInsight",
  93. "name": "mymesh1",
  94. "creationTime": "0001-01-01T00:00:00Z",
  95. "modificationTime": "0001-01-01T00:00:00Z",
  96. "lastSync": "2020-11-17T12:24:11.941534Z",
  97. "dataplanes": {
  98. "total": 4,
  99. "offline": 2,
  100. "partiallyDegraded": 2
  101. },
  102. "dataplanesByType": {
  103. "standard": {
  104. "total": 2,
  105. "offline": 1,
  106. "partiallyDegraded": 1
  107. },
  108. "gateway": {
  109. "total": 2,
  110. "offline": 1,
  111. "partiallyDegraded": 1
  112. }
  113. },
  114. "policies": {
  115. "Secret": {
  116. "total": 1
  117. },
  118. "TrafficPermission": {
  119. "total": 1
  120. },
  121. "TrafficRoute": {
  122. "total": 1
  123. }
  124. },
  125. "dpVersions": {
  126. "kumaDp": {
  127. "1.0.0-rc2-119-g50e35395": {
  128. "total": 1,
  129. "online": 1,
  130. "partiallyDegraded": 1
  131. },
  132. "1.0.4": {
  133. "total": 1,
  134. "online": 1,
  135. "partiallyDegraded": 1
  136. },
  137. "unknown": {
  138. "total": 1,
  139. "online": 1,
  140. "partiallyDegraded": 1
  141. }
  142. },
  143. "envoy": {
  144. "1.15.0": {
  145. "total": 2,
  146. "online": 2,
  147. "partiallyDegraded": 1
  148. },
  149. "unknown": {
  150. "total": 1,
  151. "online": 1,
  152. "partiallyDegraded": 1
  153. }
  154. }
  155. },
  156. "mTLS": {
  157. "issuedBackends": {
  158. "ca-1": {
  159. "total": 1,
  160. "online": 1,
  161. "partiallyDegraded": 1
  162. }
  163. },
  164. "supportedBackends": {
  165. "ca-1": {
  166. "total": 1,
  167. "online": 1,
  168. "partiallyDegraded": 1
  169. }
  170. }
  171. },
  172. "services": {
  173. "total": 3,
  174. "internal": 2,
  175. "external": 1
  176. }
  177. }
  178. ],
  179. "next": null
  180. }

Dataplanes

Get Dataplane

Request: GET /meshes/{mesh}/dataplanes/{name}

Response: 200 OK with Mesh entity

Example:

  1. curl http://localhost:5681/meshes/mesh-1/dataplanes/backend-1
  1. {
  2. "type": "Dataplane",
  3. "name": "backend-1",
  4. "mesh": "mesh-1",
  5. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  6. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  7. "networking": {
  8. "address": "127.0.0.1",
  9. "inbound": [
  10. {
  11. "port": 11011,
  12. "servicePort": 11012,
  13. "tags": {
  14. "service": "backend",
  15. "version": "2.0",
  16. "env": "production"
  17. }
  18. }
  19. ],
  20. "outbound": [
  21. {
  22. "port": 33033,
  23. "service": "database"
  24. },
  25. {
  26. "port": 44044,
  27. "service": "user"
  28. }
  29. ]
  30. }
  31. }

Create/Update Dataplane

Request: PUT /meshes/{mesh}/dataplanes/{name} with Dataplane entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/meshes/mesh-1/dataplanes/backend-1 --data @dataplane.json -H'content-type: application/json'
  1. {
  2. "type": "Dataplane",
  3. "name": "backend-1",
  4. "mesh": "mesh-1",
  5. "networking": {
  6. "address": "127.0.0.1",
  7. "inbound": [
  8. {
  9. "port": 11011,
  10. "servicePort": 11012,
  11. "tags": {
  12. "kuma.io/service": "backend",
  13. "version": "2.0",
  14. "env": "production"
  15. }
  16. }
  17. ],
  18. "outbound": [
  19. {
  20. "port": 33033,
  21. "tags": {
  22. "kuma.io/service": "database"
  23. }
  24. },
  25. {
  26. "port": 44044,
  27. "tags": {
  28. "kuma.io/service": "user"
  29. }
  30. }
  31. ]
  32. }
  33. }

List Dataplanes

Request: GET /meshes/{mesh}/dataplanes

Response: 200 OK with body of Dataplane entities

Example:

  1. curl http://localhost:5681/meshes/mesh-1/dataplanes
  1. {
  2. "items": [
  3. {
  4. "type": "Dataplane",
  5. "name": "backend-1",
  6. "mesh": "mesh-1",
  7. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  8. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  9. "networking": {
  10. "address": "127.0.0.1",
  11. "inbound": [
  12. {
  13. "port": 11011,
  14. "servicePort": 11012,
  15. "tags": {
  16. "kuma.io/service": "backend",
  17. "version": "2.0",
  18. "env": "production"
  19. }
  20. }
  21. ],
  22. "outbound": [
  23. {
  24. "port": 33033,
  25. "tags": {
  26. "kuma.io/service": "database"
  27. }
  28. },
  29. {
  30. "port": 44044,
  31. "tags": {
  32. "kuma.io/service": "user"
  33. }
  34. }
  35. ]
  36. }
  37. }
  38. ],
  39. "next": "http://localhost:5681/meshes/mesh-1/dataplanes?offset=1"
  40. }

Delete Dataplane

Request: DELETE /meshes/{mesh}/dataplanes/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/meshes/mesh-1/dataplanes/backend-1

Dataplane Overviews

Get Dataplane Overview

Request: GET /meshes/{mesh}/dataplane+insights/{name}

Response: 200 OK with Dataplane entity including insight

Example:

  1. curl http://localhost:5681/meshes/default/dataplanes+insights/example
  1. {
  2. "type": "DataplaneOverview",
  3. "mesh": "default",
  4. "name": "example",
  5. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  6. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  7. "dataplane": {
  8. "networking": {
  9. "address": "127.0.0.1",
  10. "inbound": [
  11. {
  12. "port": 11011,
  13. "servicePort": 11012,
  14. "tags": {
  15. "env": "production",
  16. "kuma.io/service": "backend",
  17. "version": "2.0"
  18. }
  19. }
  20. ],
  21. "outbound": [
  22. {
  23. "port": 33033,
  24. "tags": {
  25. "kuma.io/service": "database"
  26. }
  27. }
  28. ]
  29. }
  30. },
  31. "dataplaneInsight": {
  32. "mTLS": {
  33. "certificateExpirationTime": "2019-10-24T14:04:57.832482Z",
  34. "lastCertificateRegeneration": "2019-10-24T12:04:57.832482Z",
  35. "certificateRegenerations": 3,
  36. "issuedBackend": "ca-1",
  37. "supportedBackends": ["ca-1"]
  38. },
  39. "subscriptions": [
  40. {
  41. "id": "426fe0d8-f667-11e9-b081-acde48001122",
  42. "controlPlaneInstanceId": "06070748-f667-11e9-b081-acde48001122",
  43. "connectTime": "2019-10-24T14:04:56.820350Z",
  44. "status": {
  45. "lastUpdateTime": "2019-10-24T14:04:57.832482Z",
  46. "total": {
  47. "responsesSent": "3",
  48. "responsesAcknowledged": "3"
  49. },
  50. "cds": {
  51. "responsesSent": "1",
  52. "responsesAcknowledged": "1"
  53. },
  54. "eds": {
  55. "responsesSent": "1",
  56. "responsesAcknowledged": "1"
  57. },
  58. "lds": {
  59. "responsesSent": "1",
  60. "responsesAcknowledged": "1"
  61. },
  62. "rds": {}
  63. }
  64. }
  65. ]
  66. }
  67. }

List Dataplane Overviews

Request: GET /meshes/{mesh}/dataplane+insights/

Response: 200 OK with Dataplane entities including insight

Example:

  1. curl http://localhost:5681/meshes/default/dataplanes+insights
  1. {
  2. "items": [
  3. {
  4. "type": "DataplaneOverview",
  5. "mesh": "default",
  6. "name": "example",
  7. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  8. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  9. "dataplane": {
  10. "networking": {
  11. "address": "127.0.0.1",
  12. "inbound": [
  13. {
  14. "port": 11011,
  15. "servicePort": 11012,
  16. "tags": {
  17. "env": "production",
  18. "kuma.io/service": "backend",
  19. "version": "2.0"
  20. }
  21. }
  22. ],
  23. "outbound": [
  24. {
  25. "port": 33033,
  26. "tags": {
  27. "kuma.io/service": "database"
  28. }
  29. }
  30. ]
  31. }
  32. },
  33. "dataplaneInsight": {
  34. "mTLS": {
  35. "certificateExpirationTime": "2019-10-24T14:04:57.832482Z",
  36. "lastCertificateRegeneration": "2019-10-24T12:04:57.832482Z",
  37. "certificateRegenerations": 3,
  38. "issuedBackend": "ca-1",
  39. "supportedBackends": ["ca-1"]
  40. },
  41. "subscriptions": [
  42. {
  43. "id": "426fe0d8-f667-11e9-b081-acde48001122",
  44. "controlPlaneInstanceId": "06070748-f667-11e9-b081-acde48001122",
  45. "connectTime": "2019-10-24T14:04:56.820350Z",
  46. "status": {
  47. "lastUpdateTime": "2019-10-24T14:04:57.832482Z",
  48. "total": {
  49. "responsesSent": "3",
  50. "responsesAcknowledged": "3"
  51. },
  52. "cds": {
  53. "responsesSent": "1",
  54. "responsesAcknowledged": "1"
  55. },
  56. "eds": {
  57. "responsesSent": "1",
  58. "responsesAcknowledged": "1"
  59. },
  60. "lds": {
  61. "responsesSent": "1",
  62. "responsesAcknowledged": "1"
  63. },
  64. "rds": {}
  65. }
  66. }
  67. ]
  68. }
  69. }
  70. ],
  71. "total": 2,
  72. "next": "http://localhost:5681/meshes/default/dataplanes+insights?offset=1"
  73. }

Health Check

Get Health Check

Request: GET /meshes/{mesh}/health-checks/{name}

Response: 200 OK with Health Check entity

Example:

  1. curl http://localhost:5681/meshes/mesh-1/health-checks/web-to-backend
  1. {
  2. "type": "HealthCheck",
  3. "mesh": "mesh-1",
  4. "name": "web-to-backend",
  5. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  6. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  7. "sources": [
  8. {
  9. "match": {
  10. "kuma.io/service": "web"
  11. }
  12. }
  13. ],
  14. "destinations": [
  15. {
  16. "match": {
  17. "kuma.io/service": "backend"
  18. }
  19. }
  20. ],
  21. "conf": {
  22. "interval": "10s",
  23. "timeout": "2s",
  24. "unhealthyThreshold": 3,
  25. "healthyThreshold": 1,
  26. "reuseConnection": false,
  27. "tcp": {
  28. "send": "Zm9v",
  29. "receive": [
  30. "YmFy",
  31. "YmF6"
  32. ]
  33. },
  34. "http": {
  35. "path": "/health",
  36. "requestHeadersToAdd": [
  37. {
  38. "append": false,
  39. "header": {
  40. "key": "Content-Type",
  41. "value": "application/json"
  42. }
  43. },
  44. {
  45. "header": {
  46. "key": "Accept",
  47. "value": "application/json"
  48. }
  49. }
  50. ],
  51. "expectedStatuses": [
  52. 200,
  53. 201
  54. ],
  55. "useHttp1": true
  56. }
  57. }
  58. }

