mayorova/README.md

## README.md

      
    Raw
  

              README.md
            
          
    Start

docker-compose up

Make API calls

HTTP backend:

curl -v -k "https://localhost:8843/hello" -H "user-key: key"
curl -v -k -X POST "https://localhost:8843/hello" -H "user-key: key" -d '{"hello":"world"}'

HTTPS backend:

curl -v -k "https://localhost:8843/secure/hello" -H "user-key: key"
curl -v -k -X POST "https://localhost:8843/secure/hello" -H "user-key: key" -d '{"hello":"world"}'
Direct curl with proxy

curl -v -k -x http://proxy.foo:3128 "https://echo.foo:8443/hello" -H "user-key: key"
curl -v -k -X POST -x http://proxy.foo:3128 "https://echo.foo:8443/hello" -H "user-key: key" -d '{"hello":"world"}'

  
## docker-compose.yml
version: '2'
services:
  apicast:
    image: registry.access.redhat.com/3scale-amp24/apicast-gateway:latest
    environment:
      # THREESCALE_PORTAL_ENDPOINT: http://whatever-admin.local.foo:3000
      # THREESCALE_PORTAL_ENDPOINT: THREESCALE_PORTAL_ENDPOINT=https://01cfb707316d21f6d70bf7becd5a0dc505b0b2a56d3e3fe2931e2efa6cfe2542@daria-admin.3scale.net
      # THREESCALE_PORTAL_ENDPOINT: https://80410f50ae2c4bbc94f1d3a999adb4ff0bf5b643e4f79531c67d753b08b6c2ae@url-rewrite-demo-admin.3scale.net
      THREESCALE_CONFIG_FILE: /opt/app-root/config.json
      THREESCALE_DEPLOYMENT_ENV: staging
      APICAST_MANAGEMENT_API: debug
      APICAST_LOG_LEVEL: debug
      APICAST_CONFIGURATION_LOADER: boot
      APICAST_OIDC_LOG_LEVEL: debug
      # APICAST_CONFIGURATION_CACHE: 60
      # APICAST_SERVICES_LIST: 2555417757540
      # APICAST_SERVICES_LIST: 2555417742248
      # OPENTRACING_TRACER: jaeger
      # http_proxy: http://proxy.foo:3128
      # https_proxy: http://proxy.foo:3128
      # no_proxy: 127.0.0.1
      # OPENSSL_VERIFY: 'true'
      # APICAST_HTTPS_CERTIFICATE: /opt/app-root/certs/server.crt
      # APICAST_HTTPS_CERTIFICATE_KEY: /opt/app-root/certs/server.key
      # APICAST_HTTPS_PORT: 8843
    ports:
      - "8080:8080"
      - "8090:8090"
      # - "8843:8843"
      # - "9421:9421"
    volumes:
      # - ./certs/server.crt:/opt/app-root/certs/server.crt
      # - ./certs/server.key:/opt/app-root/certs/server.key
      # - ./dnsmasq/extra.conf:/etc/dnsmasq.d/extra.conf
      # - ../gateway/src/apicast/http_proxy.lua:/opt/app-root/src/src/apicast/http_proxy.lua
      # - ../gateway/src/resty/http/proxy.lua:/opt/app-root/src/src/resty/http/proxy.lua
      # - ../gateway/src/resty/resolver/http.lua:/opt/app-root/src/resty/resolver/http.lua
      - ./configs/minimal.json:/opt/app-root/config.json

  echo.foo:
    image: openresty/openresty:centos
    ports:
      - "3000:3000"
      # - "8443:8443"
    volumes:
      - ./echo/nginx.conf:/usr/local/openresty/nginx/conf/nginx.conf
      # - ./certs/server.crt:/usr/local/openresty/nginx/conf/certs/server.crt
      # - ./certs/server.key:/usr/local/openresty/nginx/conf/certs/server.key
    # environment:
    #   FOO: "bar"

