Updating a Mesh
Update the name, description, or mTLS mode of a mesh in Service Mesh.
Before you proceed, you must set up the appropriate OCI policies for the mesh resource. For details, see Required IAM Policy for a Mesh.
To see what operations are available for
mesh update
use:oci service-mesh mesh update -h
To update a mesh using the CLI run
oci service-mesh mesh update
to update a mesh:oci service-mesh mesh update --mesh-id <meshId> --display-name <display-name> --description <description> --mtls <mtls>
Where:
<meshId>
: the OCID of the mesh to update. To find out the mesh's OCID, see Listing Meshes.- The description of the mesh. Avoid entering confidential information.
-
<mtls>
(optional): set the mTLS authentication minimum mode between service communications within the mesh. Child resources mTLS authentication must meet this minimum mode. The value is a complex type and must be valid JSON. Provide the value as a string on the command line or pass the value in as a file using thefile://path/to/file
syntax.<minimum>
:DISABLED
: Accept raw TCP traffic. No minimum virtual services or ingress gateways within this mesh can use any mTLS authentication mode.PERMISSIVE
: Accept both mTLS and raw TCP traffic. Virtual services and ingress gateways within this mesh are eitherPERMISSIVE
orSTRICT
modes.STRICT
: Accept mTLS traffic. All virtual services and ingress within this mesh must useSTRICT
mode.
For more information on using mTLS on Service Mesh, see Using mTLS with Service Mesh.
For example:
oci service-mesh mesh update --mesh-id ocid1.meshmesh.oc1.iad.aaa... --mtls '{"minimum":"PERMISSIVE"}'
The response to the command includes:
- The mesh's OCID.
- The life-cycle state (for example, ACTIVE, FAILED).
- The ID of the work request to update the mesh (details of work requests are available for seven days after completion, cancellation, or failure).
If you want the command to wait to return control until the mesh is active (or the request has failed), include either or both the following parameters:
--wait-for-state SUCCEEDED
--wait-for-state FAILED
For example:
oci service-mesh mesh update --mesh-id ocid1.mesh.oc1.iad.aaa... --mtls '{"minimum":"PERMISSIVE"}' --wait-for-state SUCCEEDED
Note that you can't use the mesh until the work request has successfully updated it and the mesh is active. To see the status of the mesh, enter:
oci service-mesh mesh get --mesh-id <mesh-ocid>
To view the status of the work request that updates the mesh, refer to Service Mesh Work Requests.
Updating a Mesh with a JSON File
Alternatively, update a mesh by supplying a JSON file to the update command.
-
Generate a sample JSON file for a mesh:
oci service-mesh mesh update --generate-full-command-json-input
- Create a JSON file with the sample-generated output from previous step and update the fields with appropriate values
-
Supply the JSON file to the mesh update command:
oci service-mesh mesh update --from-json file:///<filename>
For more information about using the CLI, see:
Use the UpdateMesh operation to update a mesh.