Create/Update Health Check

Request: PUT /meshes/{mesh}/health-checks/{name} with Health Check entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/meshes/mesh-1/health-checks/web-to-backend --data @healthcheck.json -H'content-type: application/json'
  1. {
  2. "type": "HealthCheck",
  3. "mesh": "mesh-1",
  4. "name": "web-to-backend",
  5. "sources": [
  6. {
  7. "match": {
  8. "kuma.io/service": "web"
  9. }
  10. }
  11. ],
  12. "destinations": [
  13. {
  14. "match": {
  15. "kuma.io/service": "backend"
  16. }
  17. }
  18. ],
  19. "conf": {
  20. "interval": "10s",
  21. "timeout": "2s",
  22. "unhealthyThreshold": 3,
  23. "healthyThreshold": 1,
  24. "reuseConnection": false,
  25. "tcp": {
  26. "send": "Zm9v",
  27. "receive": [
  28. "YmFy",
  29. "YmF6"
  30. ]
  31. },
  32. "http": {
  33. "path": "/health",
  34. "requestHeadersToAdd": [
  35. {
  36. "append": false,
  37. "header": {
  38. "key": "Content-Type",
  39. "value": "application/json"
  40. }
  41. },
  42. {
  43. "header": {
  44. "key": "Accept",
  45. "value": "application/json"
  46. }
  47. }
  48. ],
  49. "expectedStatuses": [
  50. 200,
  51. 201
  52. ],
  53. "useHttp1": true
  54. }
  55. }
  56. }

List Health Checks

Request: GET /meshes/{mesh}/health-checks

Response: 200 OK with body of Health Check entities

Example:

  1. curl http://localhost:5681/meshes/mesh-1/health-checks
  1. {
  2. "items": [
  3. {
  4. "type": "HealthCheck",
  5. "mesh": "mesh-1",
  6. "name": "web-to-backend",
  7. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  8. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  9. "sources": [
  10. {
  11. "match": {
  12. "kuma.io/service": "web"
  13. }
  14. }
  15. ],
  16. "destinations": [
  17. {
  18. "match": {
  19. "kuma.io/service": "backend"
  20. }
  21. }
  22. ],
  23. "conf": {
  24. "interval": "10s",
  25. "timeout": "2s",
  26. "unhealthyThreshold": 3,
  27. "healthyThreshold": 1,
  28. "reuseConnection": false,
  29. "tcp": {
  30. "send": "Zm9v",
  31. "receive": [
  32. "YmFy",
  33. "YmF6"
  34. ]
  35. },
  36. "http": {
  37. "path": "/health",
  38. "requestHeadersToAdd": [
  39. {
  40. "append": false,
  41. "header": {
  42. "key": "Content-Type",
  43. "value": "application/json"
  44. }
  45. },
  46. {
  47. "header": {
  48. "key": "Accept",
  49. "value": "application/json"
  50. }
  51. }
  52. ],
  53. "expectedStatuses": [
  54. 200,
  55. 201
  56. ],
  57. "useHttp1": true
  58. }
  59. }
  60. }
  61. ],
  62. "next": "http://localhost:5681/meshes/mesh-1/health-checks?offset=1"
  63. }

Delete Health Check

Request: DELETE /meshes/{mesh}/health-checks/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/meshes/mesh-1/health-checks/web-to-backend

Proxy Template

Get Proxy Template

Request: GET /meshes/{mesh}/proxytemplates/{name}

Response: 200 OK with Proxy Template entity

Example:

  1. curl http://localhost:5681/meshes/mesh-1/proxytemplates/pt-1
  1. {
  2. "type": "ProxyTemplate",
  3. "mesh": "mesh-1",
  4. "name": "pt-1",
  5. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  6. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  7. "selectors": [
  8. {
  9. "match": {
  10. "kuma.io/service": "backend"
  11. }
  12. }
  13. ],
  14. "conf": {
  15. "imports": [
  16. "default-proxy"
  17. ],
  18. "resources": [
  19. {
  20. "name": "raw-name",
  21. "version": "raw-version",
  22. "resource": "'@type': type.googleapis.com/envoy.api.v2.Cluster\nconnectTimeout: 5s\nloadAssignment:\n clusterName: localhost:8443\n endpoints:\n - lbEndpoints:\n - endpoint:\n address:\n socketAddress:\n address: 127.0.0.1\n portValue: 8443\nname: localhost:8443\ntype: STATIC\n"
  23. }
  24. ]
  25. }
  26. }

Create/Update Proxy Template

Request: PUT /meshes/{mesh}/proxytemplates/{name} with Proxy Template entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/meshes/mesh-1/proxytemplates/pt-1 --data @proxytemplate.json -H'content-type: application/json'
  1. {
  2. "type": "ProxyTemplate",
  3. "name": "pt-1",
  4. "mesh": "mesh-1",
  5. "selectors": [
  6. {
  7. "match": {
  8. "kuma.io/service": "backend"
  9. }
  10. }
  11. ],
  12. "conf": {
  13. "imports": [
  14. "default-proxy"
  15. ],
  16. "resources": [
  17. {
  18. "name": "raw-name",
  19. "version": "raw-version",
  20. "resource": "'@type': type.googleapis.com/envoy.api.v2.Cluster\nconnectTimeout: 5s\nloadAssignment:\n clusterName: localhost:8443\n endpoints:\n - lbEndpoints:\n - endpoint:\n address:\n socketAddress:\n address: 127.0.0.1\n portValue: 8443\nname: localhost:8443\ntype: STATIC\n"
  21. }
  22. ]
  23. }
  24. }

List Proxy Templates

Request: GET /meshes/{mesh}/proxytemplates

Response: 200 OK with body of Proxy Template entities

Example:

  1. curl http://localhost:5681/meshes/mesh-1/proxytemplates
  1. {
  2. "items": [
  3. {
  4. "type": "ProxyTemplate",
  5. "mesh": "mesh-1",
  6. "name": "pt-1",
  7. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  8. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  9. "selectors": [
  10. {
  11. "match": {
  12. "kuma.io/service": "backend"
  13. }
  14. }
  15. ],
  16. "conf": {
  17. "imports": [
  18. "default-proxy"
  19. ],
  20. "resources": [
  21. {
  22. "name": "raw-name",
  23. "version": "raw-version",
  24. "resource": "'@type': type.googleapis.com/envoy.api.v2.Cluster\nconnectTimeout: 5s\nloadAssignment:\n clusterName: localhost:8443\n endpoints:\n - lbEndpoints:\n - endpoint:\n address:\n socketAddress:\n address: 127.0.0.1\n portValue: 8443\nname: localhost:8443\ntype: STATIC\n"
  25. }
  26. ]
  27. }
  28. }
  29. ],
  30. "next": "http://localhost:5681/meshes/mesh-1/proxytemplates?offset=1"
  31. }

Delete Proxy Template

Request: DELETE /meshes/{mesh}/proxytemplates/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/meshes/mesh-1/proxytemplates/pt-1

Traffic Permission

Get Traffic Permission

Request: GET /meshes/{mesh}/traffic-permissions/{name}

Response: 200 OK with Traffic Permission entity

Example:

  1. curl http://localhost:5681/meshes/mesh-1/traffic-permissions/tp-1
  1. {
  2. "type": "TrafficPermission",
  3. "mesh": "mesh-1",
  4. "name": "tp-1",
  5. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  6. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  7. "sources": [
  8. {
  9. "match": {
  10. "kuma.io/service": "backend"
  11. }
  12. }
  13. ],
  14. "destinations": [
  15. {
  16. "match": {
  17. "kuma.io/service": "redis"
  18. }
  19. }
  20. ]
  21. }

Create/Update Traffic Permission

Request: PUT /meshes/{mesh}/trafficpermissions/{name} with Traffic Permission entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/meshes/mesh-1/traffic-permissions/tp-1 --data @trafficpermission.json -H'content-type: application/json'
  1. {
  2. "type": "TrafficPermission",
  3. "name": "tp-1",
  4. "mesh": "mesh-1",
  5. "sources": [
  6. {
  7. "match": {
  8. "kuma.io/service": "backend"
  9. }
  10. }
  11. ],
  12. "destinations": [
  13. {
  14. "match": {
  15. "kuma.io/service": "redis"
  16. }
  17. }
  18. ]
  19. }

List Traffic Permissions

Request: GET /meshes/{mesh}/traffic-permissions

Response: 200 OK with body of Traffic Permission entities

Example:

  1. curl http://localhost:5681/meshes/mesh-1/traffic-permissions
  1. {
  2. "items": [
  3. {
  4. "type": "TrafficPermission",
  5. "mesh": "mesh-1",
  6. "name": "tp-1",
  7. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  8. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  9. "sources": [
  10. {
  11. "match": {
  12. "kuma.io/service": "backend"
  13. }
  14. }
  15. ],
  16. "destinations": [
  17. {
  18. "match": {
  19. "kuma.io/service": "redis"
  20. }
  21. }
  22. ]
  23. }
  24. ],
  25. "next": "http://localhost:5681/meshes/mesh-1/traffic-permissions?offset=1"
  26. }

Delete Traffic Permission

Request: DELETE /meshes/{mesh}/traffic-permissions/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/meshes/mesh-1/traffic-permissions/pt-1

Traffic Log

Get Traffic Log

Request: GET /meshes/{mesh}/traffic-logs/{name}

Response: 200 OK with Traffic Log entity

Example:

  1. curl http://localhost:5681/meshes/mesh-1/traffic-logs/tl-1
  1. {
  2. "type": "TrafficLog",
  3. "mesh": "mesh-1",
  4. "name": "tl-1",
  5. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  6. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  7. "sources": [
  8. {
  9. "match": {
  10. "kuma.io/service": "web",
  11. "version": "1.0"
  12. }
  13. }
  14. ],
  15. "destinations": [
  16. {
  17. "match": {
  18. "kuma.io/service": "backend"
  19. }
  20. }
  21. ],
  22. "conf": {
  23. "backend": "file"
  24. }
  25. }

Create/Update Traffic Log

Request: PUT /meshes/{mesh}/traffic-logs/{name} with Traffic Log entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/meshes/mesh-1/traffic-logs/tl-1 --data @trafficlog.json -H'content-type: application/json'
  1. {
  2. "type": "TrafficLog",
  3. "mesh": "mesh-1",
  4. "name": "tl-1",
  5. "sources": [
  6. {
  7. "match": {
  8. "kuma.io/service": "web",
  9. "version": "1.0"
  10. }
  11. }
  12. ],
  13. "destinations": [
  14. {
  15. "match": {
  16. "kuma.io/service": "backend"
  17. }
  18. }
  19. ],
  20. "conf": {
  21. "backend": "file"
  22. }
  23. }

List Traffic Logs

Request: GET /meshes/{mesh}/traffic-logs

Response: 200 OK with body of Traffic Log entities

Example:

