Policy Definition

In this section we will introduce how to define a custom policy with CUE. Make sure you’ve learned the basic knowledge about Definition Concept and how to manage definition.

Generate resources in policy is similar to trait, policy can be used to define things across components.

Let’s use vela def init to create a basic policy scaffold:

  1. vela def init my-plc -t policy --desc "My ingress route policy." > myroute.cue

The content of the scaffold expected to be:

  1. // $ cat myroute.cue
  2. "my-plc": {
  3. annotations: {}
  4. attributes: {}
  5. description: "My ingress route policy."
  6. labels: {}
  7. type: "policy"
  8. }
  9. template: {
  10. }

The rule is aligned with component definition, you must specify output, while you can use outputs for more objects, the format as below:

  1. output: {
  2. <full template data>
  3. }
  4. outputs: <unique-name>:
  5. <full template data>

Below is an example that we create a traffic split service mesh object in policy.

  1. "my-plc": {
  2. description: "My service mesh policy."
  3. type: "policy"
  4. }
  5. template: {
  6. #ServerWeight: {
  7. service: string
  8. weight: int
  9. }
  10. parameter: {
  11. weights: [...#ServerWeight]
  12. }
  13. output: {
  14. apiVersion: "split.smi-spec.io/v1alpha3"
  15. kind: "TrafficSplit"
  16. metadata: name: context.name
  17. spec: {
  18. service: context.name
  19. backends: parameter.weights
  20. }
  21. }
  22. }

Apply to our control plane to make this Policy work:

  1. vela def apply myroute.cue

Then our end users can discover it immediately and use it in Application.

After using vela up by the following command:

  1. cat <<EOF | vela up -f -
  2. apiVersion: core.oam.dev/v1beta1
  3. kind: Application
  4. metadata:
  5. name: my-test-2
  6. spec:
  7. components:
  8. - name: server-v1
  9. type: webservice
  10. properties:
  11. image: oamdev/hello-world:v1
  12. - name: server-v2
  13. type: webservice
  14. properties:
  15. image: oamdev/hello-world:v2
  16. policies:
  17. - type: my-plc
  18. name: unified
  19. properties:
  20. weights:
  21. - service: server-v1
  22. weight: 80
  23. - service: server-v2
  24. weight: 20
  25. EOF

The policy will generate Kubernetes resources by KubeVela like below:

  1. apiVersion: split.smi-spec.io/v1alpha3
  2. kind: TrafficSplit
  3. metadata:
  4. name: unified
  5. namespace: default
  6. spec:
  7. backends:
  8. - service: server-v1
  9. weight: 80
  10. - service: server-v2
  11. weight: 20
  12. service: unified

You can define any Kubernetes API objects in policies if you want.

Not all policies generate resources, there’re several built-in policies which are used to control the whole delivery precess and workflows.

Policy Definition - 图1tip

These special polices are usually coded in the application controller.

Last updated on Feb 9, 2023 by dependabot[bot]