tykでAPI Gatewayを作りました。
本ページではGateway REST APIの作成手順を紹介します。
実装環境
$ sw_vers
ProductName: Mac OS X
ProductVersion: 10.12.6
BuildVersion: 16G1314
参考文献
tyk docsの内容を日本語で紹介します。
補足説明を追加しました。
前提条件
1. 以下の手順が完了していること。
tykでAPI Gatewayを作ってみた【パート1: コンポーネント起動編】
https://qiita.com/yuke/items/7ae1a8f128f6c9666638
tykでAPI Gatewayを作ってみた【パート2: フリーライセンス設定編】
https://qiita.com/yuke/items/3af46d5687e88df7abaf
2. 各tykコンポーネントが起動していること。
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d2e747682911 tykio/tyk-dashboard "/opt/tyk-dashboard/…" 2 hours ago Up 2 hours 0.0.0.0:3000->3000/tcp, 5000/tcp tyk_dashboard
a795dffcb319 tykio/tyk-pump-docker-pub "/opt/tyk-pump/tyk-p…" 2 hours ago Up 2 hours tyk_pump
3ee9ce03c05d mongo "docker-entrypoint.s…" 2 hours ago Up 2 hours 27017/tcp tyk_mongo
b10dfc0ab897 tykio/tyk-gateway "./entrypoint.sh" 2 hours ago Up 2 hours 0.0.0.0:8080->8080/tcp tyk_gateway
eddda2d57848 redis "docker-entrypoint.s…" 2 hours ago Up 2 hours 6379/tcp tyk_redis
手順
- jsonファイルの作成
- API Keyの作成
1. jsonファイルの作成
API Secretの取得 (tyk.confの"secret")
$ docker exec -it tyk_gateway bash
$ cat tyk.conf
{
"listen_port": 8080,
"secret": <<省略>>
"template_path": "/opt/tyk-gateway/templates",
"tyk_js_path": "/opt/tyk-gateway/js/tyk.js",
"middleware_path": "/opt/tyk-gateway/middleware",
"use_db_app_configs": false,
"app_path": "/opt/tyk-gateway/apps/",
"storage": {
"type": "redis",
"host": "redis",
"port": 6379,
"username": "",
"password": "",
"database": 0,
"optimisation_max_idle": 100
},
<<省略>>
test APIのjsonファイルの作成
api1.jsonを作成して以下のコードをコピペ
$ vi api1.json
{
"name": "Test API",
"slug": "test-api",
"api_id": "1",
"org_id": "1",
"auth": {
"auth_header_name": "Authorization"
},
"definition": {
"location": "header",
"key": "x-api-version"
},
"version_data": {
"not_versioned": true,
"versions": {
"Default": {
"name": "Default",
"use_extended_paths": true
}
}
},
"proxy": {
"listen_path": "/test-api/",
"target_url": "http://httpbin.org/",
"strip_listen_path": true
},
"active": true
}
api1.jsonをtyk_gatewayの/appsに格納(パート1で作成)
$ mv api1.json ./apps/.
tyk_gatewayを再起動。
$ docker restart tyk_gateway
tyk_gatewayのlogでAPIのloadを確認
<<省略>>
time="May 20 08:19:12" level=info msg="Loading policies"
time="May 20 08:19:12" level=info msg="Starting gateway rate limiter notifications..."
time="May 20 08:19:12" level=info msg="Policies found (1 total):"
time="May 20 08:19:12" level=info msg=" - default"
time="May 20 08:19:12" level=info msg="Loading API Specification from /opt/tyk-gateway/apps/api1.json"
time="May 20 08:19:12" level=info msg="Detected 1 APIs"
time="May 20 08:19:12" level=info msg="Preparing new router"
time="May 20 08:19:12" level=info msg="Initialising Tyk REST API Endpoints"
time="May 20 08:19:12" level=info msg="Loading API configurations."
time="May 20 08:19:12" level=info msg="Tracking hostname" api_name="Test API" domain="(no host)"
time="May 20 08:19:12" level=info msg="Loading API" api_name="Test API"
time="May 20 08:19:12" level=warning msg="The Health Checker is deprecated and we do no longer recommend its use."
time="May 20 08:19:12" level=info msg="Checking security policy: Token" api_name="Test API"
time="May 20 08:19:12" level=info msg="Processed and listening on: /test-api/{rest:.*}"
time="May 20 08:19:12" level=info msg="Loading uptime tests..."
time="May 20 08:19:12" level=info msg="Initialised API Definitions"
time="May 20 08:19:12" level=info msg="API reload complete"
<<省略>>
APIの動作確認
$ curl -H "Authorization: null" http://dashboard.tyk.docker:8080/test-api/get
{
"error": "Key not authorised"
}
2. API Keyの作成
test APIのAPI Keyの作成
$ curl -H "x-tyk-authorization: <<secret省略>>" -s -H "Content-Type: application/json" -X POST -d '{ "allowance": 1000, "rate": 1000, "per": 1, "expires": -1, "quota_max": -1, "quota_renews": 1449051461, "quota_remaining": -1, "quota_renewal_rate": 60, "access_rights": { "1": { "api_id": "1", "api_name": "Test API", "versions": ["Default"] } }, "meta_data": {} }' http://dashboard.tyk.docker:8080/tyk/keys/create | python -mjson.tool
{
"key": <<API key省略>>,
"status": "ok",
"action": "added",
"key_hash": "9efc33c0"
}
APIの動作確認
$ curl -H "Authorization: <<API key省略>>" http://dashboard.tyk.docker:8080/test-api/get
{
"args": {},
"headers": {
"Accept": "*/*",
"Accept-Encoding": "gzip",
"Authorization": <<API key省略>>,
"Host": "httpbin.org",
"User-Agent": "curl/7.35.0"
},
"origin": "178.62.11.62, 178.62.11.62",
"url": "http://httpbin.org/get"
}