  1. curl http://localhost:5681/meshes/mesh-1/traffic-logs
  1. {
  2. "items": [
  3. {
  4. "type": "TrafficLog",
  5. "mesh": "mesh-1",
  6. "name": "tl-1",
  7. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  8. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  9. "sources": [
  10. {
  11. "match": {
  12. "kuma.io/service": "web",
  13. "version": "1.0"
  14. }
  15. }
  16. ],
  17. "destinations": [
  18. {
  19. "match": {
  20. "kuma.io/service": "backend"
  21. }
  22. }
  23. ],
  24. "conf": {
  25. "backend": "file"
  26. }
  27. }
  28. ],
  29. "next": "http://localhost:5681/meshes/mesh-1/traffic-logs?offset=1"
  30. }

Delete Traffic Log

Request: DELETE /meshes/{mesh}/traffic-logs/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/meshes/mesh-1/traffic-logs/tl-1

Traffic Route

Get Traffic Route

Request: GET /meshes/{mesh}/traffic-routes/{name}

Response: 200 OK with Traffic Route entity

Example:

  1. curl http://localhost:5681/meshes/mesh-1/traffic-routes/web-to-backend
  1. {
  2. "type": "TrafficRoute",
  3. "mesh": "mesh-1",
  4. "name": "web-to-backend",
  5. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  6. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  7. "sources": [
  8. {
  9. "match": {
  10. "region": "us-east-1",
  11. "kuma.io/service": "web",
  12. "version": "v10"
  13. }
  14. }
  15. ],
  16. "destinations": [
  17. {
  18. "match": {
  19. "kuma.io/service": "backend"
  20. }
  21. }
  22. ],
  23. "conf": {
  24. "split": [
  25. {
  26. "weight": 90,
  27. "destination": {
  28. "region": "us-east-1",
  29. "kuma.io/service": "backend",
  30. "version": "v2"
  31. }
  32. },
  33. {
  34. "weight": 10,
  35. "destination": {
  36. "kuma.io/service": "backend",
  37. "version": "v3"
  38. }
  39. }
  40. ]
  41. }
  42. }

Create/Update Traffic Route

Request: PUT /meshes/{mesh}/traffic-routes/{name} with Traffic Route entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/meshes/mesh-1/traffic-routes/web-to-backend --data @trafficroute.json -H'content-type: application/json'
  1. {
  2. "type": "TrafficRoute",
  3. "name": "web-to-backend",
  4. "mesh": "mesh-1",
  5. "sources": [
  6. {
  7. "match": {
  8. "region": "us-east-1",
  9. "kuma.io/service": "web",
  10. "version": "v10"
  11. }
  12. }
  13. ],
  14. "destinations": [
  15. {
  16. "match": {
  17. "kuma.io/service": "backend"
  18. }
  19. }
  20. ],
  21. "conf": {
  22. "split": [
  23. {
  24. "weight": 90,
  25. "destination": {
  26. "region": "us-east-1",
  27. "kuma.io/service": "backend",
  28. "version": "v2"
  29. }
  30. },
  31. {
  32. "weight": 10,
  33. "destination": {
  34. "kuma.io/service": "backend",
  35. "version": "v3"
  36. }
  37. }
  38. ]
  39. }
  40. }

List Traffic Routes

Request: GET /meshes/{mesh}/traffic-routes

Response: 200 OK with body of Traffic Route entities

Example:

  1. curl http://localhost:5681/meshes/mesh-1/traffic-routes
  1. {
  2. "items": [
  3. {
  4. "type": "TrafficRoute",
  5. "mesh": "mesh-1",
  6. "name": "web-to-backend",
  7. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  8. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  9. "sources": [
  10. {
  11. "match": {
  12. "region": "us-east-1",
  13. "kuma.io/service": "web",
  14. "version": "v10"
  15. }
  16. }
  17. ],
  18. "destinations": [
  19. {
  20. "match": {
  21. "kuma.io/service": "backend"
  22. }
  23. }
  24. ],
  25. "conf": {
  26. "split": [
  27. {
  28. "weight": 90,
  29. "destination": {
  30. "region": "us-east-1",
  31. "kuma.io/service": "backend",
  32. "version": "v2"
  33. }
  34. },
  35. {
  36. "weight": 10,
  37. "destination": {
  38. "kuma.io/service": "backend",
  39. "version": "v3"
  40. }
  41. }
  42. ]
  43. }
  44. }
  45. ],
  46. "next": "http://localhost:5681/meshes/mesh-1/traffic-routes?offset=1"
  47. }

Delete Traffic Route

Request: DELETE /meshes/{mesh}/traffic-routes/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/meshes/mesh-1/traffic-routes/web-to-backend

Traffic Trace

Get Traffic Trace

Request: GET /meshes/{mesh}/traffic-traces/{name}

Response: 200 OK with Traffic Trace entity

Example:

  1. curl http://localhost:5681/meshes/mesh-1/traffic-traces/tt-1
  1. {
  2. "type": "TrafficTrace",
  3. "mesh": "mesh-1",
  4. "name": "tt-1",
  5. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  6. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  7. "conf": {
  8. "backend": "my-zipkin"
  9. },
  10. "selectors": [
  11. {
  12. "match": {
  13. "kuma.io/service": "*"
  14. }
  15. }
  16. ]
  17. }

Create/Update Traffic Trace

Request: PUT /meshes/{mesh}/traffic-traces/{name} with Traffic Trace entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/meshes/mesh-1/traffic-traces/tt-1 --data @traffictrace.json -H'content-type: application/json'
  1. {
  2. "type": "TrafficTrace",
  3. "mesh": "mesh-1",
  4. "name": "tt-1",
  5. "conf": {
  6. "backend": "my-zipkin"
  7. },
  8. "selectors": [
  9. {
  10. "match": {
  11. "kuma.io/service": "*"
  12. }
  13. }
  14. ]
  15. }

List Traffic Traces

Request: GET /meshes/{mesh}/traffic-traces

Response: 200 OK with body of Traffic Trace entities

Example:

  1. curl http://localhost:5681/meshes/mesh-1/traffic-traces
  1. {
  2. "items": [
  3. {
  4. "type": "TrafficTrace",
  5. "mesh": "mesh-1",
  6. "name": "tt-1",
  7. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  8. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  9. "selectors": [
  10. {
  11. "match": {
  12. "kuma.io/service": "*"
  13. }
  14. }
  15. ],
  16. "conf": {
  17. "backend": "my-zipkin"
  18. }
  19. }
  20. ],
  21. "next": "http://localhost:5681/meshes/mesh-1/traffic-traces?offset=1"
  22. }

Delete Traffic Trace

Request: DELETE /meshes/{mesh}/traffic-traces/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/meshes/mesh-1/traffic-traces/tt-1

Fault Injection

Get Fault Injection

Request: GET /meshes/{mesh}/fault-injections/{name}

Response: 200 OK with Fault Injection entity

Example:

  1. curl http://localhost:5681/meshes/default/fault-injections/fi1
  1. {
  2. "type": "FaultInjection",
  3. "mesh": "default",
  4. "name": "fi1",
  5. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  6. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  7. "sources": [
  8. {
  9. "match": {
  10. "protocol": "http",
  11. "kuma.io/service": "frontend",
  12. "version": "0.1"
  13. }
  14. }
  15. ],
  16. "destinations": [
  17. {
  18. "match": {
  19. "protocol": "http",
  20. "kuma.io/service": "backend"
  21. }
  22. }
  23. ],
  24. "conf": {
  25. "delay": {
  26. "percentage": 50.5,
  27. "value": "5s"
  28. },
  29. "abort": {
  30. "percentage": 50,
  31. "httpStatus": 500
  32. },
  33. "responseBandwidth": {
  34. "percentage": 50,
  35. "limit": "50 mbps"
  36. }
  37. }
  38. }

Create/Update Fault Injection

Request: PUT /meshes/{mesh}/fault-injections/{name} with Fault Injection entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/meshes/default/fault-injections/fi1 --data @faultinjection.json -H'content-type: application/json'
  1. {
  2. "type": "FaultInjection",
  3. "mesh": "default",
  4. "name": "fi1",
  5. "sources": [
  6. {
  7. "match": {
  8. "kuma.io/service": "frontend",
  9. "version": "0.1",
  10. "protocol": "http"
  11. }
  12. }
  13. ],
  14. "destinations": [
  15. {
  16. "match": {
  17. "kuma.io/service": "backend",
  18. "protocol": "http"
  19. }
  20. }
  21. ],
  22. "conf": {
  23. "delay": {
  24. "percentage": 50.5,
  25. "value": "5s"
  26. },
  27. "abort": {
  28. "httpStatus": 500,
  29. "percentage": 50
  30. },
  31. "responseBandwidth": {
  32. "limit": "50 mbps",
  33. "percentage": 50
  34. }
  35. }
  36. }

List Fault Injections

Request: GET /meshes/{mesh}/fault-injections

Response: 200 OK with body of Fault Injection entities

Example:

  1. curl http://localhost:5681/meshes/default/fault-injections
  1. {
  2. "items": [
  3. {
  4. "type": "FaultInjection",
  5. "mesh": "default",
  6. "name": "fi1",
  7. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  8. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  9. "sources": [
  10. {
  11. "match": {
  12. "protocol": "http",
  13. "kuma.io/service": "frontend",
  14. "version": "0.1"
  15. }
  16. }
  17. ],
  18. "destinations": [
  19. {
  20. "match": {
  21. "protocol": "http",
  22. "kuma.io/service": "backend"
  23. }
  24. }
  25. ],
  26. "conf": {
  27. "delay": {
  28. "percentage": 50.5,
  29. "value": "5s"
  30. },
  31. "abort": {
  32. "percentage": 50,
  33. "httpStatus": 500
  34. },
  35. "responseBandwidth": {
  36. "percentage": 50,
  37. "limit": "50 mbps"
  38. }
  39. }
  40. }
  41. ],
  42. "next": "http://localhost:5681/meshes/default/fault-injections?offset=1"
  43. }

Delete Fault Injection

Request: DELETE /meshes/{mesh}/fault-injections/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/meshes/default/fault-injections/fi1

The kumactl CLI under the hood makes HTTP requests to this API.

