API¶
Namespace Operations¶
Interact with the namespaces on the Paraglider Controller. The active namespace is a client-side CLI construct. All REST requests to the controller will be scoped on a namespace.
Set¶
glide namespace set <namespace>
Parameters:
namespace: namespace to set on the controller
Get¶
Gets the current active namespace in the CLI (Note: this is only a CLI feature).
glide namespace get
List¶
Lists all namespaces configured on the controller.
glide namespace list
GET /namespaces/
Resource Operations¶
Create¶
Creates a resource according to the description provided in the specified cloud.
Note that a tag is automatically created for the resource with the name <namespace>.<cloud>.<name> (where name is the resource name provided – i.e., names inside the json description of the resource will be ignored).
glide resource create <cloud> <resource_name> <path_to_json>
Parameters:
cloud: name of the cloud to create the resource inresource_name: name of the resource to be created in the Paraglider controller (note: this name will be scoped on cloud and namespace when stored)path_to_json: path to JSON file describing the resource to be created (excluding networking details)
POST /namespaces/{namespace}/clouds/{cloud}/resources
Example request body:
{
"name": "resourceName",
"description": "{
\"location\": \"eastus\",
\"properties\": {
\"hardwareProfile\": {
\"vmSize\": \"Standard_B1s\"
},
\"osProfile\": {
\"adminPassword\": \"\",
\"adminUsername\": \"\",
\"computerName\": \"sample-compute\"
},
\"storageProfile\": {
\"imageReference\": {
\"offer\": \"0001-com-ubuntu-minimal-jammy\",
\"publisher\": \"canonical\",
\"sku\": \"minimal-22_04-lts-gen2\",
\"version\": \"latest\"
}
}
}
}"
}
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud to create the resource inname: name of the resource to be created in the Paraglider controller (note: this name will be scoped on cloud and namespace when stored)description: JSON string describing the resource to be created (excluding networking details)
PUT /namespaces/{namespace}/clouds/{cloud}/resources/{resourceName}
Example request body:
{
"description": "{
\"location\": \"eastus\",
\"properties\": {
\"hardwareProfile\": {
\"vmSize\": \"Standard_B1s\"
},
\"osProfile\": {
\"adminPassword\": \"\",
\"adminUsername\": \"\",
\"computerName\": \"sample-compute\"
},
\"storageProfile\": {
\"imageReference\": {
\"offer\": \"0001-com-ubuntu-minimal-jammy\",
\"publisher\": \"canonical\",
\"sku\": \"minimal-22_04-lts-gen2\",
\"version\": \"latest\"
}
}
}
}"
}
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud to create the resource inresource_name: name of the resource to be created in the Paraglider controller (note: this name will be scoped on cloud and namespace when stored)description: JSON string describing the resource to be created (excluding networking details)
Permit List Operations¶
These operations interact with the permit list associated with a given resource by adding/deleting/getting rules.
Get¶
Gets the rules associated with a resource.
glide rule get <cloud> <resource_name>
Parameters:
cloud: name of the cloud that the resource is inresource_name: Paraglider name of the resource
GET /namespaces/{namespace}/clouds/{cloud}/resources/{resourceName}/rules
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud that the resource is inresourceName: Paraglider name of the resource
Add¶
Adds one or many rules to the permit list associated with a resource.
glide rule add <cloud> <resource_name> [--ssh <tag> --ping <tag> | --ruleFile <path_to_file>]
Parameters:
cloud: name of the cloud that the resource is inresource_name: Paraglider name of the resourcepath_to_file: path to JSON file describing rules to addThe file should describe rules in the following format:
{ [ { "name": "rulename", "id": "id", "tags": ["tagname"], "direction": 0, "src_port": 1, "dst_port": 2, "protocol": 3 } ] }
tag: Paraglider tag or IP/CIDR to allow SSH/ICMP traffic to/from
POST /namespaces/{namespace}/clouds/{cloud}/resources/{resourceName}/rules
Creates/updates one rule of a resource’s permit list.
Example Request Body:
{
"name": "rulename",
"id": "id",
"tags": ["tagname"],
"direction": 0,
"src_port": 1,
"dst_port": 2,
"protocol": 3
}
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud that the resource is inresourceName: Paraglider name of the resource
PUT /namespaces/{namespace}/clouds/{cloud}/resources/{resourceName}/rules/{ruleName}
Creates/updates one rule of a resource’s permit list.
