Recently, my team introduced Apigee Edge Microgateway instead of Apigee Edge API Gateway to one of our clients. I’m writing this blog hoping to help other Apigee Edge developers to quickly implement Apigee Microgateway in their projects.
It is easy and simple to learn, so let’s get started.
What is Apigee Edge Microgateway?
It is simple secure message processor for APIs. It is built on nodejs and is available on npm. Just like Apigee Edge Gateway, Microgateway also offers API management capabilities such as security, traffic management, analytics etc. It is more useful in applications built with a microservices architecture.
Why Apigee Edge Microgateway?
As many of us are already aware, Apigee Edge comes with two flavors, private cloud and public cloud. Having a private cloud of Apigee for a microservices architecture pattern deployed on other cloud platforms is costly, network intensive and takes a long time to build.
When each API that you create on Edge Gateway is accessed by the microservices deployed on different cloud platforms such as Azure, AWS or an on-premise private cloud, there will be a network call going out to and from Apigee/Google/private cloud network to your back-end application network. This not only increases the network traffic, but also the cost. Apigee Edge Gateway is costlier than Microgateway.
Typically, Edge Microgateway is installed within a trusted network in close proximity to back-end target services. It provides enterprise-grade security, and some key plugin features such as spike arrest, quota and analytics, but not the full capabilities of Apigee Edge. You can install Edge Microgateway in the same data center or even on the same machine as your back-end services.
Dependency on Apigee Edge
Edge Microgateway depends on and interacts with Apigee Edge. The primary ways that Edge Microgateway interacts with Edge are:
- Upon startup, Edge Microgateway obtains a list of special "Edge Microgateway-aware" proxies and a list of all the API products from your Apigee Edge organization. For each incoming client request, Edge Microgateway determines if the request matches one of these API proxies, then validates the incoming access token or API key based on the keys in the API product associated with that proxy.
- The Apigee Edge Analytics system stores and processes API data sent asynchronously from Edge Microgateway.
- Apigee Edge provides credentials used to sign access tokens or provide API keys that are required by clients making API calls through Edge Microgateway. You can obtain these tokens using a CLI command provided with Edge Microgateway.
Edge Microgateway can be deployed in the virtual machines as standalone processes or can be integrated with Kubernetes.
The standalone option with load balancer or standard reverse proxy:
The Kubernetes option is containerized as a sidecar proxy in Kubernetes. (You can also deploy it as a service instead of sidecar.):
Installation as standalone process
- On a virtual machine (VM), Edge Microgateway requires a minimum of 1 core and at least 256 MB of RAM. The Edge Microgateway process itself takes less than 128 MB of RAM.
- Requires node and npm to be installed as prerequisite.
- Install latest version or required version with npm.
npm install edgemicro -g // latest version
npm install email@example.com -g // with version specified
Check version withedgemicro --version
Configure Edge Microgateway
edgemicro configure -o [org] -e [env] -u [username] If it is private cloud, use the below command
edgemicro private configure -o [org] -e [env] -u [username] -r [runtime_url] -m [mgmt_url] -v [virtual_host]
Once the configuration command is successful, you will get the key and secret, safely store these.
The following credentials are required to start edge micro
Start Edge Microgateway with command
edgemicro start -o [org] -e [env] -k [key] -s [secret]
To stop, use
You must initially configure Edge Microgateway to be able to communicate with your Apigee Edge organization with the commands given in the above steps. On startup, Edge Microgateway initiates a bootstrapping operation with Apigee Edge. Edge Microgateway retrieves from Apigee Edge the information it requires to process API calls on its own, including the list of Edge Microgateway-aware proxies that are deployed on Apigee Edge.
After the successful configuration, the config yaml file for the Edge Microgateway settings will be generated in .edgemicro folder in user home directory - $HOME/.edgemicro/<orgName>-<envName>-config.yaml.
bootstrapMessage: Please copy the following property to the
edge micro agent config
keySecretMessage: The following credentials are required to
start edge micro
port: 8000 // change mg port here
sequence: // add required plugins here
allowNoAuthorization: false // if true, oauth plugin will be
On a container, Microgateway can be used with an image size of less than 100MB. You must configure and create Microgateway aware proxies, products and apps before dockerizing Microgateway
Pull docker image for Edge Microgateway
docker pull gcr.io/apigee-microgateway/edgemicro:latest
Run the following command to base64-encode the Edge Microgateway configuration file located in $HOME/.edgemicro:
export EDGEMICRO_CONFIG=`base64 $HOME/.edgemicro/your_org-your_env-config.yaml`
// Remember to place back-ticks (`) around the command
Run Edge Microgateway as a container.
docker run -P -p 8000:8000 -d --name edgemicro
Create Microgateway Aware Proxies
Apigee Microgateway requires you to create Microgateway proxies. Any proxy that you create for Microgateway should start with edgemicro_. During the startup, Microgateway loads all the proxies that start with edgemicro_ and its associated products, apps and secrets into its cache. In the next article, I will write about limitations of Microgateway compared to Edge Gateway, plugins usage and custom plugins development with nodejs.