Download OpenAPI specification:Download
Management API for the Anapaya EDGE, CORE and GATE appliances
✨Added in v0.24
Put a new configuration to the appliance.
force | boolean Push the configuration, even if configuration validation fails. This parameter MUST be used with care as it can leave the appliance in a misconfigured state. |
disable_strict_parsing | boolean Disable strict parsing of the appliance configuration. |
If-Match | string |
The config to be pushed to the appliance.
required | object (Config) Anapaya appliance configuration |
{- "config": {
- "advanced": {
- "service_customizations": [
- {
- "disabled": false,
- "service_type": "CA_FRONTEND",
- "skip_template_validation": false,
- "template": "string"
}
]
}, - "bgp": {
- "global": {
- "as": 0,
- "networks": [
- "string"
], - "router_id": "string",
- "src_address": "string"
}, - "neighbors": [
- {
- "auth_password": "string",
- "bfd": {
- "desired_minimum_tx_interval": 300,
- "detection_multiplier": 3,
- "enabled": false,
- "local_address": "string",
- "minimum_ttl": 254,
- "multihop": false,
- "required_minimum_receive": 300
}, - "description": "string",
- "ebgp_multihop": 0,
- "enabled": true,
- "local_as": 0,
- "neighbor_address": "string",
- "peer_as": 0,
- "timers": {
- "connect_retry": 30,
- "hold_time": 30,
- "keepalive_interval": 10,
- "minimum_advertisement_interval": 30
}, - "transport": {
- "local_address": "string"
}, - "ttl_security": 0
}
]
}, - "cluster": {
- "features": {
- "scion_rss": true
}, - "peers": [
- {
- "description": "string",
- "features": {
- "scion_rss": false
}, - "name": "string",
- "scion": {
- "ases": [
- {
- "control": {
- "address": "192.168.1.1:30100"
}, - "isd_as": "1-ff00:0:110",
- "neighbors": [
- {
- "interfaces": [ ],
- "neighbor_isd_as": null,
- "relationship": null
}
], - "shard_id": 0
}
]
}, - "scion_tunneling": {
- "endpoint": {
- "allowed_interfaces": [
- {
- "interfaces": [
- 2,
- 3
], - "isd_as": "string"
}
], - "control_port": 40201,
- "data_port": 40200,
- "disable_auto_allowed_interfaces": true,
- "ip": "192.168.1.100",
- "probe_port": 40202
}
}, - "synchronization": {
- "address": "192.168.1.1:30100"
}
}
], - "synchronization": {
- "address": "192.0.2.3:40000",
- "node_synchronization_interval": "1m"
}
}, - "experiments": {
- "features": [
- {
- "name": "string",
- "value": "string"
}
]
}, - "firewall": {
- "mode": "AUTO",
- "tables": [
- {
- "chains": [
- {
- "chaintype": "FILTER",
- "hook": "PREROUTING",
- "name": "string",
- "policy": "ACCEPT",
- "priority": 0,
- "rules": [
- {
- "comment": "string",
- "rule": "string",
- "sequence_id": 1
}
]
}
], - "counters": [
- {
- "name": "string"
}
], - "family": "IP",
- "name": "string"
}
]
}, - "interfaces": {
- "bonds": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "interfaces": [
- "string"
], - "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "ethernets": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "driver": "LINUX",
- "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vpp": {
- "vlan_strip_offload": false
}, - "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "loopbacks": [
- {
- "addresses": [
- "string"
], - "name": "string"
}
], - "virtual_functions": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "link": "string",
- "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "vlans": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "id": 4095,
- "link": "string",
- "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "wireguards": [
- {
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "mtu": 1420,
- "name": "string",
- "peers": [
- {
- "allowed_ips": [
- "string"
], - "endpoint": "string",
- "public_key": "string"
}
], - "pointopoint": "string",
- "port": 0,
- "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
]
}
]
}, - "management": {
- "api": {
- "basic_auth": {
- "enabled": true,
- "users": [
- {
- "password_hashed": "$2y$10$QNodxwKFABMWu4XlFPmZDOSfqxrsqNvrSn487lCi7tJ/4nTsT/f02",
- "username": "admin"
}
]
}, - "listeners": [
- {
- "address": "127.0.0.1:443",
- "description": "string"
}
], - "oauth": {
- "enabled": false,
- "identity_providers": [
- {
- "client_id": "string",
- "client_secret": "string",
- "id": "string",
- "tenant_id": "string",
- "type": "GENERIC"
}
], - "roles": [
- {
- "aliases": [
- "string"
], - "role": "string"
}
], - "token_verification_keys": [
]
}, - "unprotected": false
}, - "hostname": "edge.geneva.corpbank",
- "remote_repository": {
- "cloudsmith": {
- "access_token": "APIKEY#ENTITLEMENTTOKEN",
}, - "repository_type": "CLOUDSMITH"
}, - "ssh": {
- "enable_password_login": false,
- "users": [
- {
- "ssh_keys": [
- {
- "description": "string",
- "key": "ssh-rsa AAAAB3NzaC1yc2"
}
], - "username": "anapaya"
}
]
}, - "telemetry": {
- "address": ":42001",
- "flow_metrics": {
- "cleanup_task_interval": "60s",
- "collector_url": "string",
- "enabled": false,
- "export_task_interval": "60s",
- "flow_expiration_interval": "180s",
- "max_active_flows": 0,
- "proxy_url": "string"
}, - "labels": [
- {
- "label": "string",
- "value": "string"
}
], - "logging": {
- "logging_type": "LOKI",
- "loki": {
- "basic_auth": {
- "password": "string",
- "username": "promtail"
}, - "tls_config": {
- "insecure_skip_verify": false
},
}
}
}
}, - "nat": {
- "snat": {
- "address_pool": [
- "string"
], - "exclude": [
- "string"
], - "interfaces": [
- "string"
]
}
}, - "scion": {
- "ases": [
- {
- "ca_service": {
- "anapaya_vault": {
- "addresses": [
- "string"
], - "credentials": {
- "role_id": "string",
- "secret_id": "string"
}, - "validation": {
- "subject": "MATCHING_ISD_AS"
}
}, - "external": {
- "address": "192.0.2.3:5000",
- "client_id": "string",
- "shared_secret": "shared secret"
}, - "service_type": "EXTERNAL"
}, - "control": {
- "address": "192.168.1.1:30100",
- "enabled": true
}, - "core": true,
- "cppki": {
- "disable_auto_renewal": true,
- "issuers": [
- {
- "isd_as": "1-ff00:0:120",
- "priority": 0
}
]
}, - "default": false,
- "details": {
- "description": "string",
- "name": "string"
}, - "forwarding_key": "string",
- "isd_as": "1-ff00:0:110",
- "neighbors": [
- {
- "description": "string",
- "interfaces": [
- {
- "address": "169.254.0.1:30100",
- "administrative_state": "UP",
- "bfd": {
- "desired_minimum_tx_interval": null,
- "detection_multiplier": null,
- "enabled": null,
- "required_minimum_receive": null
}, - "description": "string",
- "enable_scion_rss": false,
- "interface_id": 1,
- "remote": {
- "address": null,
- "interface_id": null
}, - "scion_mtu": 1472
}
], - "neighbor_isd_as": "2-ff00:0:210",
- "relationship": "CORE"
}
], - "router": {
- "enabled": true,
- "internal_interface": "192.168.1.1:30100"
}, - "scion_mtu": 1472,
- "shard_id": 0
}
], - "synchronization": {
- "beacon_synchronization_interval": "4s",
- "path_segment_synchronization_interval": "4s"
}
}, - "scion_tunneling": {
- "domains": [
- {
- "default": true,
- "description": "The domain. It matches all packets and allows any\npath to be used.",
- "encryption": "DISABLED",
- "local_isd_ases": [
- "string"
], - "name": "Default Domain",
- "prefixes": {
- "accept_filter": [
- {
- "action": "ACCEPT",
- "description": "string",
- "prefixes": [
- "192.168.1.0/24"
], - "sequence_id": 1
}
], - "announce_filter": [
- {
- "action": "ACCEPT",
- "description": "string",
- "prefixes": [
- "192.168.1.0/24"
], - "sequence_id": 1
}
]
}, - "remote_isd_ases": [
- {
- "action": "ACCEPT",
- "description": "string",
- "isd_as": "0-ff00:0:310",
- "sequence_id": 1
}
], - "traffic_policies": [
- {
- "description": "Default traffic policy",
- "failover_sequence": [
- {
- "path_filter": "string",
- "sequence_id": 1
}
], - "sequence_id": 1,
- "traffic_matcher": "string"
}
]
}
], - "endpoint": {
- "allowed_interfaces": [
- {
- "interfaces": [
- 2,
- 3
], - "isd_as": "string"
}
], - "control_port": 40201,
- "data_port": 40200,
- "description": "string",
- "disable_auto_allowed_interfaces": true,
- "disable_urpf": true,
- "enable_scion_rss": true,
- "enabled": true,
- "encryption": {
- "enabled": true,
- "per_remote_sa_limit": 1000,
- "port": 40203,
- "total_sa_limit": 100000
}, - "ip": "192.168.1.100",
- "probe_port": 40202
}, - "path_filters": [
- {
- "acl": [
- "+ 64-0"
], - "description": "Match only paths in the Swiss Isolation Domain (ID 64).",
- "hop_pattern": "0* 64+ 0+",
- "name": "CH ISD only"
}
], - "remotes": [
- {
- "description": "string",
- "isd_as": "1-ff00:0:310"
}
], - "static_announcements": [
- {
- "description": "string",
- "next_hop_tracking": {
- "disabled": true,
- "target": "192.168.0.1"
}, - "prefixes": [
- "192.168.1.0/24",
- "172.30.100.0/28"
], - "sequence_id": 1
}
], - "traffic_matchers": [
- {
- "condition": "BOOL=true",
- "description": "'all packets' matches all packets.",
- "name": "all packets"
}
]
}, - "system": {
- "dns": {
- "servers": [
- {
- "address": "string"
}
]
}, - "kernel": {
- "hugepage_size": "2M",
- "hugepages": 0,
- "iommu_enabled": false
}, - "ntp": {
- "root_distance_max": "1s",
- "servers": [
- {
- "address": "string"
}
]
}, - "resources": {
- "service_limits": [
- {
- "cpu": 1.5,
- "memory": "2.5G",
- "name": "CA_FRONTEND"
}
]
}, - "vpp": {
- "buffers": {
- "data_size": 9000,
- "num_buffers": 0
}, - "connection": {
- "health_check": {
- "probe_interval": "1s",
- "reply_timeout": "250ms",
- "threshold": 3
}, - "reconnect_attempts": 5,
- "reconnect_interval": "1s"
