Orange--------API Gateway based on Nginx/openresty

About Orange

Orange is a openresty-based API Gateway. In addition to the basic functions of nginx, it can also be used for API monitoring, access control (authentication, WAF), traffic screening, access speed limit, AB test, dynamic shunt and so on. It has the following characteristics:

• Provides a set of default Dashboard for dynamic management of various functions and configurations
• API interface for implementing third-party services (such as personalized operational requirements, third-party dashboard, etc.)
• Custom plug-ins can be written according to specifications extend Orange functionality

Orange Combat Environment

[[email protected] ~]# cat/etc/redhat-release CentOS Linux release 7.4.1708 (Core) [[email protected] ~]# UNAM E-alinux Orange 3.10.0-693.17.1.el7.x86_64 #1 SMP Thu Jan 20:13:58 UTC 2018 x86_64 x86_64 x86_64 gnu/linux[[email&nbsp ;p rotected] ~]# iptables-f[[email protected] ~]# IP addr[[email protected] orange]# IP addr1:lo: <LOOPBACK    ,up,lower_up> MTU 65536 qdisc noqueue State UNKNOWN Qlen 1 link/loopback 00:00:00:00:00:00 BRD 00:00:00:00:00:00 inet 127.0.0.1/8 Scope host lo valid_lft forever Preferred_lft Forever Inet6:: 1/128 Scope host Valid_lft     Forever Preferred_lft Forever2:eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU Qdisc pfifo_fast State up Qlen 1000 Link/ether 00:0c:29:57:b5:ab BRD ff:ff:ff:ff:ff:ff inet 192.168.0.131/24 BRD 192.168.0.255 scope Global Dynamic ETH 0 valid_lft 7081sec preferred_lft 7081sec inet6 fe80::3f87:b30b:ff6b:e675/64 scope link Valid_lft forever Preferred_lft Forever

openresty Download [version > 1.9.7.3]

• Download Openresty Source Package

[[email protected] ~]# cd /usr/local/src/[[email protected] src]# wget https://openresty.org/download/openresty-1.13.6.1.tar.gz--2018-03-06 15:41:59--  https://openresty.org/download/openresty-1.13.6.1.tar.gzResolving openresty.org (openresty.org)... 120.26.162.249Connecting to openresty.org (openresty.org)|120.26.162.249|:443... connected.HTTP request sent, awaiting response... 200 OKLength: 4581699 (4.4M) [application/x-gzip]Saving to: ‘openresty-1.13.6.1.tar.gz’100%[=================================>] 4,581,699   9.08MB/s   in 0.5s   2018-03-06 15:42:00 (9.08 MB/s) - ‘openresty-1.13.6.1.tar.gz’ saved [4581699/4581699]

• Unzip the source package and enter the package

[[email protected] src]# tar xf openresty-1.13.6.1.tar.gz [[email protected] src]# cd openresty-1.13.6.1

• Create a openresty system user

[[email protected] openresty-1.13.6.1]# useradd -r -s /sbin/nologin -M openresty

• Installation related dependencies

[[email protected] openresty-1.13.6.1]# yum install pcre pcre-devel openssl openssl-devel git -y

• Specifying parameters to generate the makefile file

[[email protected] openresty-1.13.6.1]#./configure--prefix=/usr/local/openresty-1.13.6.1--user=openresty-- Group=openresty--with-http_stub_status_module ..... ......... Configuration Summary + using System PCRE Library + using System OpenSSL Library + using System zlib library Nginx Pat  H prefix: "/usr/local/openresty-1.13.6.1/nginx" nginx binary file: "/usr/local/openresty-1.13.6.1/nginx/sbin/nginx" Nginx modules path: "/usr/local/openresty-1.13.6.1/nginx/modules" nginx configuration prefix: "/usr/local/  openresty-1.13.6.1/nginx/conf "Nginx configuration file:"/usr/local/openresty-1.13.6.1/nginx/conf/nginx.conf " Nginx pid file: "/usr/local/openresty-1.13.6.1/nginx/logs/nginx.pid" nginx error log file: "/usr/local/ Openresty-1.13.6.1/nginx/logs/error.log "Nginx HTTP access log file:"/usr/local/openresty-1.13.6.1/nginx/logs/ Access.log "Nginx HTTP client request body Temporary files:" client_body_temp "nginx http proxy temporary files:" Proxy_ Temp "Nginx http fastcgi Temporary Files: "fastcgi_temp" Nginx http uwsgi temporary files: "uwsgi_temp" Nginx http scgi temporary files: "Scgi_temp" CD. /.. Type the following commands to build and Install:gmake gmake install

