带有 Google Cloud Functions 的微服务 Api 网关 [英] Api gateway for Microservices with Google Cloud Functions

本文介绍了带有 Google Cloud Functions 的微服务 Api 网关的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

例如,我们有一些服务.

For example, we have a few services.

  1. 账户服务
  2. 产品服务
  3. 支付服务

每项服务都是一个单独的 Google Cloud Function.每个服务都有自己的 HTTP API.例如账户服务有:

Each service is a separate Google Cloud Function. Each service has its own HTTP API. For example, the account service has:

  1. https://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions.net/account/sign-up
  2. https://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions.net/account/sign-in
  3. https://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions.net/account/reset-password

每个服务都有自己的 swagger 文档端点 /docs.

Each service has its own swagger documentation endpoint /docs.

如何将我的 Cloud Functions 设为私有(没有公共访问权限)并将它们置于某个 API 网关之后?

How can I make my Cloud Functions private (without public access) and place them behind some API Gateway?

Google 为 Cloud Functions 提供端点(请参阅 https://cloud.google.com/endpoints/docs/openapi/get-started-cloud-functions).但是,据我了解,Endpoints 只允许您定义 yaml OpenAPI 文件.

Google offers Endpoints for Cloud Functions (see https://cloud.google.com/endpoints/docs/openapi/get-started-cloud-functions ). But, as I understand it, Endpoints allow you to define only the yaml OpenAPI file.

在这个 yaml 文件中,我可以定义如下内容:

In this yaml file, I can define something like this:

swagger: '2.0'
info:
  title: Cloud Endpoints + GCF
  description: Sample API on Cloud Endpoints with a Google Cloud Functions backend
  version: 1.0.0
host: HOST
schemes:
  - https
produces:
  - application/json
paths:
  /hello:
    get:
      summary: Greet a user
      operationId: hello
      x-google-backend:
        address: https://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions.net/helloGET
      responses:
        '200':
          description: A successful response
          schema:
            type: string

但就我而言,我需要能够代理我的云功能(如反向代理).

But in my case, I need to have ability to proxy my cloud functions (like reverse proxy).

推荐答案

您可以使用端点.当然,您必须手动定义 OpenAPI yaml 文件(版本 2.0,而不是 3!).使用通配符和路径翻译定义

You can use endpoint. Of course, you have to define your OpenAPI yaml file manually (version 2.0, not 3!). Use wildcard and path translation definition

...
paths:
  /account/*:
      get:
        summary: sign-up a user
        operationId: sign-up
        x-google-backend:
          address: https://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions.net
          path_translation: APPEND_PATH_TO_ADDRESS
       responses:
          '200':
            description: A successful response
            schema:
              type: string

APPEND_PATH_TO_ADDRESS 只需将路径值粘贴到后端定义的末尾即可.顺便说一句,仅使用此定义,您就可以访问所有私有函数端点和子端点,例如您的 swagger 文档.

The APPEND_PATH_TO_ADDRESS simply paste the path value at the end of your backend definition. By the way, with only this definition, you can reach all your private function endpoint and sub-endpoint, like your swagger documentation.

您可以使用 API KEY 保护您的网关(我写了一篇关于此的文章)但文档中还有另一种安全解决方案.

You can protect your gateway with API KEY (I wrote an article on this) but there is also another security solution in the documentation.

但是您无法使用 Endpoint 提出的开发者门户,因为它基于 Endpoint yaml 文件定义,而不是聚合所有发现的服务定义(在您的 /docs 路径中).

However you couldn't use the developer portal proposed by Endpoint because it's based on the Endpoint yaml file definition and not aggregate all the discovered service definition (in your /docs path).

这篇关于带有 Google Cloud Functions 的微服务 Api 网关的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