}, - "cpu": {
- "corelist_workers": "2-3,5",
- "main_core": 1,
- "workers": 0
}, - "poll_sleep": "0s",
- "statseg": {
- "size": "100M"
}, - "tun": {
- "mtu": 1500,
- "prefixes": [
- "192.168.1.0/24"
]
}
}
}
}
}
{- "config": {
- "advanced": {
- "service_customizations": [
- {
- "disabled": false,
- "service_type": "CA_FRONTEND",
- "skip_template_validation": false,
- "template": "string"
}
]
}, - "bgp": {
- "global": {
- "as": 0,
- "networks": [
- "string"
], - "router_id": "string",
- "src_address": "string"
}, - "neighbors": [
- {
- "auth_password": "string",
- "bfd": {
- "desired_minimum_tx_interval": 300,
- "detection_multiplier": 3,
- "enabled": false,
- "local_address": "string",
- "minimum_ttl": 254,
- "multihop": false,
- "required_minimum_receive": 300
}, - "description": "string",
- "ebgp_multihop": 0,
- "enabled": true,
- "local_as": 0,
- "neighbor_address": "string",
- "peer_as": 0,
- "timers": {
- "connect_retry": 30,
- "hold_time": 30,
- "keepalive_interval": 10,
- "minimum_advertisement_interval": 30
}, - "transport": {
- "local_address": "string"
}, - "ttl_security": 0
}
]
}, - "cluster": {
- "features": {
- "scion_rss": true
}, - "peers": [
- {
- "description": "string",
- "features": {
- "scion_rss": false
}, - "name": "string",
- "scion": {
- "ases": [
- {
- "control": {
- "address": "192.168.1.1:30100"
}, - "isd_as": "1-ff00:0:110",
- "neighbors": [
- {
- "interfaces": [ ],
- "neighbor_isd_as": null,
- "relationship": null
}
], - "shard_id": 0
}
]
}, - "scion_tunneling": {
- "endpoint": {
- "allowed_interfaces": [
- {
- "interfaces": [
- 2,
- 3
], - "isd_as": "string"
}
], - "control_port": 40201,
- "data_port": 40200,
- "disable_auto_allowed_interfaces": true,
- "ip": "192.168.1.100",
- "probe_port": 40202
}
}, - "synchronization": {
- "address": "192.168.1.1:30100"
}
}
], - "synchronization": {
- "address": "192.0.2.3:40000",
- "node_synchronization_interval": "1m"
}
}, - "experiments": {
- "features": [
- {
- "name": "string",
- "value": "string"
}
]
}, - "firewall": {
- "mode": "AUTO",
- "tables": [
- {
- "chains": [
- {
- "chaintype": "FILTER",
- "hook": "PREROUTING",
- "name": "string",
- "policy": "ACCEPT",
- "priority": 0,
- "rules": [
- {
- "comment": "string",
- "rule": "string",
- "sequence_id": 1
}
]
}
], - "counters": [
- {
- "name": "string"
}
], - "family": "IP",
- "name": "string"
}
]
}, - "interfaces": {
- "bonds": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "interfaces": [
- "string"
], - "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "ethernets": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "driver": "LINUX",
- "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vpp": {
- "vlan_strip_offload": false
}, - "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "loopbacks": [
- {
- "addresses": [
- "string"
], - "name": "string"
}
], - "virtual_functions": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "link": "string",
- "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "vlans": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "id": 4095,
- "link": "string",
- "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "wireguards": [
- {
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "mtu": 1420,
- "name": "string",
- "peers": [
- {
- "allowed_ips": [
- "string"
], - "endpoint": "string",
- "public_key": "string"
}
], - "pointopoint": "string",
- "port": 0,
- "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
]
}
]
}, - "management": {
- "api": {
- "basic_auth": {
- "enabled": true,
- "users": [
- {
- "password_hashed": "$2y$10$QNodxwKFABMWu4XlFPmZDOSfqxrsqNvrSn487lCi7tJ/4nTsT/f02",
- "username": "admin"
}
]
}, - "listeners": [
- {
- "address": "127.0.0.1:443",
- "description": "string"
}
], - "oauth": {
- "enabled": false,
- "identity_providers": [
- {
- "client_id": "string",
- "client_secret": "string",
- "id": "string",
- "tenant_id": "string",
- "type": "GENERIC"
}
], - "roles": [
- {
- "aliases": [
- "string"
], - "role": "string"
}
], - "token_verification_keys": [
]
}, - "unprotected": false
}, - "hostname": "edge.geneva.corpbank",
- "remote_repository": {
- "cloudsmith": {
- "access_token": "APIKEY#ENTITLEMENTTOKEN",
}, - "repository_type": "CLOUDSMITH"
}, - "ssh": {
- "enable_password_login": false,
- "users": [
- {
- "ssh_keys": [
- {
- "description": "string",
- "key": "ssh-rsa AAAAB3NzaC1yc2"
}
], - "username": "anapaya"
}
]
}, - "telemetry": {
- "address": ":42001",
- "flow_metrics": {
- "cleanup_task_interval": "60s",
- "collector_url": "string",
- "enabled": false,
- "export_task_interval": "60s",
- "flow_expiration_interval": "180s",
- "max_active_flows": 0,
- "proxy_url": "string"
}, - "labels": [
- {
- "label": "string",
- "value": "string"
}
], - "logging": {
- "logging_type": "LOKI",
- "loki": {
- "basic_auth": {
- "password": "string",
- "username": "promtail"
}, - "tls_config": {
- "insecure_skip_verify": false
},
}
}
}
}, - "nat": {
- "snat": {
- "address_pool": [
- "string"
], - "exclude": [
- "string"
], - "interfaces": [
- "string"
]
}
}, - "scion": {
- "ases": [
- {
- "ca_service": {
- "anapaya_vault": {
- "addresses": [
- "string"
], - "credentials": {
- "role_id": "string",
- "secret_id": "string"
}, - "validation": {
- "subject": "MATCHING_ISD_AS"
}
}, - "external": {
- "address": "192.0.2.3:5000",
- "client_id": "string",
- "shared_secret": "shared secret"
}, - "service_type": "EXTERNAL"
}, - "control": {
- "address": "192.168.1.1:30100",
- "enabled": true
}, - "core": true,
- "cppki": {
- "disable_auto_renewal": true,
- "issuers": [
- {
- "isd_as": "1-ff00:0:120",
- "priority": 0
}
]
}, - "default": false,
- "details": {
- "description": "string",
- "name": "string"
}, - "forwarding_key": "string",
- "isd_as": "1-ff00:0:110",
- "neighbors": [
- {
- "description": "string",
- "interfaces": [
- {
- "address": "169.254.0.1:30100",
- "administrative_state": "UP",
- "bfd": {
- "desired_minimum_tx_interval": null,
- "detection_multiplier": null,
- "enabled": null,
- "required_minimum_receive": null
}, - "description": "string",
- "enable_scion_rss": false,
- "interface_id": 1,
- "remote": {
- "address": null,
- "interface_id": null
}, - "scion_mtu": 1472
}
], - "neighbor_isd_as": "2-ff00:0:210",
- "relationship": "CORE"
}
], - "router": {
- "enabled": true,
- "internal_interface": "192.168.1.1:30100"
}, - "scion_mtu": 1472,
- "shard_id": 0
}
], - "synchronization": {
- "beacon_synchronization_interval": "4s",
- "path_segment_synchronization_interval": "4s"
}
}, - "scion_tunneling": {
- "domains": [
- {
- "default": true,
- "description": "The domain. It matches all packets and allows any\npath to be used.",
- "encryption": "DISABLED",
- "local_isd_ases": [
- "string"
], - "name": "Default Domain",
- "prefixes": {
- "accept_filter": [
- {
- "action": "ACCEPT",
- "description": "string",
- "prefixes": [
- "192.168.1.0/24"
], - "sequence_id": 1
}
], - "announce_filter": [
- {
- "action": "ACCEPT",
- "description": "string",
- "prefixes": [
- "192.168.1.0/24"
], - "sequence_id": 1
}
]
}, - "remote_isd_ases": [
- {
- "action": "ACCEPT",
- "description": "string",
- "isd_as": "0-ff00:0:310",
- "sequence_id": 1
}
], - "traffic_policies": [
- {
- "description": "Default traffic policy",
- "failover_sequence": [
- {
- "path_filter": "string",
- "sequence_id": 1
}
], - "sequence_id": 1,
- "traffic_matcher": "string"
}
]
}
], - "endpoint": {
- "allowed_interfaces": [
- {
- "interfaces": [
- 2,
- 3
], - "isd_as": "string"
}
], - "control_port": 40201,
- "data_port": 40200,
- "description": "string",
- "disable_auto_allowed_interfaces": true,
- "disable_urpf": true,
- "enable_scion_rss": true,
- "enabled": true,
- "encryption": {
- "enabled": true,
- "per_remote_sa_limit": 1000,
- "port": 40203,
- "total_sa_limit": 100000
}, - "ip": "192.168.1.100",
- "probe_port": 40202
}, - "path_filters": [
- {
- "acl": [
- "+ 64-0"
], - "description": "Match only paths in the Swiss Isolation Domain (ID 64).",
- "hop_pattern": "0* 64+ 0+",
- "name": "CH ISD only"
}
], - "remotes": [
- {
- "description": "string",
- "isd_as": "1-ff00:0:310"
}
], - "static_announcements": [
- {
- "description": "string",
- "next_hop_tracking": {
- "disabled": true,
- "target": "192.168.0.1"
}, - "prefixes": [
- "192.168.1.0/24",
- "172.30.100.0/28"
], - "sequence_id": 1
}
], - "traffic_matchers": [
- {
- "condition": "BOOL=true",
- "description": "'all packets' matches all packets.",
- "name": "all packets"
}
]
}, - "system": {
- "dns": {
- "servers": [
- {
- "address": "string"
}
]
}, - "kernel": {
- "hugepage_size": "2M",
- "hugepages": 0,
- "iommu_enabled": false
}, - "ntp": {
- "root_distance_max": "1s",
- "servers": [
- {
- "address": "string"
}
]
}, - "resources": {
- "service_limits": [
- {
- "cpu": 1.5,
- "memory": "2.5G",
- "name": "CA_FRONTEND"
}
]
}, - "vpp": {
- "buffers": {
- "data_size": 9000,
- "num_buffers": 0
}, - "connection": {
- "health_check": {
- "probe_interval": "1s",
- "reply_timeout": "250ms",
- "threshold": 3
}, - "reconnect_attempts": 5,
- "reconnect_interval": "1s"
}, - "cpu": {
- "corelist_workers": "2-3,5",
- "main_core": 1,
- "workers": 0
}, - "poll_sleep": "0s",
- "statseg": {
- "size": "100M"
}, - "tun": {
- "mtu": 1500,
- "prefixes": [
- "192.168.1.0/24"
]
}
}
}
}, - "metadata": {
- "release_version": "v1.0.0",
- "system_version": "v1.0.0"
}
}
✨Added in v0.34
Validates a configuration.