• Gmake compiling

[[email protected] openresty-1.13.6.1]# gmake………………sed -e "s|%%PREFIX%%|/usr/local/openresty-1.13.6.1/nginx|"     -e "s|%%PID_PATH%%|/usr/local/openresty-1.13.6.1/nginx/logs/nginx.pid|"     -e "s|%%CONF_PATH%%|/usr/local/openresty-1.13.6.1/nginx/conf/nginx.conf|"     -e "s|%%ERROR_LOG_PATH%%|/usr/local/openresty-1.13.6.1/nginx/logs/error.log|"     < docs/man/nginx.8 > objs/nginx.8gmake[2]: Leaving directory `/usr/local/src/openresty-1.13.6.1/build/nginx-1.13.6‘gmake[1]: Leaving directory `/usr/local/src/openresty-1.13.6.1/build/nginx-1.13.6‘

• Gmake Install Installation

[[email protected] openresty-1.13.6.1]# gmake install………………gmake[2]: Leaving directory `/usr/local/src/openresty-1.13.6.1/build/nginx-1.13.6‘gmake[1]: Leaving directory `/usr/local/src/openresty-1.13.6.1/build/nginx-1.13.6‘mkdir -p /usr/local/openresty-1.13.6.1/site/lualib /usr/local/openresty-1.13.6.1/site/pod /usr/local/openresty-1.13.6.1/site/manifestln -sf /usr/local/openresty-1.13.6.1/nginx/sbin/nginx /usr/local/openresty-1.13.6.1/bin/openresty

• Create a openrestyl directory soft link

[[email protected] openresty-1.13.6.1]# ln -s /usr/local/openresty-1.13.6.1 /usr/local/openresty[[email protected] openresty-1.13.6.1]# ls -l /usr/local/openrestylrwxrwxrwx. 1 root root 29 Mar  6 18:06 /usr/local/openresty -> /usr/local/openresty-1.13.6.1

• Set Resty and Nginx related environment variables and take effect

[[email protected] openresty-1.13.6.1]# cat /etc/profile.d/openresty.sh export OPENRESTY_HOME=/usr/local/openrestyexport NGINX_HOME=$OPENRESTY_HOME/nginxexport PATH=$OPENRESTY_HOME/bin:$NGINX_HOME/sbin:$PATH[[email protected] openresty-1.13.6.1]# source /etc/profile[[email protected] openresty-1.13.6.1]# echo $PATH/usr/local/openresty/bin:/usr/local/openresty/nginx/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin

LOR (LUA web framework) installation

• If you use an orange version lower than v0.6.2, you should install the Lor v0.2.* version
• If you use an orange version higher than or equal to v0.6.2, you should install the Lor v0.3.0+ version
• Git clones the Lor code base and enters the code package

[[email protected] src]# cd /usr/local/src/[[email protected] src]# git clone https://github.com/sumory/lorCloning into ‘lor‘...remote: Counting objects: 1716, done.remote: Total 1716 (delta 0), reused 0 (delta 0), pack-reused 1716Receiving objects: 100% (1716/1716), 335.55 KiB | 8.00 KiB/s, done.Resolving deltas: 100% (903/903), done.[[email protected] src]# cd lor/

• Installing Lor

[[email protected] lor]# make installinstall lor runtime files to /usr/local/lorlor runtime files installed.install lord cli to /usr/local/bin/lord cli installed.lor framework installed successfully

MySQL installation [install Mariadb,mysql binary security here with Yum]

• Install MySQL

[[email protected] lor]# yum install mariadb-server -y………………Installed:  mariadb-server.x86_64 1:5.5.56-2.el7                                                                                                           Dependency Installed:  libaio.x86_64 0:0.3.109-13.el7                   mariadb.x86_64 1:5.5.56-2.el7              perl-Compress-Raw-Bzip2.x86_64 0:2.061-3.el7       perl-Compress-Raw-Zlib.x86_64 1:2.061-4.el7      perl-DBD-MySQL.x86_64 0:4.023-5.el7        perl-DBI.x86_64 0:1.627-4.el7                      perl-Data-Dumper.x86_64 0:2.145-3.el7            perl-IO-Compress.noarch 0:2.061-2.el7      perl-Net-Daemon.noarch 0:0.48-5.el7                perl-PlRPC.noarch 0:0.2020-14.el7               Complete!

