API¶
Namespace Operations¶
Interact with the namespaces on the Paraglider Controller. The active namespace is a client-side CLI construct. All REST requests to the controller will be scoped on a namespace.
Set¶
glide namespace set <namespace>
Parameters:
namespace: namespace to set on the controller
Get¶
Gets the current active namespace in the CLI (Note: this is only a CLI feature).
glide namespace get
List¶
Lists all namespaces configured on the controller.
glide namespace list
GET /namespaces/
Resource Operations¶
Create¶
Creates a resource according to the description provided in the specified cloud.
Note that a tag is automatically created for the resource with the name <namespace>.<cloud>.<name> (where name is the resource name provided – i.e., names inside the json description of the resource will be ignored).
glide resource create <cloud> <resource_name> <path_to_json>
Parameters:
cloud: name of the cloud to create the resource inresource_name: name of the resource to be created in the Paraglider controller (note: this name will be scoped on cloud and namespace when stored)path_to_json: path to JSON file describing the resource to be created (excluding networking details)
POST /namespaces/{namespace}/clouds/{cloud}/resources
Example request body:
{
"name": "resourceName",
"description": "{
\"location\": \"eastus\",
\"properties\": {
\"hardwareProfile\": {
\"vmSize\": \"Standard_B1s\"
},
\"osProfile\": {
\"adminPassword\": \"\",
\"adminUsername\": \"\",
\"computerName\": \"sample-compute\"
},
\"storageProfile\": {
\"imageReference\": {
\"offer\": \"0001-com-ubuntu-minimal-jammy\",
\"publisher\": \"canonical\",
\"sku\": \"minimal-22_04-lts-gen2\",
\"version\": \"latest\"
}
}
}
}"
}
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud to create the resource inname: name of the resource to be created in the Paraglider controller (note: this name will be scoped on cloud and namespace when stored)description: JSON string describing the resource to be created (excluding networking details)
PUT /namespaces/{namespace}/clouds/{cloud}/resources/{resourceName}
Example request body:
{
"description": "{
\"location\": \"eastus\",
\"properties\": {
\"hardwareProfile\": {
\"vmSize\": \"Standard_B1s\"
},
\"osProfile\": {
\"adminPassword\": \"\",
\"adminUsername\": \"\",
\"computerName\": \"sample-compute\"
},
\"storageProfile\": {
\"imageReference\": {
\"offer\": \"0001-com-ubuntu-minimal-jammy\",
\"publisher\": \"canonical\",
\"sku\": \"minimal-22_04-lts-gen2\",
\"version\": \"latest\"
}
}
}
}"
}
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud to create the resource inresource_name: name of the resource to be created in the Paraglider controller (note: this name will be scoped on cloud and namespace when stored)description: JSON string describing the resource to be created (excluding networking details)
Attach¶
Attaches an exisiting resource to Paraglider according to the resource ID and the specified cloud. The resource should exist within a deployment associated with a namespace in Paraglider.
Note that a tag is automatically created for the resource with the name <namespace>.<cloud>.<name> after attachment (where name is the resource name).
Note
Attach Resource is only supported for Azure currently. Support for other cloud plugins are under active development.
glide resource attach <cloud> <resource_id>
Parameters:
cloud: name of the cloud to create the resource inresource_id: Id of the resource as specified by the cloud provider
POST /namespaces/{namespace}/clouds/{cloud}/resources
Example request body:
{
"id": "resource-id"
}
Parameters:
id: Id of the resource as specified by the cloud provider
Note
Create resource and Attach resource share the same API endpoint. The difference between the two POST requests is the request body. If the request body contains a description, the request is considered as a create resource request. Otherwise, it is considered as an attach resource request.
Resource Descriptions¶
For creating resources, the description provided should generally include all fields required to create the resource in the cloud, with the exception of networking details. For example, a VM description should exclude the fields definiting the network interface, the subnet, etc. When attaching a service to the Paraglider deployment, the information required to find the correct service varies by cloud.
The fields required for the description depend on the service. For third-party services exposed via a service attachment, the description must be of the form:
{
"url": "<service attachment URI>"
}
For Google services, the description must include the API bundle name API bundle name and the region in which Paraglider should connect to the services.
{
"api_bundle": "<api_bundle_name>",
"region": "<region>"
}
Permit List Operations¶
These operations interact with the permit list associated with a given resource by adding/deleting/getting rules.
Get¶
Gets the rules associated with a resource.
glide rule get <cloud> <resource_name>
Parameters:
cloud: name of the cloud that the resource is inresource_name: Paraglider name of the resource
GET /namespaces/{namespace}/clouds/{cloud}/resources/{resourceName}/rules
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud that the resource is inresourceName: Paraglider name of the resource
Add¶
Adds one or many rules to the permit list associated with a resource.
glide rule add <cloud> <resource_name> [--ssh <tag> --ping <tag> | --ruleFile <path_to_file>]
Parameters:
cloud: name of the cloud that the resource is inresource_name: Paraglider name of the resourcepath_to_file: path to JSON file describing rules to addThe file should describe rules in the following format:
{ [ { "name": "rulename", "id": "id", "tags": ["tagname"], "direction": 0, "src_port": 1, "dst_port": 2, "protocol": 3 } ] }
tag: Paraglider tag or IP/CIDR to allow SSH/ICMP traffic to/from
POST /namespaces/{namespace}/clouds/{cloud}/resources/{resourceName}/rules
Creates/updates one rule of a resource’s permit list.