disable_strict_parsing | boolean Disable strict parsing of the appliance configuration. |
The config to be validated.
required | object (Config) Anapaya appliance configuration |
{- "config": {
- "advanced": {
- "service_customizations": [
- {
- "disabled": false,
- "service_type": "CA_FRONTEND",
- "skip_template_validation": false,
- "template": "string"
}
]
}, - "bgp": {
- "global": {
- "as": 0,
- "networks": [
- "string"
], - "router_id": "string",
- "src_address": "string"
}, - "neighbors": [
- {
- "auth_password": "string",
- "bfd": {
- "desired_minimum_tx_interval": 300,
- "detection_multiplier": 3,
- "enabled": false,
- "local_address": "string",
- "minimum_ttl": 254,
- "multihop": false,
- "required_minimum_receive": 300
}, - "description": "string",
- "ebgp_multihop": 0,
- "enabled": true,
- "local_as": 0,
- "neighbor_address": "string",
- "peer_as": 0,
- "timers": {
- "connect_retry": 30,
- "hold_time": 30,
- "keepalive_interval": 10,
- "minimum_advertisement_interval": 30
}, - "transport": {
- "local_address": "string"
}, - "ttl_security": 0
}
]
}, - "cluster": {
- "features": {
- "scion_rss": true
}, - "peers": [
- {
- "description": "string",
- "features": {
- "scion_rss": false
}, - "name": "string",
- "scion": {
- "ases": [
- {
- "control": {
- "address": "192.168.1.1:30100"
}, - "isd_as": "1-ff00:0:110",
- "neighbors": [
- {
- "interfaces": [ ],
- "neighbor_isd_as": null,
- "relationship": null
}
], - "shard_id": 0
}
]
}, - "scion_tunneling": {
- "endpoint": {
- "allowed_interfaces": [
- {
- "interfaces": [
- 2,
- 3
], - "isd_as": "string"
}
], - "control_port": 40201,
- "data_port": 40200,
- "disable_auto_allowed_interfaces": true,
- "ip": "192.168.1.100",
- "probe_port": 40202
}
}, - "synchronization": {
- "address": "192.168.1.1:30100"
}
}
], - "synchronization": {
- "address": "192.0.2.3:40000",
- "node_synchronization_interval": "1m"
}
}, - "experiments": {
- "features": [
- {
- "name": "string",
- "value": "string"
}
]
}, - "firewall": {
- "mode": "AUTO",
- "tables": [
- {
- "chains": [
- {
- "chaintype": "FILTER",
- "hook": "PREROUTING",
- "name": "string",
- "policy": "ACCEPT",
- "priority": 0,
- "rules": [
- {
- "comment": "string",
- "rule": "string",
- "sequence_id": 1
}
]
}
], - "counters": [
- {
- "name": "string"
}
], - "family": "IP",
- "name": "string"
}
]
}, - "interfaces": {
- "bonds": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "interfaces": [
- "string"
], - "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "ethernets": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "driver": "LINUX",
- "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vpp": {
- "vlan_strip_offload": false
}, - "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "loopbacks": [
- {
- "addresses": [
- "string"
], - "name": "string"
}
], - "virtual_functions": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "link": "string",
- "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "vlans": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "id": 4095,
- "link": "string",
- "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "wireguards": [
- {
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "mtu": 1420,
- "name": "string",
- "peers": [
- {
- "allowed_ips": [
- "string"
], - "endpoint": "string",
- "public_key": "string"
}
], - "pointopoint": "string",
- "port": 0,
- "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
]
}
]
}, - "management": {
- "api": {
- "basic_auth": {
- "enabled": true,
- "users": [
- {
- "password_hashed": "$2y$10$QNodxwKFABMWu4XlFPmZDOSfqxrsqNvrSn487lCi7tJ/4nTsT/f02",
- "username": "admin"
}
]
}, - "listeners": [
- {
- "address": "127.0.0.1:443",
- "description": "string"
}
], - "oauth": {
- "enabled": false,
- "identity_providers": [
- {
- "client_id": "string",
- "client_secret": "string",
- "id": "string",
- "tenant_id": "string",
- "type": "GENERIC"
}
], - "roles": [
- {
- "aliases": [
- "string"
], - "role": "string"
}
], - "token_verification_keys": [
]
}, - "unprotected": false
}, - "hostname": "edge.geneva.corpbank",
- "remote_repository": {
- "cloudsmith": {
- "access_token": "APIKEY#ENTITLEMENTTOKEN",
}, - "repository_type": "CLOUDSMITH"
}, - "ssh": {
- "enable_password_login": false,
- "users": [
- {
- "ssh_keys": [
- {
- "description": "string",
- "key": "ssh-rsa AAAAB3NzaC1yc2"
}
], - "username": "anapaya"
}
]
}, - "telemetry": {
- "address": ":42001",
- "flow_metrics": {
- "cleanup_task_interval": "60s",
- "collector_url": "string",
- "enabled": false,
- "export_task_interval": "60s",
- "flow_expiration_interval": "180s",
- "max_active_flows": 0,
- "proxy_url": "string"
}, - "labels": [
- {
- "label": "string",
- "value": "string"
}
], - "logging": {
- "logging_type": "LOKI",
- "loki": {
- "basic_auth": {
- "password": "string",
- "username": "promtail"
}, - "tls_config": {
- "insecure_skip_verify": false
},
}
}
}
}, - "nat": {
- "snat": {
- "address_pool": [
- "string"
], - "exclude": [
- "string"
], - "interfaces": [
- "string"
]
}
}, - "scion": {
- "ases": [
- {
- "ca_service": {
- "anapaya_vault": {
- "addresses": [
- "string"
], - "credentials": {
- "role_id": "string",
- "secret_id": "string"
}, - "validation": {
- "subject": "MATCHING_ISD_AS"
}
}, - "external": {
- "address": "192.0.2.3:5000",
- "client_id": "string",
- "shared_secret": "shared secret"
}, - "service_type": "EXTERNAL"
}, - "control": {
- "address": "192.168.1.1:30100",
- "enabled": true
}, - "core": true,
- "cppki": {
- "disable_auto_renewal": true,
- "issuers": [
- {
- "isd_as": "1-ff00:0:120",
- "priority": 0
}
]
}, - "default": false,
- "details": {
- "description": "string",
- "name": "string"
}, - "forwarding_key": "string",
- "isd_as": "1-ff00:0:110",
- "neighbors": [
- {
- "description": "string",
- "interfaces": [
- {
- "address": "169.254.0.1:30100",
- "administrative_state": "UP",
- "bfd": {
- "desired_minimum_tx_interval": null,
- "detection_multiplier": null,
- "enabled": null,
- "required_minimum_receive": null
}, - "description": "string",
- "enable_scion_rss": false,
- "interface_id": 1,
- "remote": {
- "address": null,
- "interface_id": null
}, - "scion_mtu": 1472
}
], - "neighbor_isd_as": "2-ff00:0:210",
- "relationship": "CORE"
}
], - "router": {
- "enabled": true,
- "internal_interface": "192.168.1.1:30100"
}, - "scion_mtu": 1472,
- "shard_id": 0
}
], - "synchronization": {
- "beacon_synchronization_interval": "4s",
- "path_segment_synchronization_interval": "4s"
}
}, - "scion_tunneling": {
- "domains": [
- {
- "default": true,
- "description": "The domain. It matches all packets and allows any\npath to be used.",
- "encryption": "DISABLED",
- "local_isd_ases": [
- "string"
], - "name": "Default Domain",
- "prefixes": {
- "accept_filter": [
- {
- "action": "ACCEPT",
- "description": "string",
- "prefixes": [
- "192.168.1.0/24"
], - "sequence_id": 1
}
], - "announce_filter": [
- {
- "action": "ACCEPT",
- "description": "string",
- "prefixes": [
- "192.168.1.0/24"
], - "sequence_id": 1
}
]
}, - "remote_isd_ases": [
- {
- "action": "ACCEPT",
- "description": "string",
- "isd_as": "0-ff00:0:310",
- "sequence_id": 1
}
], - "traffic_policies": [
- {
- "description": "Default traffic policy",
- "failover_sequence": [
- {
- "path_filter": "string",
- "sequence_id": 1
}