• Start mysqld and view the boot status

[[email protected] lor]# systemctl start mariadb.service[[email protected] lor]# systemctl status Mariadb.service mariadb.service-mariadb Database server loaded:loaded (/usr/lib/systemd/system/mariadb.service; dis abled; Vendor preset:disabled) active:active (running) since Tue 2018-03-06 16:13:53 CST; 34s ago process:11775 execstartpost=/usr/libexec/mariadb-wait-ready $MAINPID (code=exited, status=0/success) Process: 11696 Execstartpre=/usr/libexec/mariadb-prepare-db-dir%n (code=exited, status=0/success) Main pid:11774 (mysqld_safe ) CGroup:/system.slice/mariadb.service├─11774/bin/sh/usr/bin/mysqld_safe--basedir=/usr└─11936 /usr/libexec/mysqld--basedir=/usr--datadir=/var/lib/mysql--plugin-dir=/usr/lib64/mysql/plugin--log-error=/var/ Log/maria ... Mar 16:13:51 Orange mariadb-prepare-db-dir[11696]: MySQL Manual for more instructions. Mar 16:13:51 Orange mariadb-prepare-db-dir[11696]: problems at http://mariadb.orG/jiramar 16:13:51 Orange mariadb-prepare-db-dir[11696]: The latest information about MARIADB was available at Http://ma riadb.org/. Mar 16:13:51 Orange mariadb-prepare-db-dir[11696]: You can find additional information on the MySQL part At:mar 06 1 6:13:51 Orange mariadb-prepare-db-dir[11696]: Http://dev.mysql.comMar 16:13:51 Orange mariadb-prepare-db-dir[11696 ]: Consider joining MariaDB ' s strong and vibrant Community:mar (16:13:51 Orange mariadb-prepare-db-dir[11696]: https://m Ariadb.org/get-involved/mar 16:13:51 Orange mysqld_safe[11774]: 180306 16:13:51 mysqld_safe Logging to '/var/log/ Mariadb/mariadb.log '. Mar 16:13:51 Orange mysqld_safe[11774]: 180306 16:13:51 mysqld_safe starting mysqld daemon with databases From/var/lib /mysqlmar 16:13:53 Orange systemd[1]: Started MariaDB database server.

• Set [email protected] Password

[[email protected] lor]# mysqlWelcome to the MariaDB monitor.  Commands end with ; or \g.Your MariaDB connection id is 4Server version: 5.5.56-MariaDB MariaDB ServerCopyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the current input statement.MariaDB [(none)]> set password = password(‘123‘);Query OK, 0 rows affected (0.00 sec)MariaDB [(none)]> quitBye

Install Orange

• Download Orange Pack

[[email protected] lor]# cd /usr/local/src/[[email protected] src]# git clone https://github.com/sumory/orange.gitCloning into ‘orange‘...remote: Counting objects: 3385, done.remote: Compressing objects: 100% (27/27), done.remote: Total 3385 (delta 9), reused 5 (delta 2), pack-reused 3356Receiving objects: 100% (3385/3385), 2.60 MiB | 29.00 KiB/s, done.Resolving deltas: 100% (2151/2151), done.

• Install orange [Orange can choose not to "install" can be used, need to take the start.sh starter program]

 [[email protected] orange]# CD. [[email protected] src]# lslor openresty-1.13.6.1 openresty-1.13.6.1.tar.gz orange[[email protected] src]#  Lltotal 4480drwxr-xr-x.  8 root root 262 Mar 6 16:06 lordrwxrwxr-x.  6 157 Mar 6 15:50 openresty-1.13.6.1-rw-r--r--. 1 root root 4581699 Nov 13:53 openresty-1.13.6.1.tar.gzdrwxr-xr-x. Root root 4096 Mar 6 18:11 orange[[email protected] src]# CD orange/[[email protected] orange]# make Inst Allcopy nginx.confcopy orange.conforange installed./usr/local/bin/orange helporange v0.6.4, OpenResty/Nginx API Gateway.Usage:orange COMMAND [options]the commands are:stop Stop current orangeversion Show the version of Orangeresta RT Restart Orangereload Reload the config of Orangestore init/update/backup Orange storehelp Show help Tipsstart S Tart the Orange Gateway  

configuration file [Orange has two profiles, one is conf/orange.conf, the default dashboard for configuring plug-ins, storage and internal integration, and the other is conf/nginx.conf for configuring Nginx (Openresty).]