Example Request Body:
{
"name": "rulename",
"id": "id",
"tags": ["tagname"],
"direction": 0,
"src_port": 1,
"dst_port": 2,
"protocol": 3
}
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud that the resource is inresourceName: Paraglider name of the resource
PUT /namespaces/{namespace}/clouds/{cloud}/resources/{resourceName}/rules/{ruleName}
Creates/updates one rule of a resource’s permit list.
Example Request Body:
{
"name": "rulename",
"id": "id",
"tags": ["tagname"],
"direction": 0,
"src_port": 1,
"dst_port": 2,
"protocol": 3
}
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud that the resource is inresourceName: Paraglider name of the resourceruleName: name of the rule
Note
If the name is provided in the request body, it will be ignored
POST /namespaces/{namespace}/clouds/{cloud}/resources/{resourceName}/applyRules
Creates/updates rules of resource in bulk.
Example Request Body:
{
[
{
"name": "rulename",
"id": "id",
"tags": ["tagname"],
"direction": 0,
"src_port": 1,
"dst_port": 2,
"protocol": 3
}
]
}
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud that the resource is inresourceName: Paraglider name of the resource
Delete¶
Deletes one or many rules from the permit list associated with the specified resource.
glide rule delete <cloud> <resource_name> --rules <rule_names>
Parameters:
cloud: name of the cloud that the resource is inresource_name: Paraglider name of the resourcerule_names: list of rule names to delete
DELETE /namespaces/{namespace}/clouds/{cloud}/resources/{resourceName}/rules/{ruleName}
Deletes one rule of a resource’s permit list.
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud that the resource is inresourceName: Paraglider name of the resourceruleName: name of the rule
POST /namespaces/{namespace}/clouds/{cloud}/resources/{resourceName}/deleteRules
Deletes rules of resource in bulk.
Example Request Body:
{
[
"rulename1",
"rulename2"
]
}
Parameters:
namespace: Paraglider namespace to operate incloud: name of the cloud that the resource is inresourceName: Paraglider name of the resource
Tag Operations¶
Operations on Paraglider tags.
Get¶
Gets the children tags associated with a tag or resolves the tag down to last-level entries (IPs).
glide tag get <tag> [--resolve]
Parameters:
tag: tag to getresolve: true/false value indicating whether to resolve to last-level tags or not
GET /tags/{tag}/
POST /tags/{tag}/resolve
Parameters:
tag: tag to get
Set¶
Adds children tags to a parent tag or creates a last-level tag that associates a names with an URI and/or IP.
glide tag set <tag> [--children <child_tag_list>] | [--uri <uri>] [--ip <ip>]
Parameters:
tag: tag to setchildren: list of tags to add as childrenuri: uri to associate with tagip: ip to associate with tag
POST /tags/{tag}/applyMembers
Example Request Body:
{
"tag_name": "tag",
"uri": "uri",
"ip": "1.1.1.1"
}
Example Request Body
{
"tag_name": "tag",
"child_tags": [
"child1",
"child2"
]
}
Parameters:
* tag: tag to set
* children: list of tags to add as children
* uri: uri to associate with tag
* ip: ip to associate with tag”
Delete¶
Deletes a tag or the association of members tags to that tag.
glide tag delete <tag> [--member <members_list>]
Parameters:
tag: tag to deletemember: child tag to remove membership
DELETE /tags/{tag}/member/{member}
Deletes a single member from a parent tag.
Parameters:
* tag: parent tag
* members: child tag to remove membership
DELETE /tags/{tag}
Deletes an entire tag (and all its child associations).
Parameters:
tag: tag to delete
Service Operations¶
Operations to interact with Paraglider services.
All Services¶
glided startup <path_to_config>
Orchestrator¶
glided orch <path_to_config>
Azure¶
glided az <port> <central_controller_address>
The central_controller_address should be the full host:port address where the central controller is hosted for RPC traffic. In the example config above, this is “localhost:8081”.
GCP¶
glided gcp <port> <central_controller_address>
The central_controller_address should be the full host:port address where the central controller is hosted for RPC traffic. In the example config above, this is “localhost:8081”.
Tag Service¶
glided tagserv <redis_port> <server_port> <clear_keys>
clear_keys is a bool (“true” or “false”) which determines whether the database state should be cleared on startup or not.
Key-Value Store Service¶
glided kvserv <redis_port> <server_port> <clear_keys>
clear_keys is a bool (“true” or “false”) which determines whether the database state should be cleared on startup or not.