], - "sequence_id": 1,
- "traffic_matcher": "string"
}
]
}
], - "endpoint": {
- "allowed_interfaces": [
- {
- "interfaces": [
- 2,
- 3
], - "isd_as": "string"
}
], - "control_port": 40201,
- "data_port": 40200,
- "description": "string",
- "disable_auto_allowed_interfaces": true,
- "disable_urpf": true,
- "enable_scion_rss": true,
- "enabled": true,
- "encryption": {
- "enabled": true,
- "per_remote_sa_limit": 1000,
- "port": 40203,
- "total_sa_limit": 100000
}, - "ip": "192.168.1.100",
- "probe_port": 40202
}, - "path_filters": [
- {
- "acl": [
- "+ 64-0"
], - "description": "Match only paths in the Swiss Isolation Domain (ID 64).",
- "hop_pattern": "0* 64+ 0+",
- "name": "CH ISD only"
}
], - "remotes": [
- {
- "description": "string",
- "isd_as": "1-ff00:0:310"
}
], - "static_announcements": [
- {
- "description": "string",
- "next_hop_tracking": {
- "disabled": true,
- "target": "192.168.0.1"
}, - "prefixes": [
- "192.168.1.0/24",
- "172.30.100.0/28"
], - "sequence_id": 1
}
], - "traffic_matchers": [
- {
- "condition": "BOOL=true",
- "description": "'all packets' matches all packets.",
- "name": "all packets"
}
]
}, - "system": {
- "dns": {
- "servers": [
- {
- "address": "string"
}
]
}, - "kernel": {
- "hugepage_size": "2M",
- "hugepages": 0,
- "iommu_enabled": false
}, - "ntp": {
- "root_distance_max": "1s",
- "servers": [
- {
- "address": "string"
}
]
}, - "resources": {
- "service_limits": [
- {
- "cpu": 1.5,
- "memory": "2.5G",
- "name": "CA_FRONTEND"
}
]
}, - "vpp": {
- "buffers": {
- "data_size": 9000,
- "num_buffers": 0
}, - "connection": {
- "health_check": {
- "probe_interval": "1s",
- "reply_timeout": "250ms",
- "threshold": 3
}, - "reconnect_attempts": 5,
- "reconnect_interval": "1s"
}, - "cpu": {
- "corelist_workers": "2-3,5",
- "main_core": 1,
- "workers": 0
}, - "poll_sleep": "0s",
- "statseg": {
- "size": "100M"
}, - "tun": {
- "mtu": 1500,
- "prefixes": [
- "192.168.1.0/24"
]
}
}
}
}
}
{- "config": {
- "advanced": {
- "service_customizations": [
- {
- "disabled": false,
- "service_type": "CA_FRONTEND",
- "skip_template_validation": false,
- "template": "string"
}
]
}, - "bgp": {
- "global": {
- "as": 0,
- "networks": [
- "string"
], - "router_id": "string",
- "src_address": "string"
}, - "neighbors": [
- {
- "auth_password": "string",
- "bfd": {
- "desired_minimum_tx_interval": 300,
- "detection_multiplier": 3,
- "enabled": false,
- "local_address": "string",
- "minimum_ttl": 254,
- "multihop": false,
- "required_minimum_receive": 300
}, - "description": "string",
- "ebgp_multihop": 0,
- "enabled": true,
- "local_as": 0,
- "neighbor_address": "string",
- "peer_as": 0,
- "timers": {
- "connect_retry": 30,
- "hold_time": 30,
- "keepalive_interval": 10,
- "minimum_advertisement_interval": 30
}, - "transport": {
- "local_address": "string"
}, - "ttl_security": 0
}
]
}, - "cluster": {
- "features": {
- "scion_rss": true
}, - "peers": [
- {
- "description": "string",
- "features": {
- "scion_rss": false
}, - "name": "string",
- "scion": {
- "ases": [
- {
- "control": {
- "address": "192.168.1.1:30100"
}, - "isd_as": "1-ff00:0:110",
- "neighbors": [
- {
- "interfaces": [ ],
- "neighbor_isd_as": null,
- "relationship": null
}
], - "shard_id": 0
}
]
}, - "scion_tunneling": {
- "endpoint": {
- "allowed_interfaces": [
- {
- "interfaces": [
- 2,
- 3
], - "isd_as": "string"
}
], - "control_port": 40201,
- "data_port": 40200,
- "disable_auto_allowed_interfaces": true,
- "ip": "192.168.1.100",
- "probe_port": 40202
}
}, - "synchronization": {
- "address": "192.168.1.1:30100"
}
}
], - "synchronization": {
- "address": "192.0.2.3:40000",
- "node_synchronization_interval": "1m"
}
}, - "experiments": {
- "features": [
- {
- "name": "string",
- "value": "string"
}
]
}, - "firewall": {
- "mode": "AUTO",
- "tables": [
- {
- "chains": [
- {
- "chaintype": "FILTER",
- "hook": "PREROUTING",
- "name": "string",
- "policy": "ACCEPT",
- "priority": 0,
- "rules": [
- {
- "comment": "string",
- "rule": "string",
- "sequence_id": 1
}
]
}
], - "counters": [
- {
- "name": "string"
}
], - "family": "IP",
- "name": "string"
}
]
}, - "interfaces": {
- "bonds": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "interfaces": [
- "string"
], - "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "ethernets": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "driver": "LINUX",
- "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vpp": {
- "vlan_strip_offload": false
}, - "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "loopbacks": [
- {
- "addresses": [
- "string"
], - "name": "string"
}
], - "virtual_functions": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "link": "string",
- "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "vlans": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "id": 4095,
- "link": "string",
- "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "wireguards": [
- {
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "mtu": 1420,
- "name": "string",
- "peers": [
- {
- "allowed_ips": [
- "string"
], - "endpoint": "string",
- "public_key": "string"
}
], - "pointopoint": "string",
- "port": 0,
- "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
]
}
]
}, - "management": {
- "api": {
- "basic_auth": {
- "enabled": true,
- "users": [
- {
- "password_hashed": "$2y$10$QNodxwKFABMWu4XlFPmZDOSfqxrsqNvrSn487lCi7tJ/4nTsT/f02",
- "username": "admin"
}
]
}, - "listeners": [
- {
- "address": "127.0.0.1:443",
- "description": "string"
}
], - "oauth": {
- "enabled": false,
- "identity_providers": [
- {
- "client_id": "string",
- "client_secret": "string",
- "id": "string",
- "tenant_id": "string",
- "type": "GENERIC"
}
], - "roles": [
- {
- "aliases": [
- "string"
], - "role": "string"
}
], - "token_verification_keys": [
]
}, - "unprotected": false
}, - "hostname": "edge.geneva.corpbank",
- "remote_repository": {
- "cloudsmith": {
- "access_token": "APIKEY#ENTITLEMENTTOKEN",
}, - "repository_type": "CLOUDSMITH"
}, - "ssh": {
- "enable_password_login": false,
- "users": [
- {
- "ssh_keys": [
- {
- "description": "string",
- "key": "ssh-rsa AAAAB3NzaC1yc2"
}
], - "username": "anapaya"
}
]
}, - "telemetry": {
- "address": ":42001",
- "flow_metrics": {
- "cleanup_task_interval": "60s",
- "collector_url": "string",
- "enabled": false,
- "export_task_interval": "60s",
- "flow_expiration_interval": "180s",
- "max_active_flows": 0,
- "proxy_url": "string"
}, - "labels": [
- {
- "label": "string",
- "value": "string"
}
], - "logging": {
- "logging_type": "LOKI",
- "loki": {
- "basic_auth": {
- "password": "string",
- "username": "promtail"
}, - "tls_config": {
- "insecure_skip_verify": false
},
}
}
}
}, - "nat": {
- "snat": {
- "address_pool": [
- "string"
], - "exclude": [
- "string"
], - "interfaces": [
- "string"
]
}
}, - "scion": {
- "ases": [
- {
- "ca_service": {
- "anapaya_vault": {
- "addresses": [
- "string"
], - "credentials": {
- "role_id": "string",
- "secret_id": "string"
}, - "validation": {
- "subject": "MATCHING_ISD_AS"
}
}, - "external": {
- "address": "192.0.2.3:5000",
- "client_id": "string",
- "shared_secret": "shared secret"
}, - "service_type": "EXTERNAL"
}, - "control": {
- "address": "192.168.1.1:30100",
- "enabled": true
}, - "core": true,
- "cppki": {
- "disable_auto_renewal": true,
- "issuers": [
- {
