Updating a Mesh

• Console
• CLI
• API

• 1. Open the navigation menu and click Developer Services. Under Containers & Artifacts, click Service Mesh.
  2. Click Service Meshes.
  3. On the Service Mesh page, from the list of compartments on the left side, select a compartment.
  4. From the list of meshes, click the mesh name that you want to edit.
  5. On the details page, click Edit.
  6. In the Edit Service Mesh panel, update the name, description, or the level of security for the mesh mTLS minimum mode.
     Choose one of the following levels of security:

     • Disabled: Accept raw TCP traffic. No minimum virtual services or ingress gateways within this mesh can use any mTLS authentication mode.
     • Permissive: Accept both mTLS and raw TCP traffic. Virtual services and ingress gateways within this mesh use either the Permissive or Strict mode.
     • Strict: Accept mTLS traffic. All virtual services and ingress within this mesh must use the Strict mode.

     For more information on using mTLS on service mesh, see Using mTLS with Service Mesh.

  7. Click Save changes.

• To see what operations are available for mesh update use:

  oci service-mesh mesh update -h

  To update a mesh using the CLI run oci service-mesh mesh update to update a mesh:

  oci service-mesh mesh update --mesh-id <meshId> --display-name <display-name> --description <description> --mtls <mtls>

  Where:

  • <meshId>: the OCID of the mesh to update. To find out the mesh's OCID, see Listing Meshes.
  • The description of the mesh. Avoid entering confidential information.

  • <mtls> (optional): set the mTLS authentication minimum mode between service communications within the mesh. Child resources mTLS authentication must meet this minimum mode. The value is a complex type and must be valid JSON. Provide the value as a string on the command line or pass the value in as a file using the file://path/to/file syntax.

    • <minimum>:
      • DISABLED: Accept raw TCP traffic. No minimum virtual services or ingress gateways within this mesh can use any mTLS authentication mode.
      • PERMISSIVE: Accept both mTLS and raw TCP traffic. Virtual services and ingress gateways within this mesh are either PERMISSIVE or STRICT modes.
      • STRICT: Accept mTLS traffic. All virtual services and ingress within this mesh must use STRICT mode.

      For more information on using mTLS on Service Mesh, see Using mTLS with Service Mesh.

  For example:

  oci service-mesh mesh update --mesh-id ocid1.meshmesh.oc1.iad.aaa... --mtls '{"minimum":"PERMISSIVE"}'

  The response to the command includes:

  • The mesh's OCID.
  • The life-cycle state (for example, ACTIVE, FAILED).
  • The ID of the work request to update the mesh (details of work requests are available for seven days after completion, cancellation, or failure).

  If you want the command to wait to return control until the mesh is active (or the request has failed), include either or both the following parameters:

  • --wait-for-state SUCCEEDED
  • --wait-for-state FAILED

  For example:

  oci service-mesh mesh update --mesh-id ocid1.mesh.oc1.iad.aaa... --mtls '{"minimum":"PERMISSIVE"}' --wait-for-state SUCCEEDED

  Note that you can’t use the mesh until the work request has successfully updated it and the mesh is active. To see the status of the mesh, enter:

  oci service-mesh mesh get --mesh-id <mesh-ocid>

  To view the status of the work request that updates the mesh, refer to Service Mesh Work Requests.

  Updating a Mesh with a JSON File

  Alternatively, update a mesh by supplying a JSON file to the update command.

  1. Generate a sample JSON file for a mesh:

     oci service-mesh mesh update --generate-full-command-json-input

  2. Create a JSON file with the sample-generated output from previous step and update the fields with appropriate values

  3. Supply the JSON file to the mesh update command:

     oci service-mesh mesh update --from-json file:///<filename>

  For more information about using the CLI, see:

  • Command Line Interface (CLI)
  • Service Mesh CLI Reference

• Use the UpdateMesh operation to update a mesh.