Retry

Get Retry

Request: GET /meshes/{mesh}/retries/{name}

Response: 200 OK with Retry entity

Example:

  1. curl http://localhost:5681/meshes/default/retries/r1
  1. {
  2. "type": "Retry",
  3. "mesh": "default",
  4. "name": "r1",
  5. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  6. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  7. "sources": [
  8. {
  9. "match": {
  10. "protocol": "http",
  11. "kuma.io/service": "frontend",
  12. "version": "0.1"
  13. }
  14. }
  15. ],
  16. "destinations": [
  17. {
  18. "match": {
  19. "protocol": "http",
  20. "kuma.io/service": "backend"
  21. }
  22. }
  23. ],
  24. "conf": {
  25. "http": {
  26. "numRetries": 5,
  27. "perTryTimeout": "0.2s",
  28. "backOff": {
  29. "baseInterval": "0.02s",
  30. "maxInterval": "1s"
  31. },
  32. "retriableStatusCodes": [500, 504]
  33. },
  34. "grpc": {
  35. "numRetries": 5,
  36. "perTryTimeout": "0.3s",
  37. "backOff": {
  38. "baseInterval": "0.03s",
  39. "maxInterval": "1.2s"
  40. },
  41. "retryOn": [
  42. "cancelled",
  43. "deadline_exceeded",
  44. "internal",
  45. "resource_exhausted",
  46. "unavailable"
  47. ]
  48. },
  49. "tcp": {
  50. "maxConnectAttempts": 4
  51. }
  52. }
  53. }

Create/Update Retry

Request: PUT /meshes/{mesh}/retries/{name} with Retry entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/meshes/default/retries/fi1 --data @retry.json -H'content-type: application/json'
  1. {
  2. "type": "Retry",
  3. "mesh": "default",
  4. "name": "r1",
  5. "sources": [
  6. {
  7. "match": {
  8. "kuma.io/service": "frontend",
  9. "version": "0.1",
  10. "protocol": "http"
  11. }
  12. }
  13. ],
  14. "destinations": [
  15. {
  16. "match": {
  17. "kuma.io/service": "backend",
  18. "protocol": "http"
  19. }
  20. }
  21. ],
  22. "conf": {
  23. "http": {
  24. "numRetries": 5,
  25. "perTryTimeout": "0.2s",
  26. "backOff": {
  27. "baseInterval": "0.02s",
  28. "maxInterval": "1s"
  29. },
  30. "retriableStatusCodes": [500, 504]
  31. },
  32. "grpc": {
  33. "numRetries": 5,
  34. "perTryTimeout": "0.3s",
  35. "backOff": {
  36. "baseInterval": "0.03s",
  37. "maxInterval": "1.2s"
  38. },
  39. "retryOn": [
  40. "cancelled",
  41. "deadline_exceeded",
  42. "internal",
  43. "resource_exhausted",
  44. "unavailable"
  45. ]
  46. },
  47. "tcp": {
  48. "maxConnectAttempts": 4
  49. }
  50. }
  51. }

List Retries

Request: GET /meshes/{mesh}/retries

Response: 200 OK with body of Retry entities

Example:

  1. curl http://localhost:5681/meshes/default/retries
  1. {
  2. "items": [
  3. {
  4. "type": "Retry",
  5. "mesh": "default",
  6. "name": "r1",
  7. "creationTime": "2020-05-12T12:31:45.606217+02:00",
  8. "modificationTime": "2020-05-12T12:31:45.606217+02:00",
  9. "sources": [
  10. {
  11. "match": {
  12. "protocol": "http",
  13. "kuma.io/service": "frontend",
  14. "version": "0.1"
  15. }
  16. }
  17. ],
  18. "destinations": [
  19. {
  20. "match": {
  21. "protocol": "http",
  22. "kuma.io/service": "backend"
  23. }
  24. }
  25. ],
  26. "conf": {
  27. "http": {
  28. "numRetries": 5,
  29. "perTryTimeout": "0.2s",
  30. "backOff": {
  31. "baseInterval": "0.02s",
  32. "maxInterval": "1s"
  33. },
  34. "retriableStatusCodes": [500, 504]
  35. },
  36. "grpc": {
  37. "numRetries": 5,
  38. "perTryTimeout": "0.3s",
  39. "backOff": {
  40. "baseInterval": "0.03s",
  41. "maxInterval": "1.2s"
  42. },
  43. "retryOn": [
  44. "cancelled",
  45. "deadline_exceeded",
  46. "internal",
  47. "resource_exhausted",
  48. "unavailable"
  49. ]
  50. },
  51. "tcp": {
  52. "maxConnectAttempts": 4
  53. }
  54. }
  55. }
  56. ],
  57. "next": "http://localhost:5681/meshes/default/retries?offset=1"
  58. }

Delete Retry

Request: DELETE /meshes/{mesh}/retries/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/meshes/default/retries/r1

The kumactl CLI under the hood makes HTTP requests to this API.

Timeout

Get Timeout

Request: GET /meshes/{mesh}/timeouts/{name}

Response: 200 OK with Timeout entity

Example:

  1. curl http://localhost:5681/meshes/default/timeouts/default-timeouts-web
  1. {
  2. "type": "Timeout",
  3. "mesh": "default",
  4. "name": "default-timeouts-web",
  5. "creationTime": "2021-02-16T18:41:26.016089+07:00",
  6. "modificationTime": "2021-02-16T18:41:26.016089+07:00",
  7. "sources": [
  8. {
  9. "match": {
  10. "kuma.io/service": "*"
  11. }
  12. }
  13. ],
  14. "destinations": [
  15. {
  16. "match": {
  17. "kuma.io/service": "web"
  18. }
  19. }
  20. ],
  21. "conf": {
  22. "connectTimeout": "10s",
  23. "grpc": {
  24. "streamIdleTimeout": "4s",
  25. "maxStreamDuration": "15s"
  26. }
  27. }
  28. }

Create/Update Timeout

Request: PUT /meshes/{mesh}/timeouts/{name} with Timeout entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/meshes/default/timeouts/fi1 --data @timeout.json -H'content-type: application/json'
  1. {
  2. "type": "Timeout",
  3. "mesh": "default",
  4. "name": "default-timeouts-web",
  5. "sources": [
  6. {
  7. "match": {
  8. "kuma.io/service": "*"
  9. }
  10. }
  11. ],
  12. "destinations": [
  13. {
  14. "match": {
  15. "kuma.io/service": "web"
  16. }
  17. }
  18. ],
  19. "conf": {
  20. "connectTimeout": "10s",
  21. "grpc": {
  22. "streamIdleTimeout": "4s",
  23. "maxStreamDuration": "15s"
  24. }
  25. }
  26. }

List Timeouts

Request: GET /meshes/{mesh}/retries

Response: 200 OK with body of Timeout entities

Example:

  1. curl http://localhost:5681/meshes/default/timeouts
  1. {
  2. "total": 2,
  3. "items": [
  4. {
  5. "type": "Timeout",
  6. "mesh": "default",
  7. "name": "default-timeouts-web",
  8. "creationTime": "2021-02-16T18:41:26.016089+07:00",
  9. "modificationTime": "2021-02-16T18:41:26.016089+07:00",
  10. "sources": [
  11. {
  12. "match": {
  13. "kuma.io/service": "*"
  14. }
  15. }
  16. ],
  17. "destinations": [
  18. {
  19. "match": {
  20. "kuma.io/service": "web"
  21. }
  22. }
  23. ],
  24. "conf": {
  25. "connectTimeout": "10s",
  26. "grpc": {
  27. "streamIdleTimeout": "4s",
  28. "maxStreamDuration": "15s"
  29. }
  30. }
  31. },
  32. {
  33. "type": "Timeout",
  34. "mesh": "default",
  35. "name": "timeout-all-default",
  36. "creationTime": "2021-02-16T14:01:53.532599+07:00",
  37. "modificationTime": "2021-02-16T14:01:53.532599+07:00",
  38. "sources": [
  39. {
  40. "match": {
  41. "kuma.io/service": "*"
  42. }
  43. }
  44. ],
  45. "destinations": [
  46. {
  47. "match": {
  48. "kuma.io/service": "*"
  49. }
  50. }
  51. ],
  52. "conf": {
  53. "connectTimeout": "5s",
  54. "tcp": {
  55. "idleTimeout": "3600s"
  56. },
  57. "http": {
  58. "requestTimeout": "15s",
  59. "idleTimeout": "3600s"
  60. },
  61. "grpc": {
  62. "streamIdleTimeout": "300s"
  63. }
  64. }
  65. }
  66. ],
  67. "next": null
  68. }

Delete Timeout

Request: DELETE /meshes/{mesh}/timeouts/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/meshes/default/timeouts/t1

The kumactl CLI under the hood makes HTTP requests to this API.

Zones

Get Zone

Request: GET /zones/{name}

Response: 200 OK with Zone entity

Example:

  1. curl http://localhost:5681/zones/cluster-1
  1. {
  2. "type": "Zone",
  3. "name": "cluster-1",
  4. "creationTime": "2020-07-28T13:14:48Z",
  5. "modificationTime": "2020-07-28T13:14:48Z",
  6. "enabled": true
  7. }

Create/Update Zone

Request: PUT /zones/{name} with Zone entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/zones/cluster-1 --data @zone.json -H'content-type: application/json'
  1. {
  2. "type": "Zone",
  3. "name": "cluster-1",
  4. "enabled": true
  5. }

List Zones

Request: GET /zones

Response: 200 OK with body of Zone entities

Example:

  1. curl http://localhost:5681/zones
  1. {
  2. "total": 2,
  3. "items": [
  4. {
  5. "type": "Zone",
  6. "name": "cluster-1",
  7. "creationTime": "2020-07-28T13:14:48Z",
  8. "modificationTime": "2020-07-28T13:14:48Z",
  9. "enabled": true
  10. },
  11. {
  12. "type": "Zone",
  13. "name": "cluster-2",
  14. "creationTime": "2020-07-28T13:14:50Z",
  15. "modificationTime": "2020-07-28T13:14:50Z",
  16. "enabled": false
  17. }
  18. ],
  19. "next": null
  20. }

Delete Zone

Request: DELETE /zones/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/zones/cluster-1

Zone Overview

Get Zone Overview

Request: GET /zones+insights/{name}

Response: 200 OK with Zone entity including insight

Example:

  1. curl http://localhost:5681/zones+insights/cluster-1
  1. {
  2. "type": "ZoneOverview",
  3. "mesh": "default",
  4. "name": "cluster-1",
  5. "creationTime": "2020-07-28T23:08:22.317322+07:00",
  6. "modificationTime": "2020-07-28T23:08:22.317322+07:00",
  7. "zone": {
  8. "enabled": true
  9. },
  10. "zoneInsight": {
  11. "subscriptions": [
  12. {
  13. "config": "\"whole /config from zone\"",
  14. "id": "466aa63b-70e8-4435-8bee-a7146e2cdf11",
  15. "globalInstanceId": "66309679-ee95-4ea8-b17f-c715ca03bb38",
  16. "connectTime": "2020-07-28T16:08:09.743141Z",
  17. "disconnectTime": "2020-07-28T16:08:09.743194Z",
  18. "status": {
  19. "total": {}
  20. },
  21. "version": {
  22. "kumaCp": {
  23. "version": "1.2.0-rc2-211-g823fe8ce",
  24. "gitTag": "1.0.0-rc2-211-g823fe8ce",
  25. "gitCommit": "823fe8cef6430a8f75e72a7224eb5a8ab571ec42",
  26. "buildDate": "2021-02-18T13:22:30Z"
  27. }
  28. }
  29. },
  30. {
  31. "config": "\"whole /config from zone\"",
  32. "id": "f586f89c-2c4e-4f93-9a56-f0ea2ff010b7",
  33. "globalInstanceId": "66309679-ee95-4ea8-b17f-c715ca03bb38",
  34. "connectTime": "2020-07-28T16:08:24.760801Z",
  35. "status": {
  36. "lastUpdateTime": "2020-07-28T16:08:25.770774Z",
  37. "total": {
  38. "responsesSent": "11",
  39. "responsesAcknowledged": "11"
  40. },
  41. "stat": {
  42. "CircuitBreaker": {
  43. "responsesSent": "1",
  44. "responsesAcknowledged": "1"
  45. },
  46. "Dataplane": {
  47. "responsesSent": "1",
  48. "responsesAcknowledged": "1"
  49. },
  50. "FaultInjection": {
  51. "responsesSent": "1",
  52. "responsesAcknowledged": "1"
  53. },
  54. "HealthCheck": {
  55. "responsesSent": "1",
  56. "responsesAcknowledged": "1"
  57. },
  58. "Mesh": {
  59. "responsesSent": "1",
  60. "responsesAcknowledged": "1"
  61. },
  62. "ProxyTemplate": {
  63. "responsesSent": "1",
  64. "responsesAcknowledged": "1"
  65. },
  66. "Secret": {
  67. "responsesSent": "1",
  68. "responsesAcknowledged": "1"
  69. },
  70. "TrafficLog": {
  71. "responsesSent": "1",
  72. "responsesAcknowledged": "1"
  73. },
  74. "TrafficPermission": {
  75. "responsesSent": "1",
  76. "responsesAcknowledged": "1"
  77. },
  78. "TrafficRoute": {
  79. "responsesSent": "1",
  80. "responsesAcknowledged": "1"
  81. },
  82. "TrafficTrace": {
  83. "responsesSent": "1",
  84. "responsesAcknowledged": "1"
  85. }
  86. }
  87. }
  88. }
  89. ]
  90. }
  91. }