- "isd_as": "1-ff00:0:120",
- "priority": 0
}
]
}, - "default": false,
- "details": {
- "description": "string",
- "name": "string"
}, - "forwarding_key": "string",
- "isd_as": "1-ff00:0:110",
- "neighbors": [
- {
- "description": "string",
- "interfaces": [
- {
- "address": "169.254.0.1:30100",
- "administrative_state": "UP",
- "bfd": {
- "desired_minimum_tx_interval": null,
- "detection_multiplier": null,
- "enabled": null,
- "required_minimum_receive": null
}, - "description": "string",
- "enable_scion_rss": false,
- "interface_id": 1,
- "remote": {
- "address": null,
- "interface_id": null
}, - "scion_mtu": 1472
}
], - "neighbor_isd_as": "2-ff00:0:210",
- "relationship": "CORE"
}
], - "router": {
- "enabled": true,
- "internal_interface": "192.168.1.1:30100"
}, - "scion_mtu": 1472,
- "shard_id": 0
}
], - "synchronization": {
- "beacon_synchronization_interval": "4s",
- "path_segment_synchronization_interval": "4s"
}
}, - "scion_tunneling": {
- "domains": [
- {
- "default": true,
- "description": "The domain. It matches all packets and allows any\npath to be used.",
- "encryption": "DISABLED",
- "local_isd_ases": [
- "string"
], - "name": "Default Domain",
- "prefixes": {
- "accept_filter": [
- {
- "action": "ACCEPT",
- "description": "string",
- "prefixes": [
- "192.168.1.0/24"
], - "sequence_id": 1
}
], - "announce_filter": [
- {
- "action": "ACCEPT",
- "description": "string",
- "prefixes": [
- "192.168.1.0/24"
], - "sequence_id": 1
}
]
}, - "remote_isd_ases": [
- {
- "action": "ACCEPT",
- "description": "string",
- "isd_as": "0-ff00:0:310",
- "sequence_id": 1
}
], - "traffic_policies": [
- {
- "description": "Default traffic policy",
- "failover_sequence": [
- {
- "path_filter": "string",
- "sequence_id": 1
}
], - "sequence_id": 1,
- "traffic_matcher": "string"
}
]
}
], - "endpoint": {
- "allowed_interfaces": [
- {
- "interfaces": [
- 2,
- 3
], - "isd_as": "string"
}
], - "control_port": 40201,
- "data_port": 40200,
- "description": "string",
- "disable_auto_allowed_interfaces": true,
- "disable_urpf": true,
- "enable_scion_rss": true,
- "enabled": true,
- "encryption": {
- "enabled": true,
- "per_remote_sa_limit": 1000,
- "port": 40203,
- "total_sa_limit": 100000
}, - "ip": "192.168.1.100",
- "probe_port": 40202
}, - "path_filters": [
- {
- "acl": [
- "+ 64-0"
], - "description": "Match only paths in the Swiss Isolation Domain (ID 64).",
- "hop_pattern": "0* 64+ 0+",
- "name": "CH ISD only"
}
], - "remotes": [
- {
- "description": "string",
- "isd_as": "1-ff00:0:310"
}
], - "static_announcements": [
- {
- "description": "string",
- "next_hop_tracking": {
- "disabled": true,
- "target": "192.168.0.1"
}, - "prefixes": [
- "192.168.1.0/24",
- "172.30.100.0/28"
], - "sequence_id": 1
}
], - "traffic_matchers": [
- {
- "condition": "BOOL=true",
- "description": "'all packets' matches all packets.",
- "name": "all packets"
}
]
}, - "system": {
- "dns": {
- "servers": [
- {
- "address": "string"
}
]
}, - "kernel": {
- "hugepage_size": "2M",
- "hugepages": 0,
- "iommu_enabled": false
}, - "ntp": {
- "root_distance_max": "1s",
- "servers": [
- {
- "address": "string"
}
]
}, - "resources": {
- "service_limits": [
- {
- "cpu": 1.5,
- "memory": "2.5G",
- "name": "CA_FRONTEND"
}
]
}, - "vpp": {
- "buffers": {
- "data_size": 9000,
- "num_buffers": 0
}, - "connection": {
- "health_check": {
- "probe_interval": "1s",
- "reply_timeout": "250ms",
- "threshold": 3
}, - "reconnect_attempts": 5,
- "reconnect_interval": "1s"
}, - "cpu": {
- "corelist_workers": "2-3,5",
- "main_core": 1,
- "workers": 0
}, - "poll_sleep": "0s",
- "statseg": {
- "size": "100M"
}, - "tun": {
- "mtu": 1500,
- "prefixes": [
- "192.168.1.0/24"
]
}
}
}
}, - "metadata": {
- "release_version": "v1.0.0",
- "system_version": "v1.0.0"
}
}
✨Added in v0.24
Add a SCION CPPKI Trust Root Configuration (TRC) file to the device. The TRC is first validated before it is added to the trust store. Only valid TRCs are added to the trust store. Use the 'force' query parameter to force the addition of the TRC regardless of validity.
force | boolean Default: false If force is true, the TRC is added regardless of validity. |
The PEM encoded signed TRC.
-----BEGIN TRC----- ZjAwOjA6MTEwI ... -----END TRC-----
{- "trc": {
- "id": {
- "isd": 15,
- "base_number": 1,
- "serial_number": 3
}, - "validity": {
- "not_before": "2021-01-04T09:59:33Z",
- "not_after": "2022-01-04T09:59:33Z"
}, - "core_ases": [
- "1-ff00:0:110"
], - "authoritative_ases": [
- "1-ff00:0:110"
], - "description": "string",
- "blob": "string"
}
}
✨Added in v0.28
Add a bundle SCION CPPKI Trust Root Configuration (TRC) files to the device. The TRCs are first validated before they are added to the trust store. Only valid TRCs are added to the trust store. Use the 'force' query parameter to force the addition of the TRCs regardless of validity.
force | boolean Default: false If force is true, the TRC is added regardless of validity. |
The PEM encoded signed TRC.
-----BEGIN TRC----- ZjAwOjA6MTEwI ... -----END TRC----- -----BEGIN TRC----- 6QV3F2EsMZVWD ... -----END TRC----- -----BEGIN TRC----- GO0Vg34C8eRAu ... -----END TRC-----
{- "trcs": [
- {
- "id": {
- "isd": 15,
- "base_number": 1,
- "serial_number": 3
}, - "validity": {
- "not_before": "2021-01-04T09:59:33Z",
- "not_after": "2022-01-04T09:59:33Z"
}, - "core_ases": [
- "1-ff00:0:110"
], - "authoritative_ases": [
- "1-ff00:0:110"
], - "description": "string",
- "blob": "string"
}
]
}
✨Added in v0.24
Create a SCION CPPKI AS Certificate Signing Request (CSR). The CSR needs to be signed by a SCION CPPKI Certificate Authority in the local ISD. The fully signed certificate chain then needs to be installed via the /cppki/certificates endpoint.
The parameters for the CSR.
required | object (Subject of a certificate signing request.) |
{- "subject": {
- "isd_as": "1-ff00:0:110",
- "common_name": "Anapaya Switzerland AS",
- "country": "CH",
- "locality": "Zurich",
- "organization": "Anapaya Systems AG",
- "organizational_unit": "Anapaya Systems Engineering Department",
- "postal_code": "8005",
- "province": "Zurich",
- "serial_number": "CHE 123.456.789",
- "street_address": "Hardturmstrasse 253, 8005 Zurich"
}
}
{- "certificate_signing_request": {
- "subject": {
- "isd_as": "1-ff00:0:110",
- "common_name": "Anapaya Switzerland AS",
- "country": "CH",
- "locality": "Zurich",
- "organization": "Anapaya Systems AG",
- "organizational_unit": "Anapaya Systems Engineering Department",
- "postal_code": "8005",
- "province": "Zurich",
- "serial_number": "CHE 123.456.789",
- "street_address": "Hardturmstrasse 253, 8005 Zurich"
}, - "creation_time": "2021-01-04T09:59:33Z",
- "id": "fa53a04a"
}
}
✨Added in v0.24
Add a SCION CPPKI AS certificate chain to the device by promoting an existing certificate signing request. The certificate chain is first verified against the active TRC of the local ISD before it is added. Only verifiable certificate chains are added. Use the 'force' query parameter to force the addition of the certificate chain regardless of validity or verifiability.
force | boolean Default: false If force is true the certificate chain is added regardless of validity. |
Certificate chain containing the new AS certificate and the issuing CA certificate encoded in a degenerate PKCS#7 data structure.
