Thứ Tư, 13 tháng 4, 2016

Configuring an API Gateway

Configuring an API Gateway

Looking for a basic introduction to the API Gateway? See the API Gateway 101 for answers to some frequently asked questions. See also API Gateway Domain.
The API Gateway points to the backend APIs and services that you define and abstracts them into a layer that the Anypoint Platform for APIs manages. Consumer applications invoke your services. APIs route to the endpoints that the gateway exposes to enforce runtime policies and collect and track analytics data. The API Gateway acts as a dedicated orchestration layer for all your backend APIs to separate orchestration from implementation concerns. The gateway leverages the governance capabilities of the Anypoint Platform for APIs, so that you can apply throttling, security, and other policies to your APIs.

Choosing a Gateway Type

Two types of API Gateway are available:
  • On premises (at your site)
  • In the cloud
Both types are specially configured versions of Mule runtimes and can communicate with the Anypoint Platform for APIs, including support for API auto-discovery.

On Premises

Use API Gateway On Premises if you want to install and manage the gateway behind your firewall. MuleSoft works with you to size the installation and provide a license for the API Gateway. Like all Mule runtimes, API Gateway for on premises requiresJDK 7 or 8 from Oracle.
Download API Gateway from the MuleSoft API Gateway downloads page.

In the Cloud

Use cloud API Gateway if you don’t want to install and maintain any MuleSoft software for your gateway. The cloud API Gateway is powered by CloudHub, MuleSoft’s integration platform as a service (iPaaS).

Using API Gateway

You can use the API Gateway in the following ways:
  • To manage an existing Mule API
  • To deploy a proxy

Managing an Existing Mule API

You need to perform the following tasks to manage an existing Mule API deployed on API Gateway, either on premises or in CloudHub:

Auto-Discovery

Auto-discovery ensures that the API Manager handles the following tasks:
  • Tracking the API and displaying its status
  • Applying policies
  • Sending analytics
If an API is not registered on Anypoint Platform, auto-discovery triggers that registration. If you manually register and deploy an API, you still need to enable auto-discovery to use the API Gateway.

Organization Credentials

You can configure Anypoint Studio to provide organization credentials when you deploy applications to Anypoint Platform from Studio.
If you are not using Anypoint Studio, configure API Gateway to provide these credentials.

Deploying a Proxy

Follow instructions on the Cloud Gateway tab in the Setting Up Your Gateway to deploy a proxy in API Gateway.

Limitations

API Gateway supports the following MuleSoft connectors only:
  • HTTP/S
  • Jetty
  • File
  • JDBC
  • WS-Consumer connectors
The API Gateway does not support MuleSoft batch components.
For more information about the limitations, contact Support by filing a ticket in the Support portal, linked from the top navigation bar in the Anypoint Platform.
Licensing Note: To utilize unsupported connectors or batch components you must license Mule ESB Enterprise.  

Security

Communication between the Anypoint Platform and the API Gateway is handled by the agent, which uses OAuth 2 for authentication. The Anypoint Platform for API’s agent packaged with the gateway interacts with the Anypoint Platform for APIs via a client ID and client secret. The Organization Administrator uses these credentials.
Each sub-organization within the organization also has a separate client ID and client secret for dealing with its corresponding APIs. The sub-organization owner uses these credentials.
You need to configure the client ID and client secret in the gateway before the gateway can connect with your Anypoint Platform for APIs organization. Read more about how the API Gateway works with the agent.
Note: For on premises, API Gateway uses outbound port 443 to communicate over HTTPS with Anypoint Platform. You can work with your system administrator to ensure API Gateway has access to this port.
If you set up the Gateway with a client ID and client secret that belong to the master organization, these credentials work for all of the APIs in the organization, including APIs under a sub-organization.
If you set up the Gateway with a client ID and client secret that belong to a sub-organization, then the credentials only work for APIs within that sub-organization.

Configuring Anypoint Studio for Integration with Your Anypoint Platform Organization

Before you configure your production gateway, you may want to configure Anypoint Studio to work with your Anypoint Platform organization for testing. First, download and install API Gateway Runtime from the Studio Update Site.
If you use this runtime when working with APIkit projects and API proxies, you can test connectivity with the platform and test any governance that you have applied to the endpoints.

Configuring Organization Credentials

Next, configure your client ID and client secret in Anypoint Studio:
  1. Obtain your Organization’s client ID and client secret. To do this, in the Anypoint Platform click the gear icon, go to the Organization tab, and click the name of your organization or corresponding Business Group.
  2. Open Anypoint Studio.
  3. Click Anypoint Studio > Preferences, and click the arrow next to Anypoint Studio to expand the node.
  4. Click Anypoint Platform for APIs.
  5. In the Client ID and Client Secret fields, paste the unique values for your organization or sub-organization.
  6. Leave the Host, Port, and Path defaults as they are and click OK.  
Your instance of Anypoint Studio is now set up to communicate with the Anypoint Platform for APIs.

Setting Up Your Gateway

On-Premises Gateway

To use API Gateway On Premises, you need to download a standalone API Gateway runtime. Use this API Gateway instance for your production deployments. Unless you have already done so, download the latest version ofAnypoint Studio. Anypoint Studio gives you access to APIkit, which you can use to build new APIs. You can also use it to modify or create proxy applications for your existing APIs.

