Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/tsuru/acl-api

API that stores rules of network to be consumed by acl-operator
https://github.com/tsuru/acl-api

Last synced: 3 days ago
JSON representation

API that stores rules of network to be consumed by acl-operator

Host: GitHub
URL: https://github.com/tsuru/acl-api
Owner: tsuru
License: bsd-3-clause
Created: 2023-01-12T19:54:18.000Z (almost 2 years ago)
Default Branch: main
Last Pushed: 2024-09-30T13:15:29.000Z (about 1 month ago)
Last Synced: 2024-10-31T05:34:53.768Z (14 days ago)
Language: Go
Size: 260 KB
Stars: 1
Watchers: 4
Forks: 2
Open Issues: 6
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# acl-api
API that stores rules of network to be consumed by acl-operator

# Architecture

```mermaid
graph TD;
developer[Developer];
tsuru[TSURU API];
aclapi[ACL-API];
mongodb[(MongoDB)];
acl-operator[acl-operator];
network-policies[Kubernetes Network Policies]

developer -- Manage ACL Rules --> tsuru;
tsuru --> aclapi;
aclapi --> mongodb;
acl-operator -- Pull Rules ----> aclapi

click tsuru "https://www.github.com/tsuru/tsuru" "Access github project"
click aclapi "https://www.github.com/tsuru/acl-api" "Access github project"

click acl-operator "https://www.github.com/tsuru/acl-operator" "Access github project"
click network-policies "https://kubernetes.io/docs/concepts/services-networking/network-policies/" "Read more about kubernetes network policies"

subgraph "cluster(s) [1..N]"
acl-operator -- Manage --> network-policies
end

```

# concepts

## rule

Rule is a dynamic target that tsuru application connect into, rule can translated into a firewall rules or kubernetes network policies delegating capacity to the drivers, the responsability of acl-api is to store these rules and serve as a source of truth of all network permissions.

## service instance

Tsuru API provides a contract to extend app with other apis, acl-api used this generic resource to gather many rules into one shareable resource, it means that you can add many rules into a service instance, and bind it service instance to many apps.

# artifacts

- [Docker Hub Repository](https://hub.docker.com/r/tsuru/acl-api)