List Zone Overview

Request: GET /zones+insights

Response: 200 OK with Zone entities including insight

Example:

  1. curl http://localhost:5681/zones+insights
  1. {
  2. "total": 1,
  3. "items": [
  4. {
  5. "type": "ZoneOverview",
  6. "mesh": "default",
  7. "name": "cluster-1",
  8. "creationTime": "2020-07-28T23:08:22.317322+07:00",
  9. "modificationTime": "2020-07-28T23:08:22.317322+07:00",
  10. "zone": {
  11. "enabled": true
  12. },
  13. "zoneInsight": {
  14. "subscriptions": [
  15. {
  16. "config": "\"whole /config from zone\"",
  17. "id": "466aa63b-70e8-4435-8bee-a7146e2cdf11",
  18. "globalInstanceId": "66309679-ee95-4ea8-b17f-c715ca03bb38",
  19. "connectTime": "2020-07-28T16:08:09.743141Z",
  20. "disconnectTime": "2020-07-28T16:08:09.743194Z",
  21. "status": {
  22. "total": {}
  23. },
  24. "version": {
  25. "kumaCp": {
  26. "version": "1.2.0-rc2-211-g823fe8ce",
  27. "gitTag": "1.0.0-rc2-211-g823fe8ce",
  28. "gitCommit": "823fe8cef6430a8f75e72a7224eb5a8ab571ec42",
  29. "buildDate": "2021-02-18T13:22:30Z"
  30. }
  31. }
  32. },
  33. {
  34. "config": "\"whole /config from zone\"",
  35. "id": "f586f89c-2c4e-4f93-9a56-f0ea2ff010b7",
  36. "globalInstanceId": "66309679-ee95-4ea8-b17f-c715ca03bb38",
  37. "connectTime": "2020-07-28T16:08:24.760801Z",
  38. "status": {
  39. "lastUpdateTime": "2020-07-28T16:08:25.770774Z",
  40. "total": {
  41. "responsesSent": "11",
  42. "responsesAcknowledged": "11"
  43. },
  44. "stat": {
  45. "CircuitBreaker": {
  46. "responsesSent": "1",
  47. "responsesAcknowledged": "1"
  48. },
  49. "Dataplane": {
  50. "responsesSent": "1",
  51. "responsesAcknowledged": "1"
  52. },
  53. "FaultInjection": {
  54. "responsesSent": "1",
  55. "responsesAcknowledged": "1"
  56. },
  57. "HealthCheck": {
  58. "responsesSent": "1",
  59. "responsesAcknowledged": "1"
  60. },
  61. "Mesh": {
  62. "responsesSent": "1",
  63. "responsesAcknowledged": "1"
  64. },
  65. "ProxyTemplate": {
  66. "responsesSent": "1",
  67. "responsesAcknowledged": "1"
  68. },
  69. "Secret": {
  70. "responsesSent": "1",
  71. "responsesAcknowledged": "1"
  72. },
  73. "TrafficLog": {
  74. "responsesSent": "1",
  75. "responsesAcknowledged": "1"
  76. },
  77. "TrafficPermission": {
  78. "responsesSent": "1",
  79. "responsesAcknowledged": "1"
  80. },
  81. "TrafficRoute": {
  82. "responsesSent": "1",
  83. "responsesAcknowledged": "1"
  84. },
  85. "TrafficTrace": {
  86. "responsesSent": "1",
  87. "responsesAcknowledged": "1"
  88. }
  89. }
  90. },
  91. "version": {
  92. "kumaCp": {
  93. "version": "1.2.0-rc2-211-g823fe8ce",
  94. "gitTag": "1.0.0-rc2-211-g823fe8ce",
  95. "gitCommit": "823fe8cef6430a8f75e72a7224eb5a8ab571ec42",
  96. "buildDate": "2021-02-18T13:22:30Z"
  97. }
  98. }
  99. }
  100. ]
  101. }
  102. }
  103. ],
  104. "next": null
  105. }

Zone Ingresses

List Zone Ingresses

Request: GET /zone-ingresses

Response: 200 OK with ZoneIngresses entities

Example:

  1. curl http://localhost:5681/zone-ingresses
  1. {
  2. "total": 2,
  3. "items": [
  4. {
  5. "type": "ZoneIngress",
  6. "name": "zi-1",
  7. "creationTime": "2022-04-01T18:33:41Z",
  8. "modificationTime": "2022-04-01T18:33:41Z",
  9. "zone": "kuma-4",
  10. "networking": {
  11. "address": "192.168.64.9",
  12. "advertisedAddress": "192.168.64.9",
  13. "port": 30685,
  14. "advertisedPort": 30685
  15. },
  16. "availableServices": [
  17. {
  18. "tags": {
  19. "kuma.io/service": "zone4-demo-client",
  20. "kuma.io/zone": "kuma-4",
  21. "team": "client-owners"
  22. },
  23. "instances": 1,
  24. "mesh": "default"
  25. },
  26. {
  27. "tags": {
  28. "kuma.io/protocol": "http",
  29. "kuma.io/service": "external-service-in-zone4",
  30. "kuma.io/zone": "kuma-4",
  31. "mesh": "default"
  32. },
  33. "instances": 1,
  34. "mesh": "default",
  35. "externalService": true
  36. }
  37. ]
  38. },
  39. {
  40. "type": "ZoneIngress",
  41. "name": "zi-2",
  42. "creationTime": "2022-04-01T18:33:15Z",
  43. "modificationTime": "2022-04-01T18:33:15Z",
  44. "networking": {
  45. "address": "10.42.0.6",
  46. "advertisedAddress": "192.168.64.4",
  47. "port": 10001,
  48. "advertisedPort": 31882
  49. },
  50. "availableServices": [
  51. {
  52. "tags": {
  53. "app": "demo-client",
  54. "k8s.kuma.io/namespace": "kuma-test",
  55. "kuma.io/instance": "demo-client-6794456845-fr4gf",
  56. "kuma.io/protocol": "tcp",
  57. "kuma.io/service": "demo-client_kuma-test_svc",
  58. "kuma.io/zone": "kuma-1-zone",
  59. "pod-template-hash": "6794456845"
  60. },
  61. "instances": 1,
  62. "mesh": "default"
  63. },
  64. {
  65. "tags": {
  66. "kuma.io/protocol": "http",
  67. "kuma.io/service": "external-service-in-zone1",
  68. "kuma.io/zone": "kuma-1-zone",
  69. "mesh": "default"
  70. },
  71. "instances": 1,
  72. "mesh": "default",
  73. "externalService": true
  74. }
  75. ]
  76. }
  77. ],
  78. "next": null
  79. }

Get Zone Ingress

Request: GET /zone-ingress/{name}

Response: 200 OK with ZoneIngress entity

Example:

  1. curl http://localhost:5681/zone-ingresses/ze-1
  1. {
  2. "type": "ZoneIngress",
  3. "name": "zi-1",
  4. "creationTime": "2022-04-01T18:33:41Z",
  5. "modificationTime": "2022-04-01T18:33:41Z",
  6. "zone": "kuma-4",
  7. "networking": {
  8. "address": "192.168.64.9",
  9. "advertisedAddress": "192.168.64.9",
  10. "port": 30685,
  11. "advertisedPort": 30685
  12. },
  13. "availableServices": [
  14. {
  15. "tags": {
  16. "kuma.io/service": "zone4-demo-client",
  17. "kuma.io/zone": "kuma-4",
  18. "team": "client-owners"
  19. },
  20. "instances": 1,
  21. "mesh": "default"
  22. },
  23. {
  24. "tags": {
  25. "kuma.io/protocol": "http",
  26. "kuma.io/service": "external-service-in-zone4",
  27. "kuma.io/zone": "kuma-4",
  28. "mesh": "default"
  29. },
  30. "instances": 1,
  31. "mesh": "default",
  32. "externalService": true
  33. }
  34. ]
  35. }

Zone Ingress Overviews

List Zone Ingress Overviews

Request: GET /zoneingresses+insights

Response: 200 OK with ZoneIngressOverview entities (which are combination of ZoneIngress and ZoneIngressInsight entities)

Example:

