Skip to content

Commit

Permalink
Updated SCP to currenrt versions and removed old and unecessary parts
Browse files Browse the repository at this point in the history
Signed-off-by: R-Lawton <[email protected]>
  • Loading branch information
R-Lawton committed Dec 2, 2024
1 parent da6f5db commit a6d22a5
Showing 1 changed file with 31 additions and 22 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

## Overview

This guide walks you through using Kuadrant to secure, protect, and connect an API exposed by a Gateway (Kubernetes Gateway API) from the personas platform engineer and application developer. for more information on the different personas please see the [Gateway API documentation](https://gateway-api.sigs.k8s.io/concepts/roles-and-personas/#key-roles-and-personas)
This guide walks you through using Kuadrant to secure, protect, and connect an API exposed by a Gateway (Kubernetes Gateway API) from the personas platform engineer and application developer. For more information on the different personas please see the [Gateway API documentation](https://gateway-api.sigs.k8s.io/concepts/roles-and-personas/#key-roles-and-personas)

## Prerequisites

Expand Down Expand Up @@ -307,19 +307,20 @@ You can use `curl` to hit your endpoint. You should see a `403`. Because this ex
while :; do curl -k -w "%{http_code}" "https://$(kubectl get httproute test -n ${KUADRANT_GATEWAY_NS} -o=jsonpath='{.spec.hostnames[0]}')" ; sleep 1; done
```

**Note** If the above curl command isn't working another alternative is to use kubectl like below
!!! note
If the above curl command isn't working, another alternative is to use kubectl like below:

```bash
HOST=$(kubectl get httproute test -n ${GATEWAY_NS} -o=jsonpath='{.spec.hostnames[0]}')
if [ -z "$HOST" ]; then
echo "Error: Unable to fetch the hostname. Ensure the HTTPRoute exists in the namespace ${GATEWAY_NS}."
exit 1
fi
echo "https://${HOST}"
kubectl run mycurlpod --image=curlimages/curl -i --tty --restart=Never -- sh <<EOF
curl -k -w "%{http_code}" "https://${HOST}"
EOF
```
```bash
HOST=$(kubectl get httproute test -n ${GATEWAY_NS} -o=jsonpath='{.spec.hostnames[0]}')
if [ -z "$HOST" ]; then
echo "Error: Unable to fetch the hostname. Ensure the HTTPRoute exists in the namespace ${GATEWAY_NS}."
exit 1
fi
echo "https://${HOST}"
kubectl run mycurlpod --image=curlimages/curl -i --tty --restart=Never -- sh <<EOF
curl -k -w "%{http_code}" "https://${HOST}"
EOF
```

### Open up the Gateway for other namespaces

Expand Down Expand Up @@ -558,15 +559,23 @@ while :; do curl --write-out '%{http_code}\n' --silent --output /dev/null -H 'A
while :; do curl --write-out '%{http_code}\n' --silent --output /dev/null -H 'Authorization: APIKEY IAMBOB' "https://api.${KUADRANT_ZONE_ROOT_DOMAIN}/cars" | grep -E --color "\b(429)\b|$"; sleep 1; done
```

**Note** If the above curl commands are not working for your system run the following instead changing IAMALICE for IAMBOB and vice versa to see the different limits

```bash
HOST=$(kubectl get httproute test -n ${GATEWAY_NS} -o=jsonpath='{.spec.hostnames[0]}')
kubectl run mycurlpod --image=curlimages/curl -i --tty -- sh
export HOST="${HOST}"
curl -k -w "%{http_code}" "https://${HOST}"
while :; do curl --resolve api.${KUADRANT_ZONE_ROOT_DOMAIN}:443:${INGRESS_HOST} --write-out '%{http_code}\n' --silent --output /dev/null -H 'Authorization: APIKEY IAMALICE' "https://api.${KUADRANT_ZONE_ROOT_DOMAIN}/cars" | grep -E --color "\b(429)\b|$"; sleep 1; done
```
!!! note
If the above curl commands are not working for your system, run the following instead, changing `IAMALICE` for `IAMBOB` and vice versa to see the different limits:

```bash
HOST=$(kubectl get httproute test -n ${GATEWAY_NS} -o=jsonpath='{.spec.hostnames[0]}')
kubectl run mycurlpod --image=curlimages/curl -i --tty -- sh
export HOST="${HOST}"
curl -k -w "%{http_code}" "https://${HOST}"
while :; do
curl --resolve api.${KUADRANT_ZONE_ROOT_DOMAIN}:443:${INGRESS_HOST} \
--write-out '%{http_code}\n' --silent --output /dev/null \
-H 'Authorization: APIKEY IAMALICE' \
"https://api.${KUADRANT_ZONE_ROOT_DOMAIN}/cars" | \
grep -E --color "\b(429)\b|$"
sleep 1
done
```

## Conclusion

Expand Down

0 comments on commit a6d22a5

Please sign in to comment.