The configuration of an Anapaya appliance is defined by a JSON object. In this section, we describe the contents and their configuration responsibilities at a higher level. For a detailed description of the configuration object, refer to the Appliance Management API specification.

The appliance configuration is divided into the following sections:

  1. SCION: The configuration of the SCION protocol and AS.

  2. Cluster: The configuration of the cluster of Anapaya appliances that form a SCION AS.

  3. Firewall: The configuration of the firewall of the Anapaya appliance.

  4. IP-in-SCION Tunneling: The configuration of the IP-in-SCION tunneling functionality.

  5. Network Interfaces: The configuration of the physical and virtual network interfaces of the appliance.

  6. NAT: The configuration of the NAT.

  7. Border Gateway Protocol: The configuration of Border Gateway Protocol (BGP).

  8. System: The configuration of the Linux-based operating system and the VPP dataplane of the appliance.

  9. Appliance Management: The configuration of the management API, telemetry, and authentication.

Working with the Configuration

Inspecting the Configuration

To inspect the configuration of an appliance, the GET /api/v1/config API endpoint can be used.

Fetching an appliance configuration

appliance-cli get config
# or
curl -k https://localhost/api/v1/config

Applying a new Configuration

To apply a new configuration, the updated JSON description needs to be pushed to the appliance via the PUT /api/v1/config endpoint. The new configuration first gets validated and then applied. If validation fails, the API responds with an error including a detailed description of the validation error. Once the configuration passed validation, it gets written to the internal configuration store and applied to all the subsystems of the appliance.

Putting a new appliance configuration

appliance-cli put config <appliance.json
# or
curl -k https://localhost/api/v1/config -X PUT -d @appliance.json