  1. curl http://localhost:5681/zoneingresses+insights
  1. {
  2. "total": 2,
  3. "items": [
  4. {
  5. "type": "ZoneIngressOverview",
  6. "name": "zi-1",
  7. "creationTime": "2022-04-01T19:45:11Z",
  8. "modificationTime": "2022-04-01T19:45:11Z",
  9. "zoneIngress": {
  10. "zone": "kuma-4",
  11. "networking": {
  12. "address": "192.168.64.9",
  13. "advertisedAddress": "192.168.64.9",
  14. "port": 30685,
  15. "advertisedPort": 30685
  16. },
  17. "availableServices": [
  18. {
  19. "tags": {
  20. "kuma.io/service": "zone4-demo-client",
  21. "kuma.io/zone": "kuma-4",
  22. "team": "client-owners"
  23. },
  24. "instances": 1,
  25. "mesh": "default"
  26. },
  27. {
  28. "tags": {
  29. "kuma.io/protocol": "http",
  30. "kuma.io/service": "external-service-in-zone4",
  31. "kuma.io/zone": "kuma-4",
  32. "mesh": "default"
  33. },
  34. "instances": 1,
  35. "mesh": "default",
  36. "externalService": true
  37. }
  38. ]
  39. }
  40. },
  41. {
  42. "type": "ZoneIngressOverview",
  43. "name": "zi-2",
  44. "creationTime": "2022-04-01T19:44:46Z",
  45. "modificationTime": "2022-04-01T19:44:46Z",
  46. "zoneIngress": {
  47. "networking": {
  48. "address": "10.42.0.6",
  49. "advertisedAddress": "192.168.64.2",
  50. "port": 10001,
  51. "advertisedPort": 30103
  52. },
  53. "availableServices": [
  54. {
  55. "tags": {
  56. "app": "demo-client",
  57. "k8s.kuma.io/namespace": "kuma-test",
  58. "kuma.io/instance": "demo-client-59ff94f647-8wqw7",
  59. "kuma.io/protocol": "tcp",
  60. "kuma.io/service": "demo-client_kuma-test_svc",
  61. "kuma.io/zone": "kuma-1-zone",
  62. "pod-template-hash": "59ff94f647"
  63. },
  64. "instances": 1,
  65. "mesh": "default"
  66. },
  67. {
  68. "tags": {
  69. "kuma.io/protocol": "http",
  70. "kuma.io/service": "external-service-in-zone1",
  71. "kuma.io/zone": "kuma-1-zone",
  72. "mesh": "default"
  73. },
  74. "instances": 1,
  75. "mesh": "default",
  76. "externalService": true
  77. }
  78. ]
  79. },
  80. "zoneIngressInsight": {
  81. "subscriptions": [
  82. {
  83. "id": "e92113b3-f01c-43cf-a21e-2b7064eb5bf8",
  84. "controlPlaneInstanceId": "kuma-control-plane-7cc9ffd8f9-s79r8-5b83",
  85. "connectTime": "2022-04-01T19:44:52.306011636Z",
  86. "status": {
  87. "lastUpdateTime": "2022-04-01T19:45:14.389007660Z",
  88. "total": {
  89. "responsesSent": "8",
  90. "responsesAcknowledged": "9"
  91. },
  92. "cds": {
  93. "responsesSent": "3",
  94. "responsesAcknowledged": "3"
  95. },
  96. "eds": {
  97. "responsesSent": "2",
  98. "responsesAcknowledged": "3"
  99. },
  100. "lds": {
  101. "responsesSent": "3",
  102. "responsesAcknowledged": "3"
  103. },
  104. "rds": {}
  105. },
  106. "version": {
  107. "kumaDp": {
  108. "version": "dev-d66126389",
  109. "gitTag": "1.5.0-rc1-156-gd66126389",
  110. "gitCommit": "d66126389d1842fb459b4db399e2db82781527bf",
  111. "buildDate": "2022-04-01T19:43:19Z"
  112. },
  113. "envoy": {
  114. "version": "1.21.1",
  115. "build": "af50070ee60866874b0a9383daf9364e884ded22/1.21.1/Clean/RELEASE/BoringSSL",
  116. "kumaDpCompatible": true
  117. }
  118. },
  119. "generation": 18
  120. }
  121. ]
  122. }
  123. }
  124. ],
  125. "next": null
  126. }

Get Zone Ingress Overview

Request: GET /zoneingresses+insights/{name}

Response: 200 OK with ZoneIngressOverview entity (which is a combination of ZoneIngress and ZoneIngressInsight entities)

Example:

  1. curl http://localhost:5681/zoneingresses+insights/zi-1
  1. {
  2. "type": "ZoneIngressOverview",
  3. "name": "zi-1",
  4. "creationTime": "2022-04-01T19:45:11Z",
  5. "modificationTime": "2022-04-01T19:45:11Z",
  6. "zoneIngress": {
  7. "zone": "kuma-4",
  8. "networking": {
  9. "address": "192.168.64.9",
  10. "advertisedAddress": "192.168.64.9",
  11. "port": 30685,
  12. "advertisedPort": 30685
  13. },
  14. "availableServices": [
  15. {
  16. "tags": {
  17. "kuma.io/service": "zone4-demo-client",
  18. "kuma.io/zone": "kuma-4",
  19. "team": "client-owners"
  20. },
  21. "instances": 1,
  22. "mesh": "default"
  23. },
  24. {
  25. "tags": {
  26. "kuma.io/protocol": "http",
  27. "kuma.io/service": "external-service-in-zone4",
  28. "kuma.io/zone": "kuma-4",
  29. "mesh": "default"
  30. },
  31. "instances": 1,
  32. "mesh": "default",
  33. "externalService": true
  34. }
  35. ]
  36. },
  37. "zoneIngressInsight": {}
  38. }

Zone Egresses

List Zone Egresses

Request: GET /zoneegresses

Response: 200 OK with ZoneEgress entities

Example:

  1. curl http://localhost:5681/zoneegresses
  1. {
  2. "total": 2,
  3. "items": [
  4. {
  5. "type": "ZoneEgress",
  6. "name": "kuma-1-zone.kuma-egress-6f7c8bbcc9-rzxnw.kuma-system",
  7. "creationTime": "2022-02-18T13:39:39Z",
  8. "modificationTime": "2022-02-18T13:39:39Z",
  9. "zone": "kuma-1-zone",
  10. "networking": {
  11. "address": "10.42.0.6",
  12. "port": 10002
  13. }
  14. },
  15. {
  16. "type": "ZoneEgress",
  17. "name": "kuma-3.egress",
  18. "creationTime": "2022-02-18T13:40:30.086380212Z",
  19. "modificationTime": "2022-02-18T13:40:30.086380212Z",
  20. "zone": "kuma-3",
  21. "networking": {
  22. "address": "172.21.0.11",
  23. "port": 30685
  24. }
  25. }
  26. ],
  27. "next": null
  28. }

Get Zone Egress

Request: GET /zoneegresses/{name}

Response: 200 OK with ZoneEgress entity

Example:

  1. curl http://localhost:5681/zoneegresses/ze-1
  1. {
  2. "type": "ZoneEgress",
  3. "name": "ze-1",
  4. "creationTime": "2022-02-18T13:40:30.086380212Z",
  5. "modificationTime": "2022-02-18T13:40:30.086380212Z",
  6. "zone": "zone-1",
  7. "networking": {
  8. "address": "172.21.0.11",
  9. "port": 30685
  10. }
  11. }

Zone Egress Overviews

List Zone Egress Overviews

Request: GET /zoneegressoverviews

Response: 200 OK with ZoneEgressOverview entities (which are combination of ZoneEgress and ZoneEgressInsight entities)

Example:

  1. curl http://localhost:5681/zoneegressoverviews
  1. {
  2. "total": 2,
  3. "items": [
  4. {
  5. "type": "ZoneEgressOverview",
  6. "name": "kuma-1-zone.kuma-egress-6f7c8bbcc9-rzxnw.kuma-system",
  7. "creationTime": "2022-02-18T13:39:39Z",
  8. "modificationTime": "2022-02-18T13:39:39Z",
  9. "zoneEgress": {
  10. "zone": "kuma-1-zone",
  11. "networking": {
  12. "address": "10.42.0.6",
  13. "port": 10002
  14. }
  15. },
  16. "zoneEgressInsight": {
  17. "subscriptions": [
  18. {
  19. "id": "bb56359c-5b1c-4a9e-af3f-0982e1f37b74",
  20. "controlPlaneInstanceId": "kuma-control-plane-b799fb878-w2d9l-97fb",
  21. "connectTime": "2022-02-18T13:39:48.312313103Z",
  22. "status": {
  23. "lastUpdateTime": "2022-02-18T13:40:41.338203595Z",
  24. "total": {
  25. "responsesSent": "11",
  26. "responsesAcknowledged": "13"
  27. },
  28. "cds": {
  29. "responsesSent": "4",
  30. "responsesAcknowledged": "4"
  31. },
  32. "eds": {
  33. "responsesSent": "3",
  34. "responsesAcknowledged": "5"
  35. },
  36. "lds": {
  37. "responsesSent": "4",
  38. "responsesAcknowledged": "4"
  39. },
  40. "rds": {}
  41. },
  42. "version": {
  43. "kumaDp": {
  44. "version": "dev-60984ad8d",
  45. "gitTag": "1.5.0-rc1-18-g60984ad8d",
  46. "gitCommit": "60984ad8d66a59b269b3493172a6a22edc310515",
  47. "buildDate": "2022-02-18T13:38:45Z"
  48. },
  49. "envoy": {
  50. "version": "1.21.0",
  51. "build": "a9d72603c68da3a10a1c0d021d01c7877e6f2a30/1.21.0/Clean/RELEASE/BoringSSL"
  52. }
  53. }
  54. }
  55. ]
  56. }
  57. },
  58. {
  59. "type": "ZoneEgressOverview",
  60. "name": "kuma-3.egress",
  61. "creationTime": "2022-02-18T13:40:30.086380212Z",
  62. "modificationTime": "2022-02-18T13:40:30.086380212Z",
  63. "zoneEgress": {
  64. "zone": "kuma-3",
  65. "networking": {
  66. "address": "172.21.0.11",
  67. "port": 30685
  68. }
  69. },
  70. "zoneEgressInsight": {
  71. "subscriptions": [
  72. {
  73. "id": "9f3766b3-f560-422f-b2ab-d8276f67d6d0",
  74. "controlPlaneInstanceId": "69150c6bc245-f8ba",
  75. "connectTime": "2022-02-18T13:40:30.084188804Z",
  76. "status": {
  77. "lastUpdateTime": "2022-02-18T13:40:39.129293439Z",
  78. "total": {
  79. "responsesSent": "6",
  80. "responsesAcknowledged": "7"
  81. },
  82. "cds": {
  83. "responsesSent": "2",
  84. "responsesAcknowledged": "2"
  85. },
  86. "eds": {
  87. "responsesSent": "2",
  88. "responsesAcknowledged": "3"
  89. },
  90. "lds": {
  91. "responsesSent": "2",
  92. "responsesAcknowledged": "2"
  93. },
  94. "rds": {}
  95. },
  96. "version": {
  97. "kumaDp": {
  98. "version": "dev-60984ad8d",
  99. "gitTag": "1.5.0-rc1-18-g60984ad8d",
  100. "gitCommit": "60984ad8d66a59b269b3493172a6a22edc310515",
  101. "buildDate": "2022-02-18T13:38:45Z"
  102. },
  103. "envoy": {
  104. "version": "1.21.0",
  105. "build": "a9d72603c68da3a10a1c0d021d01c7877e6f2a30/1.21.0/Clean/RELEASE/BoringSSL"
  106. }
  107. }
  108. }
  109. ]
  110. }
  111. }
  112. ],
  113. "next": null
  114. }

Get Zone Egress Overview

Request: GET /zoneegressoverviews/{name}

Response: 200 OK with ZoneEgressOverview entity (which is a combination of ZoneEgress and ZoneEgressInsight entities)

Example:

  1. curl http://localhost:5681/zonesegressoverviews/ze-1
  1. {
  2. "type": "ZoneEgressOverview",
  3. "name": "ze-1",
  4. "creationTime": "2022-02-18T13:40:30.086380212Z",
  5. "modificationTime": "2022-02-18T13:40:30.086380212Z",
  6. "zoneEgress": {
  7. "zone": "zone-1",
  8. "networking": {
  9. "address": "172.21.0.11",
  10. "port": 30685
  11. }
  12. },
  13. "zoneEgressInsight": {
  14. "subscriptions": [
  15. {
  16. "id": "9f3766b3-f560-422f-b2ab-d8276f67d6d0",
  17. "controlPlaneInstanceId": "69150c6bc245-f8ba",
  18. "connectTime": "2022-02-18T13:40:30.084188804Z",
  19. "status": {
  20. "lastUpdateTime": "2022-02-18T13:40:39.129293439Z",
  21. "total": {
  22. "responsesSent": "6",
  23. "responsesAcknowledged": "7"
  24. },
  25. "cds": {
  26. "responsesSent": "2",
  27. "responsesAcknowledged": "2"
  28. },
  29. "eds": {
  30. "responsesSent": "2",
  31. "responsesAcknowledged": "3"
  32. },
  33. "lds": {
  34. "responsesSent": "2",
  35. "responsesAcknowledged": "2"
  36. },
  37. "rds": {}
  38. },
  39. "version": {
  40. "kumaDp": {
  41. "version": "dev-60984ad8d",
  42. "gitTag": "1.5.0-rc1-18-g60984ad8d",
  43. "gitCommit": "60984ad8d66a59b269b3493172a6a22edc310515",
  44. "buildDate": "2022-02-18T13:38:45Z"
  45. },
  46. "envoy": {
  47. "version": "1.21.0",
  48. "build": "a9d72603c68da3a10a1c0d021d01c7877e6f2a30/1.21.0/Clean/RELEASE/BoringSSL"
  49. }
  50. }
  51. }
  52. ]
  53. }
  54. }

