Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/tsuru/acl-api

API that stores rules of network to be consumed by acl-operator
https://github.com/tsuru/acl-api

Last synced: about 2 months ago
JSON representation

API that stores rules of network to be consumed by acl-operator

Host: GitHub
URL: https://github.com/tsuru/acl-api
Owner: tsuru
License: bsd-3-clause
Created: 2023-01-12T19:54:18.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2024-05-09T17:35:40.000Z (4 months ago)
Last Synced: 2024-07-11T00:54:45.149Z (2 months ago)
Language: Go
Size: 258 KB
Stars: 1
Watchers: 4
Forks: 1
Open Issues: 6
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# acl-api
API that stores rules of network to be consumed by acl-operator

# Architecture

```mermaid
graph TD;
developer[Developer];
tsuru[TSURU API];
aclapi[ACL-API];
mongodb[(MongoDB)];
acl-operator[acl-operator];
network-policies[Kubernetes Network Policies]

developer -- Manage ACL Rules --> tsuru;
tsuru --> aclapi;
aclapi --> mongodb;
acl-operator -- Pull Rules ----> aclapi

click tsuru "https://www.github.com/tsuru/tsuru" "Access github project"
click aclapi "https://www.github.com/tsuru/acl-api" "Access github project"

click acl-operator "https://www.github.com/tsuru/acl-operator" "Access github project"
click network-policies "https://kubernetes.io/docs/concepts/services-networking/network-policies/" "Read more about kubernetes network policies"

subgraph "cluster(s) [1..N]"
acl-operator -- Manage --> network-policies
end

```

# concepts

## rule

Rule is a dynamic target that tsuru application connect into, rule can translated into a firewall rules or kubernetes network policies delegating capacity to the drivers, the responsability of acl-api is to store these rules and serve as a source of truth of all network permissions.

## service instance

Tsuru API provides a contract to extend app with other apis, acl-api used this generic resource to gather many rules into one shareable resource, it means that you can add many rules into a service instance, and bind it service instance to many apps.

# artifacts

- [Docker Hub Repository](https://hub.docker.com/r/tsuru/acl-api)