Bonjour à tous! Je m'appelle toujours Anton. Dans l' article précédent , j'ai fait un petit tour d'horizon d'APIM Gravitee et, en général, des systèmes comme la gestion des API. Dans cet article, je vais vous montrer comment configurer le stand de familiarisation APIM Gravitee ( https://www.gravitee.io ), considérer l'architecture du système, le contenu du fichier de composition du docker, ajouter des paramètres, exécuter APIM Gravitee et faire la première API. L'article plonge un peu dans les aspects techniques et peut être utile pour que les administrateurs et les ingénieurs commencent à comprendre le système.
Architecture
Pour le stand d'introduction, nous utiliserons l'architecture la plus simple
, MongoDB Elasticsearch. MongoDB Elasticsearch Docker. Gateway Management API: logback.xml gravitee.yml.
docker-compose.yml
, docker-compose file, github. , .
docker-compose.yml
# Copyright (C) 2015 The Gravitee team (<http://gravitee.io>)
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# <http://www.apache.org/licenses/LICENSE-2.0>
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
version: '3.5'
networks:
frontend:
name: frontend
storage:
name: storage
volumes:
data-elasticsearch:
data-mongo:
services:
mongodb:
image: mongo:${MONGODB_VERSION:-3.6}
container_name: gio_apim_mongodb
restart: always
volumes:
- data-mongo:/data/db
- ./logs/apim-mongodb:/var/log/mongodb
networks:
- storage
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION:-7.7.0}
container_name: gio_apim_elasticsearch
restart: always
volumes:
- data-elasticsearch:/usr/share/elasticsearch/data
environment:
- http.host=0.0.0.0
- transport.host=0.0.0.0
- xpack.security.enabled=false
- xpack.monitoring.enabled=false
- cluster.name=elasticsearch
- bootstrap.memory_lock=true
- discovery.type=single-node
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
nofile: 65536
networks:
- storage
gateway:
image: graviteeio/apim-gateway:${APIM_VERSION:-3}
container_name: gio_apim_gateway
restart: always
ports:
- "8082:8082"
depends_on:
- mongodb
- elasticsearch
volumes:
- ./logs/apim-gateway:/opt/graviteeio-gateway/logs
environment:
- gravitee_management_mongodb_uri=mongodb://mongodb:27017/gravitee?serverSelectionTimeoutMS=5000&connectTimeoutMS=5000&socketTimeoutMS=5000
- gravitee_ratelimit_mongodb_uri=mongodb://mongodb:27017/gravitee?serverSelectionTimeoutMS=5000&connectTimeoutMS=5000&socketTimeoutMS=5000
- gravitee_reporters_elasticsearch_endpoints_0=http://elasticsearch:9200
networks:
- storage
- frontend
management_api:
image: graviteeio/apim-management-api:${APIM_VERSION:-3}
container_name: gio_apim_management_api
restart: always
ports:
- "8083:8083"
links:
- mongodb
- elasticsearch
depends_on:
- mongodb
- elasticsearch
volumes:
- ./logs/apim-management-api:/opt/graviteeio-management-api/logs
environment:
- gravitee_management_mongodb_uri=mongodb://mongodb:27017/gravitee?serverSelectionTimeoutMS=5000&connectTimeoutMS=5000&socketTimeoutMS=5000
- gravitee_analytics_elasticsearch_endpoints_0=http://elasticsearch:9200
networks:
- storage
- frontend
management_ui:
image: graviteeio/apim-management-ui:${APIM_VERSION:-3}
container_name: gio_apim_management_ui
restart: always
ports:
- "8084:8080"
depends_on:
- management_api
environment:
- MGMT_API_URL=http://localhost:8083/management/organizations/DEFAULT/environments/DEFAULT/
volumes:
- ./logs/apim-management-ui:/var/log/nginx
networks:
- frontend
portal_ui:
image: graviteeio/apim-portal-ui:${APIM_VERSION:-3}
container_name: gio_apim_portal_ui
restart: always
ports:
- "8085:8080"
depends_on:
- management_api
environment:
- PORTAL_API_URL=http://localhost:8083/portal/environments/DEFAULT
volumes:
- ./logs/apim-portal-ui:/var/log/nginx
networks:
- frontend
, :<o:p>
MongoDB - , API, Application, , .
Elasticsearch(Open Distro for Elasticsearch) - , , .