{- "certificate_chain": {
- "id": "fa53a04a",
- "subject": "1-ff00:0:110",
- "issuer": "1-ff00:0:110",
- "validity": {
- "not_before": "2021-01-04T09:59:33Z",
- "not_after": "2022-01-04T09:59:33Z"
}, - "chain": "string",
- "blob": "string"
}
}
✨Added in v0.24
Get the currently active appliance configuration.
suppress_secrets | boolean Do not expose secrets in the response. |
If-None-Match | string |
{- "config": {
- "advanced": {
- "service_customizations": [
- {
- "disabled": false,
- "service_type": "CA_FRONTEND",
- "skip_template_validation": false,
- "template": "string"
}
]
}, - "bgp": {
- "global": {
- "as": 0,
- "networks": [
- "string"
], - "router_id": "string",
- "src_address": "string"
}, - "neighbors": [
- {
- "auth_password": "string",
- "bfd": {
- "desired_minimum_tx_interval": 300,
- "detection_multiplier": 3,
- "enabled": false,
- "local_address": "string",
- "minimum_ttl": 254,
- "multihop": false,
- "required_minimum_receive": 300
}, - "description": "string",
- "ebgp_multihop": 0,
- "enabled": true,
- "local_as": 0,
- "neighbor_address": "string",
- "peer_as": 0,
- "timers": {
- "connect_retry": 30,
- "hold_time": 30,
- "keepalive_interval": 10,
- "minimum_advertisement_interval": 30
}, - "transport": {
- "local_address": "string"
}, - "ttl_security": 0
}
]
}, - "cluster": {
- "features": {
- "scion_rss": true
}, - "peers": [
- {
- "description": "string",
- "features": {
- "scion_rss": false
}, - "name": "string",
- "scion": {
- "ases": [
- {
- "control": {
- "address": "192.168.1.1:30100"
}, - "isd_as": "1-ff00:0:110",
- "neighbors": [
- {
- "interfaces": [ ],
- "neighbor_isd_as": null,
- "relationship": null
}
], - "shard_id": 0
}
]
}, - "scion_tunneling": {
- "endpoint": {
- "allowed_interfaces": [
- {
- "interfaces": [
- 2,
- 3
], - "isd_as": "string"
}
], - "control_port": 40201,
- "data_port": 40200,
- "disable_auto_allowed_interfaces": true,
- "ip": "192.168.1.100",
- "probe_port": 40202
}
}, - "synchronization": {
- "address": "192.168.1.1:30100"
}
}
], - "synchronization": {
- "address": "192.0.2.3:40000",
- "node_synchronization_interval": "1m"
}
}, - "experiments": {
- "features": [
- {
- "name": "string",
- "value": "string"
}
]
}, - "firewall": {
- "mode": "AUTO",
- "tables": [
- {
- "chains": [
- {
- "chaintype": "FILTER",
- "hook": "PREROUTING",
- "name": "string",
- "policy": "ACCEPT",
- "priority": 0,
- "rules": [
- {
- "comment": "string",
- "rule": "string",
- "sequence_id": 1
}
]
}
], - "counters": [
- {
- "name": "string"
}
], - "family": "IP",
- "name": "string"
}
]
}, - "interfaces": {
- "bonds": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "interfaces": [
- "string"
], - "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "ethernets": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "driver": "LINUX",
- "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vpp": {
- "vlan_strip_offload": false
}, - "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "loopbacks": [
- {
- "addresses": [
- "string"
], - "name": "string"
}
], - "virtual_functions": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "link": "string",
- "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "vlans": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "id": 4095,
- "link": "string",
- "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "wireguards": [
- {
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "mtu": 1420,
- "name": "string",
- "peers": [
- {
- "allowed_ips": [
- "string"
], - "endpoint": "string",
- "public_key": "string"
}
], - "pointopoint": "string",
- "port": 0,
- "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
]
}
]
}, - "management": {
- "api": {
- "basic_auth": {
- "enabled": true,
- "users": [
- {
- "password_hashed": "$2y$10$QNodxwKFABMWu4XlFPmZDOSfqxrsqNvrSn487lCi7tJ/4nTsT/f02",
- "username": "admin"
}
]
}, - "listeners": [
- {
- "address": "127.0.0.1:443",
- "description": "string"
}
], - "oauth": {
- "enabled": false,
- "identity_providers": [
- {
- "client_id": "string",
- "client_secret": "string",
- "id": "string",
- "tenant_id": "string",
- "type": "GENERIC"
}
], - "roles": [
- {
- "aliases": [
- "string"
], - "role": "string"
}
], - "token_verification_keys": [
]
}, - "unprotected": false
}, - "hostname": "edge.geneva.corpbank",
- "remote_repository": {
- "cloudsmith": {
- "access_token": "APIKEY#ENTITLEMENTTOKEN",
}, - "repository_type": "CLOUDSMITH"
}, - "ssh": {
- "enable_password_login": false,
- "users": [
- {
- "ssh_keys": [
- {
- "description": "string",
- "key": "ssh-rsa AAAAB3NzaC1yc2"
}
], - "username": "anapaya"
}
]
}, - "telemetry": {
- "address": ":42001",
- "flow_metrics": {
- "cleanup_task_interval": "60s",
- "collector_url": "string",
- "enabled": false,
- "export_task_interval": "60s",
- "flow_expiration_interval": "180s",
- "max_active_flows": 0,
- "proxy_url": "string"
}, - "labels": [
- {
- "label": "string",
- "value": "string"
}
], - "logging": {
- "logging_type": "LOKI",
- "loki": {
- "basic_auth": {
- "password": "string",
- "username": "promtail"
}, - "tls_config": {
- "insecure_skip_verify": false
},
}
}
}
}, - "nat": {
- "snat": {
- "address_pool": [
- "string"
], - "exclude": [
- "string"
], - "interfaces": [
- "string"
]
}
}, - "scion": {
- "ases": [
- {
- "ca_service": {
- "anapaya_vault": {
- "addresses": [
- "string"
], - "credentials": {
- "role_id": "string",
- "secret_id": "string"
}, - "validation": {
- "subject": "MATCHING_ISD_AS"
}
}, - "external": {
- "address": "192.0.2.3:5000",
- "client_id": "string",
- "shared_secret": "shared secret"
}, - "service_type": "EXTERNAL"
}, - "control": {
- "address": "192.168.1.1:30100",
- "enabled": true
}, - "core": true,
- "cppki": {
- "disable_auto_renewal": true,
- "issuers": [
- {
- "isd_as": "1-ff00:0:120",
- "priority": 0
}
]
}, - "default": false,
- "details": {
- "description": "string",
- "name": "string"
}, - "forwarding_key": "string",
- "isd_as": "1-ff00:0:110",
- "neighbors": [
- {
- "description": "string",
- "interfaces": [
- {
- "address": "169.254.0.1:30100",
- "administrative_state": "UP",
- "bfd": {
- "desired_minimum_tx_interval": null,
- "detection_multiplier": null,
- "enabled": null,
- "required_minimum_receive": null
}, - "description": "string",
- "enable_scion_rss": false,
- "interface_id": 1,
- "remote": {
- "address": null,
- "interface_id": null
}, - "scion_mtu": 1472
}
], - "neighbor_isd_as": "2-ff00:0:210",
- "relationship": "CORE"
}
], - "router": {
- "enabled": true,
- "internal_interface": "192.168.1.1:30100"
}, - "scion_mtu": 1472,
- "shard_id": 0
}
], - "synchronization": {
- "beacon_synchronization_interval": "4s",
- "path_segment_synchronization_interval": "4s"
}
}, - "scion_tunneling": {
- "domains": [
- {
- "default": true,
- "description": "The domain. It matches all packets and allows any\npath to be used.",
- "encryption": "DISABLED",
- "local_isd_ases": [
- "string"
], - "name": "Default Domain",
- "prefixes": {
- "accept_filter": [
- {
- "action": "ACCEPT",
- "description": "string",
- "prefixes": [
- "192.168.1.0/24"
], - "sequence_id": 1
}
], - "announce_filter": [
- {
- "action": "ACCEPT",
- "description": "string",
- "prefixes": [
- "192.168.1.0/24"
], - "sequence_id": 1
}
]
}, - "remote_isd_ases": [
- {
- "action": "ACCEPT",
- "description": "string",
- "isd_as": "0-ff00:0:310",
- "sequence_id": 1
}
], - "traffic_policies": [
- {
- "description": "Default traffic policy",
- "failover_sequence": [
- {
- "path_filter": "string",
- "sequence_id": 1
}
], - "sequence_id": 1,
- "traffic_matcher": "string"
}
]
}
], - "endpoint": {
- "allowed_interfaces": [
- {
- "interfaces": [
- 2,
- 3
], - "isd_as": "string"
}
], - "control_port": 40201,
- "data_port": 40200,
- "description": "string",
- "disable_auto_allowed_interfaces": true,
- "disable_urpf": true,
- "enable_scion_rss": true,
- "enabled": true,
- "encryption": {
- "enabled": true,
- "per_remote_sa_limit": 1000,
- "port": 40203,
- "total_sa_limit": 100000
}, - "ip": "192.168.1.100",
- "probe_port": 40202
}, - "path_filters": [
- {
- "acl": [
- "+ 64-0"
], - "description": "Match only paths in the Swiss Isolation Domain (ID 64).",
- "hop_pattern": "0* 64+ 0+",
- "name": "CH ISD only"
}
], - "remotes": [
- {
- "description": "string",
- "isd_as": "1-ff00:0:310"
}
], - "static_announcements": [
- {
- "description": "string",
- "next_hop_tracking": {
- "disabled": true,
- "target": "192.168.0.1"
}, - "prefixes": [
- "192.168.1.0/24",
- "172.30.100.0/28"
], - "sequence_id": 1
}
], - "traffic_matchers": [
- {
- "condition": "BOOL=true",
- "description": "'all packets' matches all packets.",
- "name": "all packets"
}
]
}, - "system": {
- "dns": {
- "servers": [
- {
- "address": "string"
}
]
}, - "kernel": {
- "hugepage_size": "2M",
- "hugepages": 0,
- "iommu_enabled": false
}, - "ntp": {
- "root_distance_max": "1s",
- "servers": [
- {
- "address": "string"
}
]
}, - "resources": {
- "service_limits": [
- {
- "cpu": 1.5,
- "memory": "2.5G",
- "name": "CA_FRONTEND"
}
]
}, - "vpp": {
- "buffers": {
- "data_size": 9000,
- "num_buffers": 0
}, - "connection": {
- "health_check": {
- "probe_interval": "1s",
- "reply_timeout": "250ms",
- "threshold": 3
}, - "reconnect_attempts": 5,
- "reconnect_interval": "1s"
}, - "cpu": {
- "corelist_workers": "2-3,5",
- "main_core": 1,
- "workers": 0
}, - "poll_sleep": "0s",
- "statseg": {
- "size": "100M"
}, - "tun": {
- "mtu": 1500,
- "prefixes": [
- "192.168.1.0/24"
]
}
}
}
}, - "metadata": {
- "release_version": "v1.0.0",
- "system_version": "v1.0.0"
}
}
✨Added in v0.24
Put a new configuration to the appliance.