• ORANGE.CONF is configured as follows, please modify as needed:

{"Plugins": [//The list of available plugins, if you do not need to be removed from it, the system will automatically load the open API of these plugins and expose "stat", "Monitor", "redirect" on port 7777, "Rewrite", "rate_limiting", "property_rate_limiting", "Basic_Auth", "Key_auth", "Sig  Nature_auth "," WAF "," divide "," Kvstore "]," store ":" MySQL ",//currently only supports MySQL storage" Store_mysql ": { MySQL Configuration "timeout": "Connect_config": {//connection information, please modify the configuration "host" for the desired: "localhost",//attention to repair            Change to local database information "port": 3306,//Note modify Modify to local database information "database": "Orange",//Note modify Modify to local database information "User": "root",//Note modify Modify to local database information "password": "123",//Note modify Modify to local database information " Max_packet_size ": 1048576}," Pool_config ": {" Max_idle_timeout ": 10000," pool_size ":        3}, "desc": "MySQL Configuration"}, "Dashboard": {//default dashboard configuration. "Auth": false,//set to True, you need a username, password to log in dashboard, the defaultUser name and password is admin/orange_admin "Session_secret": "Y0ji4pdj61aaf3f11c2e65cd2263d3e7e5",//The salt that encrypts the cookie, modify it by itself "whit Elist ": [///Do not need authentication URI, such as login page, no need to modify this value" ^/auth/login$ "," ^/error/$ "]}," API ": {//API serve            R Configuration "auth_enable": true,//requires authorization "credentials" when accessing API: [//http Basic auth configuration, only valid when Auth_enable is enabled, add or modify it yourself    {"username": "api_username", "Password": "Api_password"}] }}

• Conf/nginx.conf is some nginx related configuration, please check it yourself and change or add the configuration according to the actual needs, pay special attention to the following configuration:
• Lua_package_path: Requires appropriate modifications based on the local environment, such as the installation path of the LOR framework
• Resolver:dns parsing
• Permissions for each server or location, such as whether you need to specify a black-and-white list IP via Allow/deny

Data Sheet Import MySQL

• Create a database in MySQL named Orange

[[email protected] lor]# mysql -uroot -p123Welcome to the MariaDB monitor.  Commands end with ; or \g.Your MariaDB connection id is 7Server version: 5.5.56-MariaDB MariaDB ServerCopyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the current input statement.MariaDB [(none)]> create database orange character set utf8mb4;Query OK, 1 row affected (0.00 sec)

• SQL scripts (such as install/orange-v0.6.4.sql) are imported into the Orange Library

[[email protected] lor]# mysql-uroot-p123welcome to the MariaDB Monitor. Commands End With; or \g.your MariaDB connection ID is 9Server version:5.5.56-mariadb MariaDB servercopyright (c), Oracle, Mariad B Corporation Ab and others. Type ' help ', ' or ' \h ' for help. Type ' \c ' to clear the current input statement. MariaDB [(None)]> use orangedatabase changedmariadb [orange]> source/usr/local/orange/install/ Orange-v0.6.4.sqlquery OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows affected (0.00 S  EC) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) query OK, 0  Rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 1 row affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 row S Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) query OK, 0 roWS Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 1 row affected (0. XX sec) query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query O K, 0 rows affected (0.01 sec) query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 1 row affec Ted (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 1 ro W Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows affected (0. XX sec) query OK, 0 rows affected (0.01 sec) query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query O K, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 1 row affected (0.00 sec) Query OK, 0 rows Affec Ted (0.01 sec) Query OK,0 Rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affecte D (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 1 row affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Que Ry OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows affected (0.01 sec) query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 1 row affected (0.00 sec) Query OK, 0 rows affected (0.00 SEC) query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK,  0 Rows Affected (0.00 sec) Query OK, 0 rows affected (0.01 sec) query OK, 1 row affected (0.00 sec) Query OK, 0 rows affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) query OK, 0 ro WS Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 1 row affected (0.01 sec) query OK, 0 rows affected (0. XX sec) QueryOK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows AFF Ected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 1 row affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec ) query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows affected (0.01 sec) query OK, 0 rows Affected (0.00 sec) Query OK, 0 r oWS Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 1 row affected (0.00 sec) Query OK, 0 rows affected (0 . xx sec) query OK, 0 rows affected (0.01 sec) query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows Affected (0.00 sec) Query OK, 0 rows AFF Ected (0.00 sec) MariaDB [orange]> Quitbye

Start Orange

[[email protected] lor]# orange start[INFO] Orange: 0.6.4[INFO] ngx_lua: 10011[INFO] nginx: 1013006[INFO] Lua: LuaJIT 2.1.0-beta3[INFO] args:[INFO]  ngx_conf:/usr/local/orange/conf/nginx.conf[INFO]  orange_conf:/usr/local/orange/conf/orange.conf[INFO]  prefix:/usr/local/orange[INFO] args end.[INFO] Start orange command execute.[INFO] ORANGE_CONF=/usr/local/orange/conf/orange.conf nginx -p /usr/local/orange -c /usr/local/orange/conf/nginx.conf

Web Access Orange Dashboard [192.168.0.131 as test host]

Orange--------API Gateway based on Nginx/openresty