External Services

Get External Service

Request: GET /meshes/{mesh}/external-services/{name}

Response: 200 OK with External Service entity

Example:

  1. curl localhost:5681/meshes/default/external-services/httpbin
  1. {
  2. "type": "ExternalService",
  3. "mesh": "default",
  4. "name": "httpbin",
  5. "creationTime": "2020-10-12T09:40:27.224648+03:00",
  6. "modificationTime": "2020-10-12T09:40:27.224648+03:00",
  7. "networking": {
  8. "address": "httpbin.org:80",
  9. "tls": {}
  10. },
  11. "tags": {
  12. "kuma.io/protocol": "http",
  13. "kuma.io/service": "httpbin"
  14. }
  15. }

Create/Update External Service

Request: PUT /meshes/{mesh}/external-services/{name} with External Service entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/meshes/default/external-services/es --data @es.json -H'content-type: application/json'
  1. {
  2. "type": "ExternalService",
  3. "mesh": "default",
  4. "name": "es",
  5. "networking": {
  6. "address": "httpbin.org:80",
  7. "tls": {}
  8. },
  9. "tags": {
  10. "kuma.io/protocol": "http",
  11. "kuma.io/service": "es"
  12. }
  13. }

List External Services

Request: GET /external-services

Response: 200 OK with body of Zone entities

Example:

  1. curl http://localhost:5681/external-services
  1. {
  2. "total": 2,
  3. "items": [
  4. {
  5. "type": "ExternalService",
  6. "mesh": "default",
  7. "name": "httpbin",
  8. "creationTime": "2020-10-12T09:40:27.224648+03:00",
  9. "modificationTime": "2020-10-12T09:40:27.224648+03:00",
  10. "networking": {
  11. "address": "httpbin.org:80",
  12. "tls": {}
  13. },
  14. "tags": {
  15. "kuma.io/protocol": "http",
  16. "kuma.io/service": "httpbin"
  17. }
  18. },
  19. {
  20. "type": "ExternalService",
  21. "mesh": "default",
  22. "name": "httpsbin",
  23. "creationTime": "2020-10-12T09:41:07.275867+03:00",
  24. "modificationTime": "2020-10-12T09:41:07.275867+03:00",
  25. "networking": {
  26. "address": "httpbin.org:443",
  27. "tls": {
  28. "enabled": true,
  29. "caCert": {
  30. "inline": "LS0tLS1=="
  31. }
  32. }
  33. },
  34. "tags": {
  35. "kuma.io/protocol": "http",
  36. "kuma.io/service": "httpsbin"
  37. }
  38. }
  39. ],
  40. "next": null
  41. }

Delete External Services

Request: DELETE /meshes/{mesh}/external-services/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/meshes/default/external-services/es

Service Insights

Get Service Insight

Request: GET /meshes/{mesh}/service-insights/{name}

Response: 200 OK with Service Insight entity

Example:

  1. curl localhost:5681/meshes/default/service-insights/backend
  1. {
  2. "type": "ServiceInsight",
  3. "mesh": "default",
  4. "name": "backend",
  5. "creationTime": "2020-10-12T09:40:27.224648+03:00",
  6. "modificationTime": "2020-10-12T09:40:27.224648+03:00",
  7. "status": "partially_degraded",
  8. "dataplanes": {
  9. "online": 1,
  10. "offline": 1,
  11. "total": 2
  12. }
  13. }

List Service Insights

Request: GET /service-insights

Response: 200 OK with body of Service Insights entities

Example:

  1. curl http://localhost:5681/service-insights
  1. {
  2. "total": 2,
  3. "items": [
  4. {
  5. "type": "ServiceInsight",
  6. "mesh": "default",
  7. "name": "backend",
  8. "creationTime": "2020-10-12T09:40:27.224648+03:00",
  9. "modificationTime": "2020-10-12T09:40:27.224648+03:00",
  10. "status": "partially_degraded",
  11. "dataplanes": {
  12. "online": 1,
  13. "offline": 1,
  14. "total": 2
  15. }
  16. },
  17. {
  18. "type": "ServiceInsight",
  19. "mesh": "default",
  20. "name": "backend-api",
  21. "creationTime": "2020-10-12T09:40:27.224648+03:00",
  22. "modificationTime": "2020-10-12T09:40:27.224648+03:00",
  23. "status": "partially_degraded",
  24. "dataplanes": {
  25. "online": 1,
  26. "offline": 1,
  27. "total": 2
  28. }
  29. }
  30. ],
  31. "next": null
  32. }

Secrets

Get Secret

Request: GET /meshes/{mesh}/secrets/{name}

Response: 200 OK with Secret entity

Example:

  1. curl localhost:5681/meshes/default/secrets/sample-secret
  1. {
  2. "type": "Secret",
  3. "mesh": "default",
  4. "name": "sample-secret",
  5. "creationTime": "2021-02-18T18:46:42.195647+01:00",
  6. "modificationTime": "2021-02-18T18:46:42.195647+01:00",
  7. "data": "dGVzdAo="
  8. }

Create/Update Secret

Request: PUT /meshes/{mesh}/secrets/{name} with Secret entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/meshes/default/secrets/sample-secret --data @secret.json -H'content-type: application/json'
  1. {
  2. "type": "Secret",
  3. "mesh": "default",
  4. "name": "sample-secret",
  5. "data": "dGVzdAo="
  6. }

List Secrets

Request: GET /meshes/{mesh}/secrets

Response: 200 OK with body of Secret entities

Example:

  1. curl http://localhost:5681/meshes/default/secrets
  1. {
  2. "total": 1,
  3. "items": [
  4. {
  5. "type": "Secret",
  6. "name": "sample-secret",
  7. "mesh": "default",
  8. "creationTime": "2021-02-18T18:46:42.195647+01:00",
  9. "modificationTime": "2021-02-18T18:46:42.195647+01:00",
  10. "data": "dGVzdAo="
  11. }
  12. ],
  13. "next": null
  14. }

Delete Secret

Request: DELETE /meshes/{mesh}/secrets/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/meshes/default/secrets/sample-secret

Global Secrets

Get Global Secret

Request: GET /global-secrets/{name}

Response: 200 OK with Global Secret entity

Example:

  1. curl localhost:5681/sample-global-secret
  1. {
  2. "type": "Secret",
  3. "name": "sample-global-secret",
  4. "creationTime": "2021-02-18T18:46:42.195647+01:00",
  5. "modificationTime": "2021-02-18T18:46:42.195647+01:00",
  6. "data": "dGVzdAo="
  7. }

Create/Update Global Secret

Request: PUT /global-secrets/{name} with Global Secret entity in body

Response: 201 Created when the resource is created and 200 OK when it is updated

Example:

  1. curl -XPUT http://localhost:5681/global-secrets/sample-global-secret --data @secret.json -H'content-type: application/json'
  1. {
  2. "type": "Secret",
  3. "name": "sample-global-secret",
  4. "data": "dGVzdAo="
  5. }

List Global Secrets

Request: GET /global-secrets

Response: 200 OK with body of Global Secret entities

Example:

  1. curl http://localhost:5681/global-secrets
  1. {
  2. "total": 1,
  3. "items": [
  4. {
  5. "type": "Secret",
  6. "name": "sample-global-secret",
  7. "creationTime": "2021-02-18T18:46:42.195647+01:00",
  8. "modificationTime": "2021-02-18T18:46:42.195647+01:00",
  9. "data": "dGVzdAo="
  10. }
  11. ],
  12. "next": null
  13. }

Delete Global Secret

Request: DELETE /global-secrets/{name}

Response: 200 OK

Example:

  1. curl -XDELETE http://localhost:5681/global-secrets/sample-global-secret

Multi-zone

These APIs are available on the Global control plane, when running in a distributed multi-zone mode.

Zones status

Request: GET /status/zones

Response: 200 OK

Example:

  1. curl -XGET http://localhost:5681/status/zones
  1. [
  2. {
  3. "name": "zone-1",
  4. "url": "grpcs://1.1.1.1:5685",
  5. "active": true
  6. },
  7. {
  8. "name": "zone-2",
  9. "url": "grpcs://2.2.2.2:5685",
  10. "active": false
  11. }
  12. ]

Dataplane Proxy Tokens

Generate the data plane proxy tokens required for data plane proxy authentication.

Requires authentication to the control plane by the user.

For details, see data plane proxy authentication.

Generate dataplane proxy token

Request: PUT /tokens/dataplane with the following body:

  1. {
  2. "name": "dp-echo-1",
  3. "mesh": "default",
  4. "tags": {
  5. "kuma.io/service": ["backend", "backend-admin"]
  6. }
  7. }

Response: 200 OK

Example:

  1. curl -XPOST \
  2. -H "Content-Type: application/json" \
  3. --data '{"name": "dp-echo-1", "mesh": "default", "tags": {"kuma.io/service": ["backend", "backend-admin"]}}' \
  4. http://localhost:5681/tokens/dataplane

Zone Ingress Tokens

Generate token which zone ingress can use to authenticate itself.

Requires authentication to the control plane by the user.

For details, see zone ingress authentication.

