Easy OnBoarding
The API generates cluster installation command for easy onboarding.
Request Structure
| Endpoint: | /kube-get-cluster-installation-command |
| Type: | POST |
| Sample URL: | To understand the elements of the sample URL, click here. |
| Headers: | |
| Content-Type: | application/json |
| Name | Description |
|---|---|
| sessionId
|
(Mandatory) A unique identifier assigned to a
user's session upon successful authentication. The session ID
remains valid until it expires, and it can contain alphanumeric
characters. Type: String Constraints: The session ID is used when username and password are not provided. Example:
|
| gwsource
|
(Mandatory) Source from which the request is
triggered. Type: String Example:
|
| payload
|
(Mandatory) Input data for request body in application/json format. For payload details, see Payload section. |
Payload
| Name | Description |
|---|---|
| isEasyOnBoarding
|
(Optional) Generates the simple installation
command. The values can be:
|
| isUpgrade
|
(Optional) Generates upgrade command of cluster.
The values can be:
|
| clusterName
|
(Mandatory) Name of the cluster used in helm
install/upgrade command it is the cert orchestrator name. It can
contain alphanumeric characters. Example:
|
| serviceAccountName
|
(Optional) When the credential type is OAUTH2.0, the user needs to choose the name of the service account associated with the OAuth 2.0 authentication. It can contain alphanumeric characters. |
| vendor
|
(Mandatory) Name of the vendor where the cert orchestrator
needs to run. It can contain alphanumeric characters. Example:
|
| connectivityType
|
(Optional) Type of the URL that can be either AppViewX URL or
cloud connector machine URL. It can contain alphanumeric
characters. Example: |
| connectivityURL
|
(Mandatory) AppViewX node URL, the node through which users
can onboard the cluster. It can contain alphanumeric
characters. Example:
|
| credentialType
|
(Mandatory) The type of credentials. The values can be:
|
| userName
|
(Optional) Name of the user. If credential type is basic authentication, then username should not be null or blank. |
| isProvisionCertificatesToK8sSecrets
|
(Optional) Allows to enroll certificates to secrets. The
values can be:
|
| isDiscoverCertificates
|
(Optional) Allows to discover certificates from secret. The
values can be:
|
| isDiscoverK8sInfraCertificates
|
(Optional) Discovering the infra certificates. The values can
be:
|
| isProvisionCertificatesToEphemeralVolumes
|
(Optional) Allows to enroll certificates to POD's volumes
using appviewx-csi-provider. The values can be:
|
| isEnableMTLSCertificatesForServiceMesh
|
(Optional) Allows to enroll certificates to istio service
mesh. The values can be:
|
| isPrivateKeyDiscovery
|
(Optional) Enables private key discovery. The values can
be:
|
| clusterNamespace
|
(Mandatory) Installation namespace. The values must not be blank. |
| discoveryDefaultGroupName
|
(Optional) Default group name for discovery when
isAutoCreateGroup is false. The values must
not be blank. |
| secretName
|
(Mandatory) The secret name of AppViewX authentication. The values must not be blank. |
| secretNamespace
|
(Mandatory) The secret namespace of AppViewX authentication. The values must not be blank. |
| isAutoCreateGroup
|
(Optional) Enables to create the group name automatically for
the given cluster/namespace. The values can be:
|
Response Structure
- Status Code: 202 OK
- Message: Successful
- Headers:
- Content-Type: application/json
| Name | Description |
|---|---|
| response
|
The response contains the attributes needed to create namespace, add Helm repo, and install cert-orchestrator plugin for easy onboarding. |
| message
|
Success message or failure description in case of error. |
| appStatusCode
|
Application specific status code for the response. Will be non-null for failure response. |
| tags | More info in case of failure response. |
Sample Request/Response
https://<IP/HostName/TenantName>:<GWPORT>/avxapi/kube-get-cluster-installation-command?gwsource=external
POST Content type: application/json Username: <> Password: <>
{
"payload": {
"isEasyOnBoarding": true,
"clusterName": "appviewx-cluster",
"vendor": "Self-Managed",
"connectivityURL": "https://{appviewx-fqdn}/"
}
}{
"response": "#Create Namespace for Cert-Orchestrator plugin\n\nkubectl create ns crypto-mesh\n\n#Add Helm Repo\n\nhelm repo add kube-plus-repo https://charts.appviewx.com\n\n\n#Install Cert-Orchestrator Plugin\n\nhelm install crypto-mesh kube-plus-repo/crypto-mesh \\\n--namespace crypto-mesh \\\n--version v1.3 \\\n--set certOrchestrator.global.clusterName=appviewx-cluster \\\n--set certOrchestrator.global.k8sVendor=Self-Managed",
"message": "Constructed install command of cert-orchestrator for easyOnboarding",
"appStatusCode": "success",
"tags": null,
"headers": null
}
Reference
- IP/HostName/TenantName: Replace with the actual IP address, hostname,
or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host)
on a network
The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to
indicate which tenant's data the API request will
access/modify
The tenant name will be included in the endpoint URL for a SaaS deployment.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
- GWPORT: AppViewX gateway port
A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.
Example: 31443
- avxapi: Path parameter value (static) that is part of the endpoint's URL
- Endpoint: Endpoint of the API, for example: execute-hook
- gwsource: Source or origin of a gateway, for example: external.