mohammad-ayaz / capi-gateway Goto Github PK

Apache Con 2020 Presentation: https://www.youtube.com/watch?v=sEKCI8IBCfc

• Light API Gateway powered by Apache Camel dynamics routes.
• Customizable processors
• Easy deployment of Swagger and Open API endpoints.
• Keycloak integration, for API Manager and Deployed API's
• REST endpoint to manage your API's.
• Distributed tracing system (Zipkin)
• Metrics (Prometheus)
• Hawtio (JVM management console)
• API Subscription Engine (Keycloak)
• Traffic management (Apache Camel Kafka)
• Analytics for the metrics (Grafana)
• Error/Blocking strategies.

• Angular API Manager Interface. (Demo version available for Helm users: https://github.com/rodrigoserracoelho/capi-charts)
• Web Socket Gateway

{
	"endpoints": [
		"your.app.node1:8080",
		"your.app.node2:8080"
	],
	"endpointType": "HTTP",
	"connectTimeout": 0,
	"socketTimeout": 0,
	"name": "api-name",
	"secured": true,
	"context": "api-context",
	"swagger": true,
	"swaggerEndpoint": "http://your.server/v2/api-docs",
	"blockIfInError": false,
	"maxAllowedFailedCalls": 0,
	"zipkinTraceIdVisible": false,
	"internalExceptionMessageVisible": false,
	"internalExceptionVisible": false,
	"returnAPIError": false,
	"unblockAfter": false,
	"unblockAfterMinutes": 0,
	"clientID": "your-app-role",
	"corsEnabled": true,
	"credentialsAllowed": true,
	"allowedOrigins": [
		"http://your.web.app:4300",
		"http://another.web.app:4400"
	],
	"throttlingPolicy": {
		"maxCallsAllowed": 10,
		"periodForMaxCalls": 60000,
		"applyPerPath": true
	}
}

• endpoints (Array) - If you specify more than one endpoint, then CAPI will load balance (round robin fashion)
• endpointType (HTTP, HTTPS) - If you are exposing on HTTPS it is important to add your certificate to CAPI trust store. The API Manager exposes an API for managing your certificates.
• connectTimeout (default 2 minutes) - You can specify the timeout for CAPI to try to connect to your endpoint.
• socketTimeout (default 2 minutes) - You can specify the timeout for CAPI to wait for a response from your endpoint.
• name (string)
• context (string) - Context will be the path of your API in the CAPI environment. Ex.: https://localhost/gateway/yourcontext/
• secured (boolean) (CAPI only supports Bearer JWT Tokens) - If true, CAPI will check:
  • If a token is provided.
  • It the provided token was signed by the Keycloak instance.
  • If the client and/or user subscribed to the role. (check clientID)
• clientID (string) The API role on Keycloak.
• swaggerEndpoint (string) - Your swagger endpoint
• blockIfInError (boolean) - If true, and if your api retuns an error (!200) CAPI will suspend the route to the faulty path, for the amount of time defined in the field: unblockAfterMinutes and after the number of attempts defined in the field: maxAllowedFailedCalls
• corsEnabled If true CAPI will allow pre-flight requests from browsers (AJAX calls).
• allowedOrigins (Array) - If CORS is enabled then calls will be allowed to the declared origins.

• Kubernetes 1.9.2+
• Helm v3.3.1
• Clone CAPI Helm Charts: https://github.com/rodrigoserracoelho/capi-charts
• Follow the instructions.

For Docker, please visit: https://github.com/rodrigoserracoelho/capi-docker

• Admin user:
  • User: admin
  • Password: admin
• Default client to get your first token and deploy an API:
  • Client ID: Manager
  • Credentials: manager:988404d3-38bd-4246-a923-8b772c213b88
• Default client to login with a single page application (OpenID Connect - Implicit flow)
  • Client ID: rest
• User to try the implicit flow:
  • User: test
  • Password: password

Get your first token:

curl --location --request POST 'https://localhost:8443/auth/realms/capi/protocol/openid-connect/token' \
--header 'Authorization: Basic bWFuYWdlcjo5ODg0MDRkMy0zOGJkLTQyNDYtYTkyMy04Yjc3MmMyMTNiODg=' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials'

Publish your first API:

curl --location --request POST 'https://localhost:8080/route' \
--header 'Authorization: Bearer [your first token]' \
--header 'Content-Type: application/json' \
--data-raw '{
    "endpoints": [
        "your.endpoint.eu:8080"
    ],
    "endpointType": "HTTP",
    "connectTimeout": 0,
    "socketTimeout": 0,
    "name": "first-api",
    "secured": true,
    "context": "first-api",
    "swagger": false,
    "swaggerEndpoint": "http://your.endpoint.eu:8080/v2/api-docs",
    "blockIfInError": false,
    "maxAllowedFailedCalls": 0,
    "zipkinTraceIdVisible": false,
    "internalExceptionMessageVisible": false,
    "internalExceptionVisible": false,
    "returnAPIError": false,
    "unblockAfter": false,
    "unblockAfterMinutes": 0,
    "corsEnabled": true,
    "credentialsAllowed": true,
    "allowedOrigins": [
        "http://localhost:4300",
        "http://localhost:4400",
        "http://localhost:4200"
    ],
    "throttlingPolicy": {
        "maxCallsAllowed": 10,
        "periodForMaxCalls": 60000,
        "applyPerPath": true
    }
}'

Shortly your API will be available here:

curl --location --request GET 'https://localhost:8380/gateway/first-api/some/context'

• Apache Camel
• Spring Boot
• Hazelcast
• Prometheus
• Grafana
• Zipkin
• Mongo
• Kafka
• Zookeeper
• Keycloak
• Hawtio