Example Request Body:
{
"name": "rulename",
"id": "id",
"tags": ["tagname"],
"direction": 0,
"src_port": 1,
"dst_port": 2,
"protocol": 3
}
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud that the resource is inresourceName: Paraglider name of the resourceruleName: name of the rule
Note
If the name is provided in the request body, it will be ignored
POST /namespaces/{namespace}/clouds/{cloud}/resources/{resourceName}/applyRules
Creates/updates rules of resource in bulk.
Example Request Body:
{
[
{
"name": "rulename",
"id": "id",
"tags": ["tagname"],
"direction": 0,
"src_port": 1,
"dst_port": 2,
"protocol": 3
}
]
}
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud that the resource is inresourceName: Paraglider name of the resource
Delete¶
Deletes one or many rules from the permit list associated with the specified resource.
glide rule delete <cloud> <resource_name> --rules <rule_names>
Parameters:
cloud: name of the cloud that the resource is inresource_name: Paraglider name of the resourcerule_names: list of rule names to delete
DELETE /namespaces/{namespace}/clouds/{cloud}/resources/{resourceName}/rules/{ruleName}
Deletes one rule of a resource’s permit list.
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud that the resource is inresourceName: Paraglider name of the resourceruleName: name of the rule
POST /namespaces/{namespace}/clouds/{cloud}/resources/{resourceName}/deleteRules
Deletes rules of resource in bulk.
Example Request Body:
{
[
"rulename1",
"rulename2"
]
}
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud that the resource is inresourceName: Paraglider name of the resource
Tag Operations¶
Operations on Paraglider tags.
Get¶
Gets the children tags associated with a tag or resolves the tag down to last-level entries (IPs).
glide tag get <tag> [--resolve]
Parameters:
tag: tag to getresolve: true/false value indicating whether to resolve to last-level tags or not
GET /tags/{tag}/
POST /tags/{tag}/resolve
Parameters:
tag: tag to get
Set¶
Adds children tags to a parent tag or creates a last-level tag that associates a names with an URI and/or IP.
glide tag set <tag> [--children <child_tag_list>] | [--uri <uri>] [--ip <ip>]
Parameters:
tag: tag to setchildren: list of tags to add as childrenuri: uri to associate with tagip: ip to associate with tag
POST /tags/{tag}/applyMembers
Example Request Body:
{
"tag_name": "tag",
"uri": "uri",
"ip": "1.1.1.1"
}
Example Request Body
{
"tag_name": "tag",
"child_tags": [
"child1",
"child2"
]
}
Parameters:
* tag: tag to set
* children: list of tags to add as children
* uri: uri to associate with tag
* ip: ip to associate with tag”
Delete¶
Deletes a tag or the association of members tags to that tag.
glide tag delete <tag> [--member <members_list>]
Parameters:
tag: tag to deletemember: child tag to remove membership
DELETE /tags/{tag}/member/{member}
Deletes a single member from a parent tag.
Parameters:
* tag: parent tag
* members: child tag to remove membership
DELETE /tags/{tag}
Deletes an entire tag (and all its child associations).
Parameters:
tag: tag to delete
Service Operations¶
Operations to interact with Paraglider services.
All Services¶
glided startup <path_to_config>
Orchestrator¶
glided orch <path_to_config>
Azure¶
glided az <port> <central_controller_address>
The central_controller_address should be the full host:port address where the central controller is hosted for RPC traffic. In the example config above, this is “localhost:8081”.
GCP¶
glided gcp <port> <central_controller_address>
The central_controller_address should be the full host:port address where the central controller is hosted for RPC traffic. In the example config above, this is “localhost:8081”.
Tag Service¶
glided tagserv <redis_port> <server_port> <clear_keys>
clear_keys is a bool (“true” or “false”) which determines whether the database state should be cleared on startup or not.
Key-Value Store Service¶
glided kvserv <redis_port> <server_port> <clear_keys>
clear_keys is a bool (“true” or “false”) which determines whether the database state should be cleared on startup or not.