force | boolean Push the configuration, even if configuration validation fails. This parameter MUST be used with care as it can leave the appliance in a misconfigured state. |
disable_strict_parsing | boolean Disable strict parsing of the appliance configuration. |
If-Match | string |
The config to be pushed to the appliance.
required | object (Config) Anapaya appliance configuration |
{- "config": {
- "advanced": {
- "service_customizations": [
- {
- "disabled": false,
- "service_type": "CA_FRONTEND",
- "skip_template_validation": false,
- "template": "string"
}
]
}, - "bgp": {
- "global": {
- "as": 0,
- "networks": [
- "string"
], - "router_id": "string",
- "src_address": "string"
}, - "neighbors": [
- {
- "auth_password": "string",
- "bfd": {
- "desired_minimum_tx_interval": 300,
- "detection_multiplier": 3,
- "enabled": false,
- "local_address": "string",
- "minimum_ttl": 254,
- "multihop": false,
- "required_minimum_receive": 300
}, - "description": "string",
- "ebgp_multihop": 0,
- "enabled": true,
- "local_as": 0,
- "neighbor_address": "string",
- "peer_as": 0,
- "timers": {
- "connect_retry": 30,
- "hold_time": 30,
- "keepalive_interval": 10,
- "minimum_advertisement_interval": 30
}, - "transport": {
- "local_address": "string"
}, - "ttl_security": 0
}
]
}, - "cluster": {
- "features": {
- "scion_rss": true
}, - "peers": [
- {
- "description": "string",
- "features": {
- "scion_rss": false
}, - "name": "string",
- "scion": {
- "ases": [
- {
- "control": {
- "address": "192.168.1.1:30100"
}, - "isd_as": "1-ff00:0:110",
- "neighbors": [
- {
- "interfaces": [ ],
- "neighbor_isd_as": null,
- "relationship": null
}
], - "shard_id": 0
}
]
}, - "scion_tunneling": {
- "endpoint": {
- "allowed_interfaces": [
- {
- "interfaces": [
- 2,
- 3
], - "isd_as": "string"
}
], - "control_port": 40201,
- "data_port": 40200,
- "disable_auto_allowed_interfaces": true,
- "ip": "192.168.1.100",
- "probe_port": 40202
}
}, - "synchronization": {
- "address": "192.168.1.1:30100"
}
}
], - "synchronization": {
- "address": "192.0.2.3:40000",
- "node_synchronization_interval": "1m"
}
}, - "experiments": {
- "features": [
- {
- "name": "string",
- "value": "string"
}
]
}, - "firewall": {
- "mode": "AUTO",
- "tables": [
- {
- "chains": [
- {
- "chaintype": "FILTER",
- "hook": "PREROUTING",
- "name": "string",
- "policy": "ACCEPT",
- "priority": 0,
- "rules": [
- {
- "comment": "string",
- "rule": "string",
- "sequence_id": 1
}
]
}
], - "counters": [
- {
- "name": "string"
}
], - "family": "IP",
- "name": "string"
}
]
}, - "interfaces": {
- "bonds": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "interfaces": [
- "string"
], - "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "ethernets": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "driver": "LINUX",
- "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vpp": {
- "vlan_strip_offload": false
}, - "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "loopbacks": [
- {
- "addresses": [
- "string"
], - "name": "string"
}
], - "virtual_functions": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "link": "string",
- "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "vlans": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "id": 4095,
- "link": "string",
- "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "wireguards": [
- {
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "mtu": 1420,
- "name": "string",
- "peers": [
- {
- "allowed_ips": [
- "string"
], - "endpoint": "string",
- "public_key": "string"
}
], - "pointopoint": "string",
- "port": 0,
- "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
]
}
]
}, - "management": {
- "api": {
- "basic_auth": {
- "enabled": true,
- "users": [
- {
- "password_hashed": "$2y$10$QNodxwKFABMWu4XlFPmZDOSfqxrsqNvrSn487lCi7tJ/4nTsT/f02",
- "username": "admin"
}
]
}, - "listeners": [
- {
- "address": "127.0.0.1:443",
- "description": "string"
}
], - "oauth": {
- "enabled": false,
- "identity_providers": [
- {
- "client_id": "string",
- "client_secret": "string",
- "id": "string",
- "tenant_id": "string",
- "type": "GENERIC"
}
], - "roles": [
- {
- "aliases": [
- "string"
], - "role": "string"
}
], - "token_verification_keys": [
]
}, - "unprotected": false
}, - "hostname": "edge.geneva.corpbank",
- "remote_repository": {
- "cloudsmith": {
- "access_token": "APIKEY#ENTITLEMENTTOKEN",
}, - "repository_type": "CLOUDSMITH"
}, - "ssh": {
- "enable_password_login": false,
- "users": [
- {
- "ssh_keys": [
- {
- "description": "string",
- "key": "ssh-rsa AAAAB3NzaC1yc2"
}
], - "username": "anapaya"
}
]
}, - "telemetry": {
- "address": ":42001",
- "flow_metrics": {
- "cleanup_task_interval": "60s",
- "collector_url": "string",
- "enabled": false,
- "export_task_interval": "60s",
- "flow_expiration_interval": "180s",
- "max_active_flows": 0,
- "proxy_url": "string"
}, - "labels": [
- {
- "label": "string",
- "value": "string"
}
], - "logging": {
- "logging_type": "LOKI",
- "loki": {
- "basic_auth": {
- "password": "string",
- "username": "promtail"
}, - "tls_config": {
- "insecure_skip_verify": false
},
}
}
}
}, - "nat": {
- "snat": {
- "address_pool": [
- "string"
], - "exclude": [
- "string"
], - "interfaces": [
- "string"
]
}
}, - "scion": {
- "ases": [
- {
- "ca_service": {
- "anapaya_vault": {
- "addresses": [
- "string"
], - "credentials": {
- "role_id": "string",
- "secret_id": "string"
}, - "validation": {
- "subject": "MATCHING_ISD_AS"
}
}, - "external": {
- "address": "192.0.2.3:5000",
- "client_id": "string",
- "shared_secret": "shared secret"
}, - "service_type": "EXTERNAL"
}, - "control": {
- "address": "192.168.1.1:30100",
- "enabled": true
}, - "core": true,
- "cppki": {
- "disable_auto_renewal": true,
- "issuers": [
- {
- "isd_as": "1-ff00:0:120",
- "priority": 0
}
]
}, - "default": false,
- "details": {
- "description": "string",
- "name": "string"
}, - "forwarding_key": "string",
- "isd_as": "1-ff00:0:110",
- "neighbors": [
- {
- "description": "string",
- "interfaces": [
- {
- "address": "169.254.0.1:30100",
- "administrative_state": "UP",
- "bfd": {
- "desired_minimum_tx_interval": null,
- "detection_multiplier": null,
- "enabled": null,
- "required_minimum_receive": null
}, - "description": "string",
- "enable_scion_rss": false,
- "interface_id": 1,
- "remote": {
- "address": null,
- "interface_id": null
}, - "scion_mtu": 1472
}
], - "neighbor_isd_as": "2-ff00:0:210",
- "relationship": "CORE"
}
], - "router": {
- "enabled": true,
- "internal_interface": "192.168.1.1:30100"
}, - "scion_mtu": 1472,
- "shard_id": 0
}
], - "synchronization": {
- "beacon_synchronization_interval": "4s",
- "path_segment_synchronization_interval": "4s"
}
}, - "scion_tunneling": {
- "domains": [
- {
- "default": true,
- "description": "The domain. It matches all packets and allows any\npath to be used.",
- "encryption": "DISABLED",
- "local_isd_ases": [
- "string"
], - "name": "Default Domain",
- "prefixes": {
- "accept_filter": [
- {
- "action": "ACCEPT",
- "description": "string",
- "prefixes": [
- "192.168.1.0/24"
], - "sequence_id": 1
}
], - "announce_filter": [
- {
- "action": "ACCEPT",
- "description": "string",
- "prefixes": [
- "192.168.1.0/24"
], - "sequence_id": 1
}
]
}, - "remote_isd_ases": [
- {
- "action": "ACCEPT",
- "description": "string",
- "isd_as": "0-ff00:0:310",
- "sequence_id": 1
}
], - "traffic_policies": [
- {
- "description": "Default traffic policy",
- "failover_sequence": [
- {
- "path_filter": "string",
- "sequence_id": 1
}
], - "sequence_id": 1,
- "traffic_matcher": "string"
}
]
}
], - "endpoint": {
- "allowed_interfaces": [
- {
- "interfaces": [
- 2,
- 3
], - "isd_as": "string"
}
], - "control_port": 40201,
- "data_port": 40200,
- "description": "string",
- "disable_auto_allowed_interfaces": true,
- "disable_urpf": true,
- "enable_scion_rss": true,
- "enabled": true,
- "encryption": {
- "enabled": true,
- "per_remote_sa_limit": 1000,
- "port": 40203,
- "total_sa_limit": 100000
}, - "ip": "192.168.1.100",
- "probe_port": 40202
}, - "path_filters": [
- {
- "acl": [
- "+ 64-0"
], - "description": "Match only paths in the Swiss Isolation Domain (ID 64).",
- "hop_pattern": "0* 64+ 0+",
- "name": "CH ISD only"
}
], - "remotes": [