Generate Zone Ingress Token

Example:

  1. curl -XPOST \
  2. -H "Content-Type: application/json" \
  3. --data '{"zone": "us-east", "validFor": "720h"}' \
  4. http://localhost:5681/tokens/zone-ingress

Global Insights

Get Global Insights

Request: GET /global-insights

Response: 200 OK with Global Insights entity

Example:

  1. curl localhost:5681/global-insights
  1. {
  2. "type": "GlobalInsights",
  3. "creationTime": "2021-11-05T08:11:37.880477+01:00",
  4. "resources": {
  5. "GlobalSecret": {
  6. "total": 3
  7. },
  8. "Mesh": {
  9. "total": 1
  10. },
  11. "Zone": {
  12. "total": 0
  13. },
  14. "ZoneIngress": {
  15. "total": 0
  16. }
  17. }
  18. }

Inspect API

Get policies matched for the data plane proxy

Request: GET /meshes/{mesh}/dataplanes/{dataplane}/policies

Example:

  1. curl localhost:5681/meshes/default/dataplanes/backend-1/policies
  1. {
  2. "total": 3,
  3. "kind": "SidecarDataplane",
  4. "items": [
  5. {
  6. "type": "inbound",
  7. "name": "127.0.0.1:10010:10011",
  8. "matchedPolicies": {
  9. "TrafficPermission": [
  10. {
  11. "type": "TrafficPermission",
  12. "mesh": "default",
  13. "name": "allow-all-default",
  14. ...
  15. }
  16. ]
  17. }
  18. },
  19. {
  20. "type": "outbound",
  21. "name": "127.0.0.1:10006",
  22. "matchedPolicies": {
  23. "Timeout": [
  24. {
  25. "type": "Timeout",
  26. "mesh": "default",
  27. "name": "timeout-all-default",
  28. ...
  29. }
  30. ]
  31. }
  32. },
  33. {
  34. "type": "service",
  35. "name": "gateway",
  36. "matchedPolicies": {
  37. "CircuitBreaker": [
  38. {
  39. "type": "CircuitBreaker",
  40. "mesh": "default",
  41. "name": "circuit-breaker-all-default",
  42. ...
  43. }
  44. ],
  45. "HealthCheck": [
  46. {
  47. "type": "HealthCheck",
  48. "mesh": "default",
  49. "name": "gateway-to-backend",
  50. ...
  51. }
  52. ],
  53. "Retry": [
  54. {
  55. "type": "Retry",
  56. "mesh": "default",
  57. "name": "retry-all-default",
  58. ...
  59. }
  60. ]
  61. }
  62. }
  63. ]
  64. }

MeshGateway-configured Dataplane example:

  1. curl localhost:5681/meshes/default/dataplanes/gateway-1/policies
  1. {
  2. "gateway": {
  3. "mesh": "default",
  4. "name": "foo-gateway.default"
  5. },
  6. "kind": "MeshGatewayDataplane",
  7. "listeners": [
  8. {
  9. "hosts": [
  10. {
  11. "hostName": "go.com",
  12. "routes": [
  13. {
  14. "destinations": [
  15. {
  16. "policies": {
  17. "CircuitBreaker": {
  18. "type": "CircuitBreaker"
  19. "mesh": "default",
  20. "name": "circuit-breaker-all-default",
  21. ...
  22. },
  23. "Retry": {
  24. "type": "Retry"
  25. "mesh": "default",
  26. "name": "retry-all-default",
  27. ...
  28. },
  29. "Timeout": {
  30. "type": "Timeout"
  31. "mesh": "default",
  32. "name": "timeout-all-default",
  33. ...
  34. }
  35. },
  36. "tags": {
  37. "kuma.io/service": "demo-app_kuma-demo_svc_5000"
  38. }
  39. },
  40. {
  41. "policies": {
  42. "CircuitBreaker": {
  43. "type": "CircuitBreaker"
  44. "mesh": "default",
  45. "name": "circuit-breaker-all-default",
  46. ...
  47. },
  48. "Retry": {
  49. "type": "Retry"
  50. "mesh": "default",
  51. "name": "retry-all-default",
  52. ...
  53. },
  54. "Timeout": {
  55. "type": "Timeout"
  56. "mesh": "default",
  57. "name": "timeout-all-default",
  58. ...
  59. }
  60. },
  61. "tags": {
  62. "kuma.io/service": "httpbin"
  63. }
  64. }
  65. ],
  66. "route": "default-foo-gateway-hw6n5"
  67. }
  68. ]
  69. }
  70. ],
  71. "port": 80,
  72. "protocol": "HTTP"
  73. }
  74. ]
  75. }

Get data plane proxies affected by policy

Request: GET /meshes/{mesh}/{policy-type}/{policy}/dataplanes

Example:

  1. curl localhost:5681/meshes/default/circuit-breakers/circuit-breaker-all-default/dataplanes
  1. {
  2. "total": 2,
  3. "items": [
  4. {
  5. "kind": "SidecarDataplane",
  6. "dataplane": {
  7. "mesh": "default",
  8. "name": "demo-app-1"
  9. },
  10. "attachments": [
  11. {
  12. "type": "service",
  13. "name": "demo-app_kuma-demo_svc_5000",
  14. "service": "demo-app_kuma-demo_svc_5000"
  15. }
  16. ]
  17. },
  18. {
  19. "kind": "MeshGatewayDataplane",
  20. "dataplane": {
  21. "mesh": "default",
  22. "name": "gateway-1"
  23. },
  24. "gateway": {
  25. "mesh": "default",
  26. "name": "edge-gateway"
  27. },
  28. "listeners": [
  29. {
  30. "port": 80,
  31. "protocol": "HTTP",
  32. "hosts": [
  33. {
  34. "hostName": "go.com",
  35. "routes": [
  36. {
  37. "route": "default-gateway",
  38. "destinations": [
  39. {
  40. "kuma.io/service": "demo-app_kuma-demo_svc_5000"
  41. }
  42. ]
  43. }
  44. ]
  45. }
  46. ]
  47. }
  48. ]
  49. }
  50. ]
  51. }

Get data plane proxies configured by MeshGateway

Request: GET /meshes/{mesh}/meshgateways/{meshgateway}/dataplanes

Example:

  1. curl localhost:5681/meshes/default/meshgateways/edge-gateway/policies
  1. {
  2. "items": [
  3. {
  4. "dataplane": {
  5. "mesh": "default",
  6. "name": "gateway-1"
  7. }
  8. }
  9. ],
  10. "total": 1
  11. }

Get rule based view of policies matching dataplane proxy

Request: GET /meshes/{mesh}/dataplanes/{dataplane}/rules

Example:

  1. curl localhost:5681/meshes/default/dataplanes/backend-1/rules
  1. {
  2. "total": 3,
  3. "items": [
  4. {
  5. "type": "destinationSubset",
  6. "name": "127.0.0.1:10001",
  7. "service": "backend",
  8. "policyType": "MeshAccessLog",
  9. "subset": {},
  10. "conf": {
  11. "backends": [
  12. {
  13. "file": {
  14. "path": "/tmp/access.logs"
  15. }
  16. }
  17. ]
  18. },
  19. "origins": [
  20. {
  21. "mesh": "default",
  22. "name": "mal-1"
  23. }
  24. ]
  25. },
  26. {
  27. "type": "clientSubset",
  28. "name": "192.168.0.2:80",
  29. "service": "web",
  30. "policyType": "MeshTrafficPermission",
  31. "subset": {
  32. "kuma.io/service": "client",
  33. "kuma.io/zone": "east"
  34. },
  35. "conf": {
  36. "action": "DENY"
  37. },
  38. "origins": [
  39. {
  40. "mesh": "default",
  41. "name": "mtp-1"
  42. }
  43. ]
  44. },
  45. {
  46. "type": "singleItem",
  47. "name": "dataplane",
  48. "service": "",
  49. "policyType": "MeshTrace",
  50. "subset": {},
  51. "conf": {
  52. "backends": [
  53. {
  54. "zipkin": {
  55. "url": "http://jaeger-collector.mesh-observability:9411/api/v2/spans"
  56. }
  57. }
  58. ],
  59. "tags": null
  60. },
  61. "origins": [
  62. {
  63. "mesh": "default",
  64. "name": "mtp-1"
  65. }
  66. ]
  67. }
  68. ]
  69. }

Get envoy config dump for data plane proxy

Request: GET /meshes/{mesh}/dataplanes/{dataplane}/xds

Example:

  1. curl localhost:5681/meshes/default/dataplane/backend-1/xds
  1. {
  2. "configs": [
  3. {
  4. "@type": "type.googleapis.com/envoy.admin.v3.BootstrapConfigDump",
  5. "bootstrap": {
  6. "node": {
  7. "id": "default.backend-1",
  8. "cluster": "backend",
  9. "metadata": {
  10. "dataplane.admin.port": "6606"
  11. }
  12. }
  13. }
  14. }
  15. ]
  16. }

Get envoy config dump for ZoneIngress

Request: GET /zoneingresses/{name}/xds

Example:

  1. curl localhost:5681/zoneingresses/zi-1/xds
  1. {
  2. "configs": [
  3. {
  4. "@type": "type.googleapis.com/envoy.admin.v3.BootstrapConfigDump",
  5. "bootstrap": {
  6. "node": {
  7. "id": "default.zi-1",
  8. "cluster": "zi",
  9. "metadata": {
  10. "dataplane.admin.port": "6606"
  11. }
  12. }
  13. }
  14. }
  15. ]
  16. }

Get envoy config dump for ZoneEgress

Request: GET /zoneegresses/{name}/xds

Example:

  1. curl localhost:5681/zoneegresses/ze-1/xds
  1. {
  2. "configs": [
  3. {
  4. "@type": "type.googleapis.com/envoy.admin.v3.BootstrapConfigDump",
  5. "bootstrap": {
  6. "node": {
  7. "id": "default.ze-1",
  8. "cluster": "ze",
  9. "metadata": {
  10. "dataplane.admin.port": "6606"
  11. }
  12. }
  13. }
  14. }
  15. ]
  16. }

Policies

Show all policies that are usable on the control plane

Request: GET /policies

Example:

  1. curl localhost:5681/policies
  1. {
  2. "policies": [
  3. {
  4. "name": "CircuitBreaker",
  5. "readOnly": false,
  6. "path": "circuit-breakers",
  7. "displayName": "Circuit Breakers"
  8. },
  9. {
  10. "name": "ExternalService",
  11. "readOnly": false,
  12. "path": "external-services",
  13. "displayName": "External Services"
  14. },
  15. {
  16. "name": "FaultInjection",
  17. "readOnly": false,
  18. "path": "fault-injections",
  19. "displayName": "Fault Injections"
  20. },
  21. {
  22. "name": "HealthCheck",
  23. "readOnly": false,
  24. "path": "health-checks",
  25. "displayName": "Health Checks"
  26. },
  27. {
  28. "name": "MeshGateway",
  29. "readOnly": false,
  30. "path": "meshgateways",
  31. "displayName": "Mesh Gateways"
  32. },
  33. {
  34. "name": "MeshGatewayRoute",
  35. "readOnly": false,
  36. "path": "meshgatewayroutes",
  37. "displayName": "Mesh Gateway Routes"
  38. },
  39. {
  40. "name": "ProxyTemplate",
  41. "readOnly": false,
  42. "path": "proxytemplates",
  43. "displayName": "Proxy Templates"
  44. },
  45. {
  46. "name": "RateLimit",
  47. "readOnly": false,
  48. "path": "rate-limits",
  49. "displayName": "Rate Limits"
  50. },
  51. {
  52. "name": "Retry",
  53. "readOnly": false,
  54. "path": "retries",
  55. "displayName": "Retries"
  56. },
  57. {
  58. "name": "Timeout",
  59. "readOnly": false,
  60. "path": "timeouts",
  61. "displayName": "Timeouts"
  62. },
  63. {
  64. "name": "TrafficLog",
  65. "readOnly": false,
  66. "path": "traffic-logs",
  67. "displayName": "Traffic Logs"
  68. },
  69. {
  70. "name": "TrafficPermission",
  71. "readOnly": false,
  72. "path": "traffic-permissions",
  73. "displayName": "Traffic Permissions"
  74. },
  75. {
  76. "name": "TrafficRoute",
  77. "readOnly": false,
  78. "path": "traffic-routes",
  79. "displayName": "Traffic Routes"
  80. },
  81. {
  82. "name": "TrafficTrace",
  83. "readOnly": false,
  84. "path": "traffic-traces",
  85. "displayName": "Traffic Traces"
  86. },
  87. {
  88. "name": "VirtualOutbound",
  89. "readOnly": false,
  90. "path": "virtual-outbounds",
  91. "displayName": "Virtual Outbounds"
  92. }
  93. ]
  94. }