This demo extends the existing GCP Boutique Shop Microservices demo to show how to use Apigee for exposing internal gRPC services (inside the mesh) as RESTful APIs to external consumers (outside the mesh).
When exposing APIs to external consumers, there are key challenges that arise due to the nature of external consumption. Here are a few of them from the point of view of both the API producer, and the API consumer.
- How do you expose a cohesive and consistent RESTful API surface (from disparate underlying services)?
- Consistent & RESTful URL paths
- Consistent & RESTful HTTP status codes
- Consistent & RESTful error message formats
- Consistent & RESTful request & response payloads
- Consistent & RESTful authentication mechanisms
- How do you measure engagement and get key usage / business insights for the APIs being exposed?
- How do you monetize the APIs being exposed?
- How do you discover APIs available?
- How do you learn to use the APIs available?
- How do you sign-up (get credentials) to use the APIs available?
While this demo does not address every single use-case listed above, it does show the core components and concepts needed to use Apigee in this context.
The demo assumes you are deploying all components in GCP, and that you are using Apigee X in combination with GKE + Anthos Service Mesh.
- Provision Apigee X
- Configure external access for API traffic to your Apigee X instance
- Make sure the following tools are available in your terminal's $PATH (Cloud Shell has these preconfigured)
- gcloud SDK
- kubectl
- wget
- unzip
- curl
- jq
Use the following GCP CloudShell tutorial, and follow the instructions.
- Clone this repo, and switch the main directory
git clone https://github.com/GoogleCloudPlatform/apigee-anthos-service-mesh-demo.git
cd apigee-anthos-service-mesh-demo
- Edit the
env.sh
and configure the ENV vars
PROJECT
the project where you want to create the GKE cluster with ASMNETWORK
the network you have peered with Apigee and where you want the GKE cluster to be createdSUBNETWORK
the subnetwork where the GKE cluster should be createdLOCATION
the location for the GKE clusterCLUSTER_NAME
the name for the GKE demo clusterUI_GATEWAY_NAMESPACE
the kubernetes namespace for the UI ingress gatewayAPI_GATEWAY_NAMESPACE
the kubernetes namespace for the API ingress gatewayAPIGEE_HOST
the externally reachable hostname of the Apigee environment group that contains APIGEE_ENVAPIGEE_ENV
the Apigee environment where the demo resources should be created
Now source the env.sh
file
source ./env.sh
- Run script to create a GKE cluster
./create-gke-cluster.sh
- Run script to deploy ASM and the Online Boutique Shop demo
./deploy-asm.sh
The script will provide the URL of the deployed application in the console. Open the URL in a new browser tab to access the application.
- Run script to create a private API ingress (for Apigee to hit) & gRPC transcoding service
./deploy-gateway.sh
- Deploy Apigee API proxies, target server, products, apps
./deploy-apigee.sh
- (Optional) deploy monetization artifacts
Note: This step requires your organization to have the monetization addon enabled. See the Apigee docs for instructions on how to enable monetization on your paid or eval organization.
./deploy-mint.sh
The script that deploys the Apigee API proxies prints a few sample cURL commands that you can use to test.
Those sample cURL commands already have the necessary API key for each of the API calls.
curl https://{APIGEE_HOST}/v1/productservices/products?apikey=API_KEY_FROM_APIGEE_DEVELOPER_APP
curl https://{APIGEE_HOST}/v1/currencyservices/currencies?apikey=API_KEY_FROM_APIGEE_DEVELOPER_APP
-
Apigee is not able to reach the API private ingress
You can use a GCE VM within the same VPC Network and try using cURL to test for connectivity.
First, get the IP address of the API ingress load balancer
export ILB_IP=$(kubectl get services api-ingressgateway -n $API_GATEWAY_NAMESPACE -o jsonpath='{.status.loadBalancer.ingress[0].ip}') echo "ILB_IP=${ILB_IP}"
Then, from within the GCE VM, run the following curl command to get product catalog data
curl http://$ILB_IP/products
If this works, but Apigee is still not able to reach this endpoint, verify that the Apigee Target Server has the right IP address.
For each of the "deploy" scripts, there is an equivalent "cleanup" script you can run.
If you want to clean the entire setup, first source your env.sh
script, and then run the scripts in the following order
./cleanup-mint.sh # if applicable
./cleanup-apigee.sh
./cleanup-gateway.sh
./cleanup-asm.sh
Then, finally you can remove the GKE cluster with
./delete-gke-cluster.sh
This is not an officially supported Google product, nor is it part of an official Google product.
If you need support or assistance using the tool, you can try inquiring on Google Cloud Community forum dedicated to Apigee. There is no service-level guarantee for responses to inquiries regarding this tool.
This material is Copyright 2022 Google LLC and is licensed under the Apache 2.0 License.