  # proxy.foo:
  #   image: sameersbn/squid:3.5.27
  #   ports:
  #     - "3128:3128"
  #   volumes:
  #     - ./squid/cache:/var/spool/squid
  #     - ./squid/logs:/var/log/squid
  #     - ./squid/squid.conf:/etc/squid/squid.conf

  # whatever-admin.local.foo:
  #   image: openresty/openresty:centos
  #   ports:
  #     - "3000:3000"
  #     - "8443:8443"
  #   volumes:
  #     - ./echo/nginx.conf:/usr/local/openresty/nginx/conf/nginx.conf
  #     - ./certs/server.crt:/usr/local/openresty/nginx/conf/certs/server.crt
  #     - ./certs/server.key:/usr/local/openresty/nginx/conf/certs/server.key

  # tcpdump:
  #   image: kaazing/tcpdump
  #   network_mode: "host"
  #   volumes:
  #     - ./tcpdump:/tcpdump
  #   command: ["-A", "-s", "0", "-v", "-i", "any", "-w", "/tcpdump/tcpdump.pcap"]

## minimal.json
{
  "services": [
    {
      "id": 1,
      "name": "Minimal",
      "system_name": "minimal",
      "backend_version": "1",
      "backend_authentication_type": "service_token",
      "backend_authentication_value": "servicetoken",
      "proxy": {
        "id": 1,
        "service_id": 1,
        "api_backend": "http://echo.foo:3000",
        "auth_app_key": "app_key",
        "auth_app_id": "app_id",
        "auth_user_key": "user-key",
        "credentials_location": "headers",
        "error_auth_failed": "Authentication failed",
        "error_auth_missing": "Authentication parameters missing",
        "error_status_auth_failed": 403,
        "error_headers_auth_failed": "text/plain; charset=us-ascii",
        "error_status_auth_missing": 403,
        "error_headers_auth_missing": "text/plain; charset=us-ascii",
        "error_no_match": "No Mapping Rule matched",
        "error_status_no_match": 404,
        "error_headers_no_match": "text/plain; charset=us-ascii",
        "secret_token": "Shared_secret_sent_from_proxy_to_API_backend",
        "hostname_rewrite": "",
        "oauth_login_url": null,
        "oidc_issuer_endpoint": "",
        "authentication_method": "1",
        "hosts": [
          "localhost"
        ],
        "backend": {
          "endpoint": "http://127.0.0.1:8081",
          "host": "backend"
        },
        "policy_chain": [
          {
            "name": "apicast",
            "version": "builtin",
            "configuration": {}
          }
        ],
        "proxy_rules": [
          {
            "http_method": "GET",
            "pattern": "/",
            "metric_system_name": "hits",
            "delta": 1,
            "parameters": [],
            "querystring_parameters": {}
          },
          {
            "http_method": "POST",
            "pattern": "/",
            "metric_system_name": "hits",
            "delta": 1,
            "parameters": [],
            "querystring_parameters": {}
          }
        ]
      }
    }
  ]
}

## nginx.conf

worker_processes  1;
error_log /dev/stdout info;

events {
  worker_connections  16192;
  multi_accept        on;
}

http {
  sendfile           on;
  tcp_nopush         on;
  tcp_nodelay        on;
  # merge_slashes     off;

  underscores_in_headers on;

  error_log logs/error.log debug;

  client_body_timeout 10s;

  # server {
  #   listen 8443 ssl;

  #   ssl_certificate certs/server.crt;
  #   ssl_certificate_key certs/server.key;

  #   server_name _;

  #   resolver 8.8.8.8;

  #   location / {
  #     # Return the original request
  #     echo_duplicate 1 $echo_client_request_headers;
  #     echo "\r";
  #     echo_read_request_body;
  #     echo $request_body;
  #   }
  # }

  server {
    listen 3000;
    server_name _;

    resolver 8.8.8.8;

    location /test {

      # Set the sleep time in seconds (0.020 is 20ms)
      # echo_sleep 5;

      # rewrite_by_lua_block {
      #   ngx.sleep(5)
      # }

      # Return the original request
      echo_duplicate 1 $echo_client_request_headers;
      echo "\r";
      echo_read_request_body;
      echo $request_body;

