Identity-Based Microsegmentation Guide
LAST UPDATED: November 8, 2021

About Voila

Voila is a toolbox container that allows you to:

  • Manage a Voila environment that wraps all your resources and targets a specific Kubernetes cluster.
  • Prepares all the values and certificates that will be injected in the Helm charts to deploy the Microsegmentation Console.
  • Secure your certificates and other secrets.
  • Once activated, wraps Kubernetes and Helm commands to target your Kubernetes cluster.

Your Voila environment contains the following:

  • activate script: activates your Voila environment
  • aporeto.yaml file: contains all the settings used for the deployment
  • certs folder: contains all generated certificates.
  • conf.d folder: contains service configurations
  • conf.voila file: contains the Voila settings

By default, aporeto.yaml and all certificates are encrypted when the environment is not activated.

A set of commands is available to perform administrative operations. See all commands available using:

list-cmds

The main command is doit. This a wrapper tool that will just do it with default configuration This command will check your current setup and adapt the configuration, apply it and trigger the installation/upgrade if needed. It is idempotent and is calling other commands under the hood like:

  • upconf: This is the tool that maintain your environment settings up to date.
  • snap: Is at tool that will analyze your current deployment and handle the install/update for you.
  • apostate: To check the status of the current deployment

All the settings for your deployment are handled through YAML files that are then fed to the Helm charts to generate a Kubernetes resources to create. There are two commands to help you read and write those configurations:

  • get_value
  • set_value

You may have the need to use Voila in a non-interactive way, for instance, to create a new Voila environment and deploy automatically. Consult docker run -ti gcr.io/prismacloud-cns/voila:release-5.0.8 create -h output to see what you can configure using environment variables.

To execute a command or a script against an existing Voila environment:

export VOILA_ENV_KEY=<KEY>
cd ./microseg && ./activate run <cmd or script>

Where:

  • <KEY> is the Voila environment key used to unlock it.
  • <cmd or script> is a command or script containing commands to run.