Configuring Your Production API Gateway for Integration with the Anypoint Platform

Before installing API Gateway, refer to the Hardware and Software Requirements and work with MuleSoft support if you need assistance.
  1. Obtain your Organization’s client ID and client secret from an Organization Administrator or the client ID and client secret of your Business Group from the Business Group’s owner.
    To obtain these, log in to the Anypoint Platform as an administrator or Business Group owner, click the gear icon at the top-right and then select the Organization tab.
  2. Open the  wrapper.conf file in your <MULE_HOME>/conf folder.
    <MULE_HOME> is the value of the MULE_HOME variable employed by MuleSoft’s API Gateway, usually the root directory of the installation, such as /opt/Mule/api-gateway-1.3.0/.
  3. Paste the following code as a new item at the end of the list in your file:
    wrapper.java.additional.<n>=-Danypoint.platform.client_id=<PasteYourUniqueValueHere>
    wrapper.java.additional.<n>=-Danypoint.platform.client_secret=<PasteYourUniqueValueHere>
    Replace the value of  <n>  with the next incremental values over the previous entries in the list, then replace <PasteYourUniqueValueHere>  with the client ID and client secrets for your organization/Business Group.  
If you prefer, you can pass the token via the command line when starting the gateway instead of adding it to yourwrapper.conf file.
Start your gateway from the command line by running the following command (wrapped for readability—​combine into one line before using):
Mac/Linux/Unix:


1
2



MULE_HOME/bin/gateway -M-Danypoint.platform.client_id=PASTE_YOUR_VALUE_HERE
 -M-Danypoint.platform.client_secret=PASTE_YOUR_VALUE_HERE
Windows:


1
2



MULE_HOME\bin\gateway.bat -M-Danypoint.platform.client_id=PASTE_YOUR_VALUE_HERE
 -M-Danypoint.platform.client_secret=PASTE_YOUR_VALUE_HERE
The above commands start your gateway in the terminal foreground. To run the gateway in the terminal background, include the start parameter as the first parameter to the mulecommand. In this case, to stop the gateway, run gateway stop orgateway.bat stop.

Obtaining and Installing Your Enterprise License

If you are using a trial Anypoint Platform for APIs account, you can follow all the steps above without installing a license for trial purposes. The trial download of the API Gateway includes a 30-day trial license. However, for production deployments of the gateway, you need a license for your API Gateway instances. Contact your account representative or file a support ticket to obtain your license file.
Follow these steps to replace your trial license file with an Enterprise license for production use.
  1. If you haven’t already done so, contact MuleSoft to acquire an Enterprise license in the form of a license.lic file.
  2. If you are installing your license on multiple platforms, back up your new license.lic file in another location before proceeding.
  3. Open the terminal or command line on your system.
  4. For Mac/Unix/Linux, from the <MULE_HOME>/bin directory. Run the following command:    
    ./gateway -installLicense <path>/license.lic
    (Replace <path> with the full or relative path to your license file.)
    For Windows, first copy the  license.lic  file into the  <MULE_HOME>\binfolder. Then  cd to that directory and run the following command:
    gateway -installLicense license.lic
  5. The gateway removes the temporary trial license and replaces it with the Enterprise license. In the <MULE_HOME>/conf directory, the gateway saves a new file called muleLicenseKey.lic
  6. The gateway starts running automatically after you install the license.

Using API Gateway to Proxy Services

You can use the API Gateway to proxy your existing services with HTTP/HTTPS or Web Service Consumer connectors to the Anypoint Platform for APIs, wherever they are implemented. You can also include selected additional connectors, as specified in your subscription plan. Contact your account representative for details about allowed connectors. If you need to proxy other kinds of endpoints, such as JMS, WebSphere MQ, Anypoint Connectors, or any other endpoint protocols, please talk to your sales representative about upgrading your installation to a full Mule ESB or CloudHub account, so that you can take advantage of the full suite of endpoints and message processing capabilities of the Anypoint Platform.
Because the API Gateway acts as an orchestration layer for services and APIs implemented elsewhere, it’s technology-agnostic. You can proxy non-Mule services or APIs of any kind, as long as they expose HTTP/HTTPS, or endpoints for a Web Service Consumer. You can also proxy APIs that you design and build with API Designer and APIkit to the API Gateway to separate the orchestration from the implementation of those APIs.
Refer to the Mule User Guide or the Runtime Manager Documentation for reference information about using your API Gateway, keeping in mind the previously described usage restrictions.
Người đăng: vào lúc
Nhãn:

3 nhận xét:

  1. Unknownlúc 05:18 12 tháng 4, 2018

    the blog is good and Interactive it is about Mulesoft Anypoint Studio it is useful for students and Mulesoft Developers for more updates on Mulesoft mulesoft Online training bangalore

    Trả lờiXóa
  2. Priyalúc 03:55 26 tháng 9, 2019

    Thank you very much for sharing useful information

    Mulesoft Online Training
    Mulesoft Training in Hyderabad

    Trả lờiXóa
  3. Lavanyalúc 23:09 9 tháng 12, 2021

    Nice and good article. It is very useful for me to learn and understand easily. Thanks for sharing
    Mule 4 Training
    Best Mulesoft Online Training

    Trả lờiXóa

Đăng ký: Đăng Nhận xét (Atom)