      # The following string is 1024 characters long
      # In order to send N bytes, just change 1 to N
      # echo_duplicate 1 'cfxepfETyLkupKEK36NbDXZsCsK9oomcMUR2hBlt3bScMml4GcEAmCbb7GmQYehVeGgdZ8HOU0YejTwzIjslvEFUqiMfSLcdqvNLkCfhkXV124Z78Do60QxrKT8syoNkZwdYf4FyEtvPFrFajQd2ovxAqwqHg0oodn0jeenC6Aur8W2iO3Vv8jco4YJ4VOvWSix1vvtbcor52xOfk9WCXrREBJ6JN2ycg0UIdWBpxqis5FwsfvGOdm7K9cTOmNoE7R8FzuwtpABnH5udjChPQ20bfi17T2T5lVn7bEeYvlbRjt2d4PzXslhKjvlGhmx7JFJADIzHDR5X5H4YTyDjW2wipYD3m3ppoQ1Ifl49w4tU94e37KKWq5OtSCuAFf94RqC7Y9LUmFaSXYqnCbluYQlgCMLCGrEXnb0AntRuWcISviYKQizL5nSi0JG9aYIq88mxBHroFA1kbjpkGuRDa5M5nVsQfk0JX7z6ELt6wWa388IVHfzCEi8SegrZV29yLDo1mwzYGW3NkLawy7VH3rvGV5HYpItV7wMZAkNGRNBaxqKVA7CoHvGf7dUij2J4YeRQW2e8NmdvcUPcIu9Txv3VEuhdFPWL5HOgEfb5KDivHMCk3dg37oJMBcQTjQpeuaxJw4qTELce3VtLnzJOlhHpOXCBMdw4i0q79w49v0dSwJQLvgdlV3rDpIAIYatvRdqLNVi7IYbq8Mu2P6MQQWnmbTRo81ZQvSUKgEumtkfCuGZP7pfhOaY4gXKP5ECMvYMSfKomEOFZYV8BXQ20S1TvnVcMPJm2NAOmURSiDCoxj6pqvxY6l6JEK57MxVI8gOXILdHyMkUYUmt4aFJiArrFeDNlnTdshFJgFcPukrM7pNMEeKMfbzm88AfMREWuCjgYkRd3eX6WmKfe7vYFxZfRFsfcNZOLD7Bdgj4E3mEcSk2OOcbT0GiTVQnTlM0ZjmRI74dJYiIhESzwuTKeHrReQqZaeGo6V2rqvSdmHR8ogXJBcGV9J6Rpj0ZrDdeI';

    }
  }
}
	version: '2'
	services:
	apicast:
	image: registry.access.redhat.com/3scale-amp24/apicast-gateway:latest
	environment:
	# THREESCALE_PORTAL_ENDPOINT: http://whatever-admin.local.foo:3000
	# THREESCALE_PORTAL_ENDPOINT: THREESCALE_PORTAL_ENDPOINT=https://01cfb707316d21f6d70bf7becd5a0dc505b0b2a56d3e3fe2931e2efa6cfe2542@daria-admin.3scale.net
	# THREESCALE_PORTAL_ENDPOINT: https://80410f50ae2c4bbc94f1d3a999adb4ff0bf5b643e4f79531c67d753b08b6c2ae@url-rewrite-demo-admin.3scale.net
	THREESCALE_CONFIG_FILE: /opt/app-root/config.json
	THREESCALE_DEPLOYMENT_ENV: staging
	APICAST_MANAGEMENT_API: debug
	APICAST_LOG_LEVEL: debug
	APICAST_CONFIGURATION_LOADER: boot
	APICAST_OIDC_LOG_LEVEL: debug
	# APICAST_CONFIGURATION_CACHE: 60
	# APICAST_SERVICES_LIST: 2555417757540
	# APICAST_SERVICES_LIST: 2555417742248
	# OPENTRACING_TRACER: jaeger
	# http_proxy: http://proxy.foo:3128
	# https_proxy: http://proxy.foo:3128
	# no_proxy: 127.0.0.1
	# OPENSSL_VERIFY: 'true'
	# APICAST_HTTPS_CERTIFICATE: /opt/app-root/certs/server.crt
	# APICAST_HTTPS_CERTIFICATE_KEY: /opt/app-root/certs/server.key
	# APICAST_HTTPS_PORT: 8843
	ports:
	- "8080:8080"
	- "8090:8090"
	# - "8843:8843"
	# - "9421:9421"
	volumes:
	# - ./certs/server.crt:/opt/app-root/certs/server.crt
	# - ./certs/server.key:/opt/app-root/certs/server.key
	# - ./dnsmasq/extra.conf:/etc/dnsmasq.d/extra.conf
	# - ../gateway/src/apicast/http_proxy.lua:/opt/app-root/src/src/apicast/http_proxy.lua
	# - ../gateway/src/resty/http/proxy.lua:/opt/app-root/src/src/resty/http/proxy.lua
	# - ../gateway/src/resty/resolver/http.lua:/opt/app-root/src/resty/resolver/http.lua
	- ./configs/minimal.json:/opt/app-root/config.json