MongoDB
docker-compose.yml:mongodb
mongodb:
image: mongo:${MONGODB_VERSION:-3.6}
container_name: gio_apim_mongodb
restart: always
volumes:
- data-mongo:/data/db
- ./logs/apim-mongodb:/var/log/mongodb
networks:
- storage
MongoDB — 3.6, , volume MongoDB MongoDB.<o:p>
Elasticsearch
docker-compose.yml:elasticsearch
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION:-7.7.0}
container_name: gio_apim_elasticsearch
restart: always
volumes:
- data-elasticsearch:/usr/share/elasticsearch/data
environment:
- http.host=0.0.0.0
- transport.host=0.0.0.0
- xpack.security.enabled=false
- xpack.monitoring.enabled=false
- cluster.name=elasticsearch
- bootstrap.memory_lock=true
- discovery.type=single-node
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits
memlock:
soft: -1
hard: -1
nofile: 65536
networks:
- storage
elasticsearch:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION:-7.7.0}
container_name: gio_apim_elasticsearch
restart: always
volumes:
- data-elasticsearch:/usr/share/elasticsearch/data<o:p>
environment:
- http.host=0.0.0.0
- transport.host=0.0.0.0
- xpack.security.enabled=false
- xpack.monitoring.enabled=false
- cluster.name=elasticsearch
- bootstrap.memory_lock=true
- discovery.type=single-node
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
nofile: 65536
networks:
- storage
Elasticsearch — 7.7.0, , volume Elasticsearch. xpack.security.enabled=false xpack.monitoring.enabled=false, false, Elasticsearch XPack . , , . ulimits, Elasticsearch docker.<o:p>
:
Gateway
Management API
Management UI
Portal UI
Gateway/APIM Gateway
docker-compose.yml:gateway
gateway:
image: graviteeio/apim-gateway:${APIM_VERSION:-3}
container_name: gio_apim_gateway
restart: always
ports:
- "8082:8082"
depends_on:
- mongodb
- elasticsearch
volumes:
- ./logs/apim-gateway:/opt/graviteeio-gateway/logs
environment:
- gravitee_management_mongodb_uri=mongodb://mongodb:27017/gravitee?serverSelectionTimeoutMS=5000&connectTimeoutMS=5000&socketTimeoutMS=5000
- gravitee_ratelimit_mongodb_uri=mongodb://mongodb:27017/gravitee?serverSelectionTimeoutMS=5000&connectTimeoutMS=5000&socketTimeoutMS=5000
- gravitee_reporters_elasticsearch_endpoints_0=http://elasticsearch:9200
networks:
- storage
- frontend
Gateway — 3, . , hub.docker.com, , 3 latest . , , , MongoDB Elasticsearch. , Gateway API mongodb, mongodb elasticsearch . , , Gateway. environment , Gateway, : gravitee.yml. , , Open Distro for Elasticsearch Elasticsearch. , , .
environment:
- gravitee_tags=service-tag # : service-tag
- gravitee_tenant=service-space # : service-space
- gravitee_services_core_http_enabled=true # Gateway
- gravitee_services_core_http_port=18082 #
- gravitee_services_core_http_host=0.0.0.0 #
- gravitee_services_core_http_authentication_type=basic # , basic - +
- gravitee_services_core_http_authentication_type_users_admin=password # : admin, : password
, 18082.
ports:
- "18082:18082"
Management API/APIM API
docker-compose.yml:management_api
management_api:
image: graviteeio/apim-management-api:${APIM_VERSION:-3}
container_name: gio_apim_management_api
restart: always
ports:
- "8083:8083"
links:
- mongodb
- elasticsearch
depends_on:
- mongodb
- elasticsearch
volumes:
- ./logs/apim-management-api:/opt/graviteeio-management-api/logs
environment:
- gravitee_management_mongodb_uri=mongodb://mongodb:27017/gravitee?serverSelectionTimeoutMS=5000&connectTimeoutMS=5000&socketTimeoutMS=5000
- gravitee_analytics_elasticsearch_endpoints_0=http://elasticsearch:9200
networks:
- storage
- frontend
Management API — API, , - Management UI Portal UI. MongoDB Elasticsearch. environment , . :
environment:
- gravitee_email_enable=true #
- gravitee_email_host=smtp.domain.example #
- gravitee_email_port=25 #
- gravitee_email_username=domain.example/gravitee #
- gravitee_email_password=password #
- gravitee_email_from=noreply@domain.example #
- gravitee_email_subject="[Gravitee.io] %s" #
Management UI/APIM Console
docker-compose.yml:apim_console
management_ui:
image: graviteeio/apim-management-ui:${APIM_VERSION:-3}
container_name: gio_apim_management_ui
restart: always
ports:
- "8084:8080"
depends_on:
- management_api
environment:
- MGMT_API_URL=http://localhost:8083/management/organizations/DEFAULT/environments/DEFAULT/
volumes:
- ./logs/apim-management-ui:/var/log/nginx
networks:
- frontend
Management UI . REST API. , MGMT_API_URL localhost IP , , Management API.
