Using API gateways to pipe up the API

At first, I was just looking for an API gateway to prevent the API from being maliciously requested, finding a lap to discover the Nginx-based openresty(Lua language) expansion module Orange is good (also found in Kong , but the feeling of complexity is useless), but also lazy to use Vagrant combined with Docker to quickly set up the environment, based on the dockerfile of others to run through the whole experiment, feel good. Think of As if CoreOS is dedicated to Docker services, but also bought a "CoreOS practice " spend a small half a day to read, CoreOS in the cluster environment is really very cow, but my environment is still lightweight point, so still based on CentOS to do, So study for two days time, share with you, welcome to the message to shoot bricks or exchange! .

problem

General development interface when all kinds of languages have a very mature framework, the Internet is the most used should be Restfull+json mode, but small projects on the interface based on no security aspects, performance, etc., before writing an article directly through JS fetch data "play cool!" Crawl data directly in chrome, even if the idea is not easy to implement, time is not necessarily allowed.

Solution Solutions

With the popularity of microservices, it is necessary to have a middleware similar to API gateway to do the API management, that is, the implementation of the API more business logic, security, performance, monitoring can be left to the gateway to do (as shown, according to the Official Kong document modified), so as to improve business flexibility without lack of security.

Environment Construction

The beginning has been said that the environment will involve VirtualBox, Vagrant, Docker, Nginx, Lua, Openrety, Orange, the basic pits have been filled. But you'd better have some of that, too, because the lengthy steps of the experiment may not be recorded or omitted in some places. (All steps in this article are based on MacOS environment)

Vagrant CentOS Environment Building

Early installation of VirtualBox, Vagrant

Vagrant Init centos/7ssh

Edit Vagrantfile, configure private IP

" private_network " " 192.168.88.77 "

Installing the Docker engine

sudo YumUpdate
sudo Tee/etc/Yum. Repos.d/docker.repo <<-'EOF'[Dockerrepo]name=Docker Repositorybaseurl=https://yum.dockerproject.org/repo/main/centos/7/Enabled=1Gpgcheck=1Gpgkey=https://YUM.DOCKERPROJECT.ORG/GPGEOFsudo Yum Installdocker-enginesudoSystemctl Enable Docker.servicesudoSystemctl start DockersudoDocker Run--RMHello-world

Initializing and configuring the database Docker

Here I do the Docker volume, and set up your MySQL root password, execute the command into Docker

sudo 3306:3306 mysql:5.7sudo docker exec-it Platform-db/bin/bash

Creating Databases and Users

CREATE DATABASEOrange;CREATE USER 'Orange'@'%'Identified by 'Orange';GRANT  All Privileges  onOrange.*  to 'Orange'@'%';

Execute database initialization script, initialize orange database

Initializing and configuring Orange Docker

Use the Docker image I published directly cbcye/orange5

sudo Docker run-d--name Orange     --link platform-db:orange-database     7777 :7777     8888:8888     9999: 9999       --security-opt seccomp:unconfined     cbcye/orange5

Editing a configuration file

sudo docker exec-it platform-db/bin/bashvi/usr/local/orange/orange.conf #修改数据库连接信息vi/usr/local/orange/conf/ nginx.conf  #配置upstream Server, Real API server

Re-start Orange

sudosudo docker start orange

Orange Gateway Console

Access http://192.168.88.77:9999/user name: admin password: orange_admin

The environment has been built successfully

Configure and test enable and edit API overrides

Exposing the real API address/api/appdata to external requests by means of/appdata

Enable and configure speed limit rules

Only 2 requests are allowed in a minute

Using Postman for testing

HTTP errors are prompted when the request exceeds the limit, and no action is required by the real API server

Summarize

As mentioned at the beginning, API Gateway as a micro-service important middleware, the original API server does not need to change or change very small can be achieved, universal functionality is easy to integrate, based on Nginx Openresty developed orange performance can also be guaranteed. Therefore, it is necessary to use API gateway to manage the Open interface. Welcome message to shoot brick or exchange!

Practical Tips

#查看docker日志 sudo docker logs <container_name>#查看所有dockersudoPS --all# Remove Docker  sudorm  orange#orange Log location /usr/local/orange/logs/

Using API gateways to pipe up the API