	echo.foo:
	image: openresty/openresty:centos
	ports:
	- "3000:3000"
	# - "8443:8443"
	volumes:
	- ./echo/nginx.conf:/usr/local/openresty/nginx/conf/nginx.conf
	# - ./certs/server.crt:/usr/local/openresty/nginx/conf/certs/server.crt
	# - ./certs/server.key:/usr/local/openresty/nginx/conf/certs/server.key
	# environment:
	# FOO: "bar"

	# proxy.foo:
	# image: sameersbn/squid:3.5.27
	# ports:
	# - "3128:3128"
	# volumes:
	# - ./squid/cache:/var/spool/squid
	# - ./squid/logs:/var/log/squid
	# - ./squid/squid.conf:/etc/squid/squid.conf

	# whatever-admin.local.foo:
	# image: openresty/openresty:centos
	# ports:
	# - "3000:3000"
	# - "8443:8443"
	# volumes:
	# - ./echo/nginx.conf:/usr/local/openresty/nginx/conf/nginx.conf
	# - ./certs/server.crt:/usr/local/openresty/nginx/conf/certs/server.crt
	# - ./certs/server.key:/usr/local/openresty/nginx/conf/certs/server.key

	# tcpdump:
	# image: kaazing/tcpdump
	# network_mode: "host"
	# volumes:
	# - ./tcpdump:/tcpdump
	# command: ["-A", "-s", "0", "-v", "-i", "any", "-w", "/tcpdump/tcpdump.pcap"]
	{
	"services": [
	{
	"id": 1,
	"name": "Minimal",
	"system_name": "minimal",
	"backend_version": "1",
	"backend_authentication_type": "service_token",
	"backend_authentication_value": "servicetoken",
	"proxy": {
	"id": 1,
	"service_id": 1,
	"api_backend": "http://echo.foo:3000",
	"auth_app_key": "app_key",
	"auth_app_id": "app_id",
	"auth_user_key": "user-key",
	"credentials_location": "headers",
	"error_auth_failed": "Authentication failed",
	"error_auth_missing": "Authentication parameters missing",
	"error_status_auth_failed": 403,
	"error_headers_auth_failed": "text/plain; charset=us-ascii",
	"error_status_auth_missing": 403,
	"error_headers_auth_missing": "text/plain; charset=us-ascii",
	"error_no_match": "No Mapping Rule matched",
	"error_status_no_match": 404,
	"error_headers_no_match": "text/plain; charset=us-ascii",
	"secret_token": "Shared_secret_sent_from_proxy_to_API_backend",
	"hostname_rewrite": "",
	"oauth_login_url": null,
	"oidc_issuer_endpoint": "",
	"authentication_method": "1",
	"hosts": [
	"localhost"
	],
	"backend": {
	"endpoint": "http://127.0.0.1:8081",
	"host": "backend"
	},
	"policy_chain": [
	{
	"name": "apicast",
	"version": "builtin",
	"configuration": {}
	}
	],
	"proxy_rules": [
	{
	"http_method": "GET",
	"pattern": "/",
	"metric_system_name": "hits",
	"delta": 1,
	"parameters": [],
	"querystring_parameters": {}
	},
	{
	"http_method": "POST",
	"pattern": "/",
	"metric_system_name": "hits",
	"delta": 1,
	"parameters": [],
	"querystring_parameters": {}
	}
	]
	}
	}
	]
	}