Portal UI/APIM Portal
docker-compose.yml:apim_portal
portal_ui:
image: graviteeio/apim-portal-ui:${APIM_VERSION:-3}
container_name: gio_apim_portal_ui
restart: always
ports:
- "8085:8080"
depends_on:
- management_api
environment:
- PORTAL_API_URL=http://localhost:8083/portal/environments/DEFAULT
volumes:
- ./logs/apim-portal-ui:/var/log/nginx
networks:
- frontend
Portal UI — . , API. , PORTAL_API_URL localhost IP- , , Management API.<o:p>
.
docker-compose.yml
# Copyright (C) 2015 The Gravitee team (<http://gravitee.io>)
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# <http://www.apache.org/licenses/LICENSE-2.0>
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
version: '3.5'
networks:
frontend:
name: frontend
storage:
name: storage
volumes:
data-elasticsearch:
data-mongo:
services:
mongodb:
image: mongo:${MONGODB_VERSION:-3.6}
container_name: gio_apim_mongodb
restart: always
volumes:
- data-mongo:/data/db
- ./logs/apim-mongodb:/var/log/mongodb
networks:
- storage
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION:-7.7.0}
container_name: gio_apim_elasticsearch
restart: always
volumes:
- data-elasticsearch:/usr/share/elasticsearch/data
environment:
- http.host=0.0.0.0
- transport.host=0.0.0.0
- cluster.name=elasticsearch
- bootstrap.memory_lock=true
- discovery.type=single-node
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
nofile: 65536
networks:
- storage
gateway:
image: graviteeio/apim-gateway:${APIM_VERSION:-3}
container_name: gio_apim_gateway
restart: always
ports:
- "8082:8082"
- "18082:18082"
depends_on:
- mongodb
- elasticsearch
volumes:
- ./logs/apim-gateway:/opt/graviteeio-gateway/logs
environment:
- gravitee_management_mongodb_uri=mongodb://mongodb:27017/gravitee?serverSelectionTimeoutMS=5000&connectTimeoutMS=5000&socketTimeoutMS=5000
- gravitee_ratelimit_mongodb_uri=mongodb://mongodb:27017/gravitee?serverSelectionTimeoutMS=5000&connectTimeoutMS=5000&socketTimeoutMS=5000
- gravitee_reporters_elasticsearch_endpoints_0=http://elasticsearch:9200
- gravitee_tags=service-tag # : service-tag
- gravitee_tenant=service-space # : service-space
- gravitee_services_core_http_enabled=true # Gateway
- gravitee_services_core_http_port=18082 #
- gravitee_services_core_http_host=0.0.0.0 #
- gravitee_services_core_http_authentication_type=basic # , basic - +
- gravitee_services_core_http_authentication_type_users_admin=password # : admin, : password
networks:
- storage
- frontend
management_api:
image: graviteeio/apim-management-api:${APIM_VERSION:-3}
container_name: gio_apim_management_api
restart: always
ports:
- "8083:8083"
links:
- mongodb
- elasticsearch
depends_on:
- mongodb
- elasticsearch
volumes:
- ./logs/apim-management-api:/opt/graviteeio-management-api/logs
environment:
- gravitee_management_mongodb_uri=mongodb://mongodb:27017/gravitee?serverSelectionTimeoutMS=5000&connectTimeoutMS=5000&socketTimeoutMS=5000
- gravitee_analytics_elasticsearch_endpoints_0=http://elasticsearch:9200
- gravitee_email_enable=true #
- gravitee_email_host=smtp.domain.example #
- gravitee_email_port=25 #
- gravitee_email_username=domain.example/gravitee #
- gravitee_email_password=password #
- gravitee_email_from=noreply@domain.example #
- gravitee_email_subject="[Gravitee.io] %s" #
networks:
- storage
- frontend
management_ui:
image: graviteeio/apim-management-ui:${APIM_VERSION:-3}
container_name: gio_apim_management_ui
restart: always
ports:
- "8084:8080"
depends_on:
- management_api
environment:
- MGMT_API_URL=http://localhost:8083/management/organizations/DEFAULT/environments/DEFAULT/
volumes:
- ./logs/apim-management-ui:/var/log/nginx
networks:
- frontend
portal_ui:
image: graviteeio/apim-portal-ui:${APIM_VERSION:-3}
container_name: gio_apim_portal_ui
restart: always
ports:
- "8085:8080"
depends_on:
- management_api
environment:
- PORTAL_API_URL=http://localhost:8083/portal/environments/DEFAULT
volumes:
- ./logs/apim-portal-ui:/var/log/nginx
networks:
- frontend
:
vCPU: 4
RAM: 4 GB
HDD: 50-100 GB
Elasticsearch, MongoDB Gravitee Gateway 0.5 vCPU, . - RAM. . , , MongoDB . 100 MB. Elasticsearch.