- {
- "description": "string",
- "isd_as": "1-ff00:0:310"
}
], - "static_announcements": [
- {
- "description": "string",
- "next_hop_tracking": {
- "disabled": true,
- "target": "192.168.0.1"
}, - "prefixes": [
- "192.168.1.0/24",
- "172.30.100.0/28"
], - "sequence_id": 1
}
], - "traffic_matchers": [
- {
- "condition": "BOOL=true",
- "description": "'all packets' matches all packets.",
- "name": "all packets"
}
]
}, - "system": {
- "dns": {
- "servers": [
- {
- "address": "string"
}
]
}, - "kernel": {
- "hugepage_size": "2M",
- "hugepages": 0,
- "iommu_enabled": false
}, - "ntp": {
- "root_distance_max": "1s",
- "servers": [
- {
- "address": "string"
}
]
}, - "resources": {
- "service_limits": [
- {
- "cpu": 1.5,
- "memory": "2.5G",
- "name": "CA_FRONTEND"
}
]
}, - "vpp": {
- "buffers": {
- "data_size": 9000,
- "num_buffers": 0
}, - "connection": {
- "health_check": {
- "probe_interval": "1s",
- "reply_timeout": "250ms",
- "threshold": 3
}, - "reconnect_attempts": 5,
- "reconnect_interval": "1s"
}, - "cpu": {
- "corelist_workers": "2-3,5",
- "main_core": 1,
- "workers": 0
}, - "poll_sleep": "0s",
- "statseg": {
- "size": "100M"
}, - "tun": {
- "mtu": 1500,
- "prefixes": [
- "192.168.1.0/24"
]
}
}
}
}
}
{- "config": {
- "advanced": {
- "service_customizations": [
- {
- "disabled": false,
- "service_type": "CA_FRONTEND",
- "skip_template_validation": false,
- "template": "string"
}
]
}, - "bgp": {
- "global": {
- "as": 0,
- "networks": [
- "string"
], - "router_id": "string",
- "src_address": "string"
}, - "neighbors": [
- {
- "auth_password": "string",
- "bfd": {
- "desired_minimum_tx_interval": 300,
- "detection_multiplier": 3,
- "enabled": false,
- "local_address": "string",
- "minimum_ttl": 254,
- "multihop": false,
- "required_minimum_receive": 300
}, - "description": "string",
- "ebgp_multihop": 0,
- "enabled": true,
- "local_as": 0,
- "neighbor_address": "string",
- "peer_as": 0,
- "timers": {
- "connect_retry": 30,
- "hold_time": 30,
- "keepalive_interval": 10,
- "minimum_advertisement_interval": 30
}, - "transport": {
- "local_address": "string"
}, - "ttl_security": 0
}
]
}, - "cluster": {
- "features": {
- "scion_rss": true
}, - "peers": [
- {
- "description": "string",
- "features": {
- "scion_rss": false
}, - "name": "string",
- "scion": {
- "ases": [
- {
- "control": {
- "address": "192.168.1.1:30100"
}, - "isd_as": "1-ff00:0:110",
- "neighbors": [
- {
- "interfaces": [ ],
- "neighbor_isd_as": null,
- "relationship": null
}
], - "shard_id": 0
}
]
}, - "scion_tunneling": {
- "endpoint": {
- "allowed_interfaces": [
- {
- "interfaces": [
- 2,
- 3
], - "isd_as": "string"
}
], - "control_port": 40201,
- "data_port": 40200,
- "disable_auto_allowed_interfaces": true,
- "ip": "192.168.1.100",
- "probe_port": 40202
}
}, - "synchronization": {
- "address": "192.168.1.1:30100"
}
}
], - "synchronization": {
- "address": "192.0.2.3:40000",
- "node_synchronization_interval": "1m"
}
}, - "experiments": {
- "features": [
- {
- "name": "string",
- "value": "string"
}
]
}, - "firewall": {
- "mode": "AUTO",
- "tables": [
- {
- "chains": [
- {
- "chaintype": "FILTER",
- "hook": "PREROUTING",
- "name": "string",
- "policy": "ACCEPT",
- "priority": 0,
- "rules": [
- {
- "comment": "string",
- "rule": "string",
- "sequence_id": 1
}
]
}
], - "counters": [
- {
- "name": "string"
}
], - "family": "IP",
- "name": "string"
}
]
}, - "interfaces": {
- "bonds": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "interfaces": [
- "string"
], - "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "ethernets": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "driver": "LINUX",
- "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vpp": {
- "vlan_strip_offload": false
}, - "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "loopbacks": [
- {
- "addresses": [
- "string"
], - "name": "string"
}
], - "virtual_functions": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "link": "string",
- "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "vlans": [
- {
- "accept_ra": false,
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "id": 4095,
- "link": "string",
- "mac": "string",
- "mtu": 1472,
- "name": "string",
- "neighbors": [
- {
- "address": "string",
- "comment": "string",
- "mac": "string",
- "sequence_id": 3
}
], - "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
], - "rx_queue_size": 2048,
- "tx_queue_size": 2048,
- "vrrp": [
- {
- "addresses": [
- "string"
], - "no_preempt": false,
- "peers": [
- "string"
], - "priority": 17,
- "vrid": 3
}
]
}
], - "wireguards": [
- {
- "addresses": [
- "string"
], - "gateway": {
- "ipv4_gateway": "string",
- "ipv6_gateway": "string"
}, - "mtu": 1420,
- "name": "string",
- "peers": [
- {
- "allowed_ips": [
- "string"
], - "endpoint": "string",
- "public_key": "string"
}
], - "pointopoint": "string",
- "port": 0,
- "routes": [
- {
- "comment": "string",
- "from": "string",
- "metric": 10,
- "sequence_id": 3,
- "to": "string",
- "via": "string"
}
]
}
]
}, - "management": {
- "api": {
- "basic_auth": {
- "enabled": true,
- "users": [
- {
- "password_hashed": "$2y$10$QNodxwKFABMWu4XlFPmZDOSfqxrsqNvrSn487lCi7tJ/4nTsT/f02",
- "username": "admin"
}
]
}, - "listeners": [
- {
- "address": "127.0.0.1:443",
- "description": "string"
}
], - "oauth": {
- "enabled": false,
- "identity_providers": [
- {
- "client_id": "string",
- "client_secret": "string",
- "id": "string",
- "tenant_id": "string",
- "type": "GENERIC"
}
], - "roles": [
- {
- "aliases": [
- "string"
], - "role": "string"
}
], - "token_verification_keys": [
]
}, - "unprotected": false
}, - "hostname": "edge.geneva.corpbank",
- "remote_repository": {
- "cloudsmith": {
- "access_token": "APIKEY#ENTITLEMENTTOKEN",
}, - "repository_type": "CLOUDSMITH"
}, - "ssh": {
- "enable_password_login": false,
- "users": [
- {
- "ssh_keys": [
- {
- "description": "string",
- "key": "ssh-rsa AAAAB3NzaC1yc2"
}
], - "username": "anapaya"
}
]
}, - "telemetry": {
- "address": ":42001",
- "flow_metrics": {
- "cleanup_task_interval": "60s",
- "collector_url": "string",
- "enabled": false,
- "export_task_interval": "60s",
- "flow_expiration_interval": "180s",
- "max_active_flows": 0,
- "proxy_url": "string"
}, - "labels": [
- {
- "label": "string",
- "value": "string"
}
], - "logging": {
- "logging_type": "LOKI",
- "loki": {
- "basic_auth": {
- "password": "string",
- "username": "promtail"
}, - "tls_config": {
- "insecure_skip_verify": false
},
}
}
}
}, - "nat": {
- "snat": {
- "address_pool": [
- "string"
], - "exclude": [
- "string"
], - "interfaces": [
- "string"
]
}
}, - "scion": {
- "ases": [
- {
- "ca_service": {
- "anapaya_vault": {
- "addresses": [
- "string"
], - "credentials": {
- "role_id": "string",
- "secret_id": "string"
}, - "validation": {
- "subject": "MATCHING_ISD_AS"
}
}, - "external": {
- "address": "192.0.2.3:5000",
- "client_id": "string",
- "shared_secret": "shared secret"
}, - "service_type": "EXTERNAL"
}, - "control": {
- "address": "192.168.1.1:30100",
- "enabled": true
}, - "core": true,
- "cppki": {
- "disable_auto_renewal": true,
- "issuers": [
- {
- "isd_as": "1-ff00:0:120",
- "priority": 0
}
]
}, - "default": false,
- "details": {
- "description": "string",
- "name": "string"
}, - "forwarding_key": "string",
- "isd_as": "1-ff00:0:110",
- "neighbors": [
- {
- "description": "string",
- "interfaces": [
- {
- "address": "169.254.0.1:30100",
- "administrative_state": "UP",
- "bfd": {
- "desired_minimum_tx_interval": null,
- "detection_multiplier": null,
- "enabled": null,
- "required_minimum_receive": null
}, - "description": "string",
- "enable_scion_rss": false,
- "interface_id": 1,
- "remote": {
- "address": null,
- "interface_id": null
}, - "scion_mtu": 1472
}
], - "neighbor_isd_as": "2-ff00:0:210",
- "relationship": "CORE"
}
], - "router": {
- "enabled": true,
- "internal_interface": "192.168.1.1:30100"
}, - "scion_mtu": 1472,
- "shard_id": 0
}
], - "synchronization": {
- "beacon_synchronization_interval": "4s",
- "path_segment_synchronization_interval": "4s"
}
}, - "scion_tunneling": {
- "domains": [
- {
- "default": true,
- "description": "The domain. It matches all packets and allows any\npath to be used.",
- "encryption":