	worker_processes 1;
	error_log /dev/stdout info;

	events {
	worker_connections 16192;
	multi_accept on;
	}

	http {
	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	# merge_slashes off;

	underscores_in_headers on;

	error_log logs/error.log debug;

	client_body_timeout 10s;

	# server {
	# listen 8443 ssl;

	# ssl_certificate certs/server.crt;
	# ssl_certificate_key certs/server.key;

	# server_name _;

	# resolver 8.8.8.8;

	# location / {
	# # Return the original request
	# echo_duplicate 1 $echo_client_request_headers;
	# echo "\r";
	# echo_read_request_body;
	# echo $request_body;
	# }
	# }

	server {
	listen 3000;
	server_name _;

	resolver 8.8.8.8;

	location /test {

	# Set the sleep time in seconds (0.020 is 20ms)
	# echo_sleep 5;

	# rewrite_by_lua_block {
	# ngx.sleep(5)
	# }

	# Return the original request
	echo_duplicate 1 $echo_client_request_headers;
	echo "\r";
	echo_read_request_body;
	echo $request_body;

	# The following string is 1024 characters long
	# In order to send N bytes, just change 1 to N
	# echo_duplicate 1 'cfxepfETyLkupKEK36NbDXZsCsK9oomcMUR2hBlt3bScMml4GcEAmCbb7GmQYehVeGgdZ8HOU0YejTwzIjslvEFUqiMfSLcdqvNLkCfhkXV124Z78Do60QxrKT8syoNkZwdYf4FyEtvPFrFajQd2ovxAqwqHg0oodn0jeenC6Aur8W2iO3Vv8jco4YJ4VOvWSix1vvtbcor52xOfk9WCXrREBJ6JN2ycg0UIdWBpxqis5FwsfvGOdm7K9cTOmNoE7R8FzuwtpABnH5udjChPQ20bfi17T2T5lVn7bEeYvlbRjt2d4PzXslhKjvlGhmx7JFJADIzHDR5X5H4YTyDjW2wipYD3m3ppoQ1Ifl49w4tU94e37KKWq5OtSCuAFf94RqC7Y9LUmFaSXYqnCbluYQlgCMLCGrEXnb0AntRuWcISviYKQizL5nSi0JG9aYIq88mxBHroFA1kbjpkGuRDa5M5nVsQfk0JX7z6ELt6wWa388IVHfzCEi8SegrZV29yLDo1mwzYGW3NkLawy7VH3rvGV5HYpItV7wMZAkNGRNBaxqKVA7CoHvGf7dUij2J4YeRQW2e8NmdvcUPcIu9Txv3VEuhdFPWL5HOgEfb5KDivHMCk3dg37oJMBcQTjQpeuaxJw4qTELce3VtLnzJOlhHpOXCBMdw4i0q79w49v0dSwJQLvgdlV3rDpIAIYatvRdqLNVi7IYbq8Mu2P6MQQWnmbTRo81ZQvSUKgEumtkfCuGZP7pfhOaY4gXKP5ECMvYMSfKomEOFZYV8BXQ20S1TvnVcMPJm2NAOmURSiDCoxj6pqvxY6l6JEK57MxVI8gOXILdHyMkUYUmt4aFJiArrFeDNlnTdshFJgFcPukrM7pNMEeKMfbzm88AfMREWuCjgYkRd3eX6WmKfe7vYFxZfRFsfcNZOLD7Bdgj4E3mEcSk2OOcbT0GiTVQnTlM0ZjmRI74dJYiIhESzwuTKeHrReQqZaeGo6V2rqvSdmHR8ogXJBcGV9J6Rpj0ZrDdeI';

	}
	}
	}