docker-compose up -d #
docker-compose up #
:
gio_apim_management_api_dev | 19:57:12.615 [graviteeio-node] INFO i.g.r.a.s.node.GraviteeApisNode - Gravitee.io - Rest APIs id[5728f320-ba2b-4a39-a8f3-20ba2bda39ac] version[3.5.3] pid[1] build[23#2f1cec123ad1fae2ef96f1242dddc0846592d222] jvm[AdoptOpenJDK/OpenJDK 64-Bit Server VM/11.0.10+9] started in 31512 ms.
: http://_:8084/.
, Elasticsearch , "":
. , , . — !
: admin/admin !
Settings → PORTAL → Settings
. : : Keyless, API_KEY, Oauth2 JWT. , . Google Analytics. . .
tags tenant
Settings → GATEWAY → Shardings Tags
, . "+" .
. - , , .
Settings → GATEWAY → Tenants
. "+", "New tenant", . , Open Distro for Elasticsearch, .
Settings → USER MANAGEMENT → Users
, , email. . , -!
Management API: gravitee.yml :
security:
providers: # authentication providers
- type: memory
# password encoding/hashing algorithm. One of:
# - bcrypt : passwords are hashed with bcrypt (supports only $2a$ algorithm)
# - none : passwords are not hashed/encrypted
# default value is bcrypt
password-encoding-algo: bcrypt
users:
- user:
username: admin
password: $2a$10$Ihk05VSds5rUSgMdsMVi9OKMIx2yUvMz7y9VP3rJmQeizZLrhLMyq
roles: ORGANIZATION:ADMIN,ENVIRONMENT:ADMIN
: memory, gravitee ldap. memory : gravitee.yml. gravitee MongoDB. , BCrypt $2a$. : admin : admin . UI, MongoDB gravitee.
Settings → USER MANAGEMENT → Groups
"+" .
Gateways , .
. , Sharding tags Tenant. .
, . Elasticsearch .
API
API - backend API.
BackEnd API, Swagger.
FastAPI backend API.
#!/bin/env python3
import uvicorn
from fastapi import FastAPI
app = FastAPI()
@app.get('/')
@app.get('/{name}')
def read_root(name: str = None):
"""
Hello world
:return: str = Hello world
"""
if name:
return {"Hello": name}
return {"Hello": "World"}
@app.get("/items/{item_id}")
@app.post("/items/{item_id}")
@app.put("/items/{item_id}")
def gpp_item(item_id: str):
"""
Get items
:param item_id: id
:return: dict
"""
return {"item_id": item_id}
if __name__ == "__main__":
uvicorn.run(app, host="0.0.0.0", port=8000)
API , .
! .
python3 main.py
, http://backend_server:8000/, ! , : http://backend_server:8000/Anton, ! FastAPI, : http://backend_server:8000/docs http://backend_server:8000/redoc . , API swagger . URL swagger .
. . , swagger !
Gravitee "+", "IMPORT FROM LINK", URL "IMPORT".
-
"IMPORT"!
API! ...
"START THE API" API .
"Plans" "+".
.
Keyless (public) "NEXT".
. "NEXT".
. "SAVE".
, "Staging"
- ! "PUBLISH"
- API.
"deploy your API" "OK"
APIs → Proxy → Entrypoints
API URL . "/fastapi". "virtual-hosts" IP. .
APIs → Proxy → GENERAL → CORS Cross-origin resource sharing.
APIs → Proxy → GENERAL → Deployments sharding tags, API.
APIs → Proxy → BACKEND SERVICES → Endpoints API .
Endpoint, .
"Target" http://backend_server:8000/, tenant, !
APIs → Proxy → Deployments sharding tags, API. Sharding tags "service-tag".
APIs → Design , .
APIs → Analytics → Overview API.
APIs → Analytics → Logs .
APIs → Audit , API.
, .
, , , API.
http://gravitee_host:8082/fastapi/ , :
APIs → Analytics → Overview/Logs .
, , ! , APIM Gravitee, , API swagger , . , , , . . APIM Gravitee. : https://t.me/gravitee_ru, .