How to use Apigee Edge Microgateway
January 2, 2020
January 2, 2020
Recently, my team introduced Apigee Edge Microgateway instead of Apigee Edge API Gateway to one of our clients. I’m writing this blog hoping to help other Apigee Edge developers to quickly implement Apigee Microgateway in their projects.
It is easy and simple to learn, so let’s get started.
What is Apigee Edge Microgateway?
It is simple secure message processor for APIs. It is built on nodejs and is available on npm. Just like Apigee Edge Gateway, Microgateway also offers API management capabilities such as security, traffic management, analytics etc. It is more useful in applications built with a microservices architecture.
Why Apigee Edge Microgateway?
As many of us are already aware, Apigee Edge comes with two flavors, private cloud and public cloud. Having a private cloud of Apigee for a microservices architecture pattern deployed on other cloud platforms is costly, network intensive and takes a long time to build.
When each API that you create on Edge Gateway is accessed by the microservices deployed on different cloud platforms such as Azure, AWS or an on-premise private cloud, there will be a network call going out to and from Apigee/Google/private cloud network to your back-end application network. This not only increases the network traffic, but also the cost. Apigee Edge Gateway is costlier than Microgateway.
Typically, Edge Microgateway is installed within a trusted network in close proximity to back-end target services. It provides enterprise-grade security, and some key plugin features such as spike arrest, quota and analytics, but not the full capabilities of Apigee Edge. You can install Edge Microgateway in the same data center or even on the same machine as your back-end services.
Dependency on Apigee Edge
Edge Microgateway depends on and interacts with Apigee Edge. The primary ways that Edge Microgateway interacts with Edge are:
Deployment Options
Edge Microgateway can be deployed in the virtual machines as standalone processes or can be integrated with Kubernetes.
The standalone option with load balancer or standard reverse proxy:
The Kubernetes option is containerized as a sidecar proxy in Kubernetes. (You can also deploy it as a service instead of sidecar.):
Installation as standalone process
npm install edgemicro -g // latest version
npm install edgemicro@3.0.2 -g // with version specified
Check version withedgemicro --version
Configure Edge Microgateway
edgemicro configure -o [org] -e [env] -u [username]
If it is private cloud, use the below command
edgemicro private configure -o [org] -e [env] -u [username] -r [runtime_url] -m [mgmt_url] -v [virtual_host]
Once the configuration command is successful, you will get the key and secret, safely store these.
The following credentials are required to start edge micro
key:
3a680d5cac8405e288258b90ba607f626d392321c6c47c74ddedb3fc4291cc9e
secret:
503d36d40751d84deeb47e2ff1800b066fca2c2cba7e1197a6ada424b1e96e1e
Start Edge Microgateway with command
edgemicro start -o [org] -e [env] -k [key] -s [secret]
To stop, use
edgemicro stop
One-time configuration
You must initially configure Edge Microgateway to be able to communicate with your Apigee Edge organization with the commands given in the above steps. On startup, Edge Microgateway initiates a bootstrapping operation with Apigee Edge. Edge Microgateway retrieves from Apigee Edge the information it requires to process API calls on its own, including the list of Edge Microgateway-aware proxies that are deployed on Apigee Edge.
After the successful configuration, the config yaml file for the Edge Microgateway settings will be generated in .edgemicro folder in user home directory - $HOME/.edgemicro/<orgName>-<envName>-config.yaml.
edge_config:
bootstrap:https://apigee.net/edgemicro/bootstrap/organization/o
rg/environment/env...
jwt_public_key: http://apigee.net/edgemicro/publicKey...
managementUri: https://api.enterprise.apigee.com
vaultName: microgateway
authUri: https://%s-%s.apigee.net/edgemicro-auth
baseUri:https://edgemicroservices.apigee.net/edgemicro/%s/organ
ization/%s/environment/%s
bootstrapMessage: Please copy the following property to the
edge micro agent config
keySecretMessage: The following credentials are required to
start edge micro
edgemicro:
port: 8000 // change mg port here
max_connections: 1000
config_change_poll_interval: 600
logging:
level: error
dir: /var/tmp
stats_log_interval: 60
rotate_interval: 24
plugins:
sequence: // add required plugins here
- oauth
headers:
x-forwarded-for: true
x-forwarded-host: true
x-request-id: true
x-response-time: true
via: true
oauth:
allowNoAuthorization: false // if true, oauth plugin will be
disabled
allowInvalidAuthorization: false
Dockerized Microgateway
On a container, Microgateway can be used with an image size of less than 100MB. You must configure and create Microgateway aware proxies, products and apps before dockerizing Microgateway
Pull docker image for Edge Microgateway
docker pull gcr.io/apigee-microgateway/edgemicro:latest
Run the following command to base64-encode the Edge Microgateway configuration file located in $HOME/.edgemicro:
export EDGEMICRO_CONFIG=`base64 $HOME/.edgemicro/your_org-your_env-config.yaml`
// Remember to place back-ticks (`) around the command
Run Edge Microgateway as a container.
docker run -P -p 8000:8000 -d --name edgemicro
-v /var/tmp:/opt/apigee/logs
-e EDGEMICRO_PROCESSES=1
-e EDGEMICRO_ORG=your_org
-e EDGEMICRO_ENV=your_env
-e EDGEMICRO_KEY=your_key
-e EDGEMICRO_SECRET=your_secret
-e EDGEMICRO_CONFIG=$EDGEMICRO_CONFIG
-e SERVICE_NAME=edgemicro
--security-opt=no-new-privileges
--cap-drop=ALL
gcr.io/apigee-microgateway/edgemicro:latest
Create Microgateway Aware Proxies
Apigee Microgateway requires you to create Microgateway proxies. Any proxy that you create for Microgateway should start with edgemicro_. During the startup, Microgateway loads all the proxies that start with edgemicro_ and its associated products, apps and secrets into its cache. In the next article, I will write about limitations of Microgateway compared to Edge Gateway, plugins usage and custom plugins development with nodejs.