commit 671b2346fbc9f6e5e91d0707a964c9a30db1a31a Author: Nicolas Massé Date: Fri Nov 30 16:01:32 2018 +0100 first examples diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e6b6608 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +*.retry +*.crt +*.csr +*.key diff --git a/hello-world/config/apicast.conf b/hello-world/config/apicast.conf new file mode 100644 index 0000000..cf0d8d2 --- /dev/null +++ b/hello-world/config/apicast.conf @@ -0,0 +1,43 @@ +{ + "services": [ + { + "id": 1234, + "backend_version": 1, + "proxy": { + "api_backend": "http://127.0.0.1:8081", + "hostname_rewrite": "echo", + "hosts": [ + "localhost", + "127.0.0.1" + ], + "backend": { + "endpoint": "http://127.0.0.1:8081", + "host": "echo" + }, + "policy_chain": [ + { "name": "apicast.policy.apicast" } + ], + "proxy_rules": [ + { + "http_method": "GET", + "pattern": "/", + "metric_system_name": "hits", + "delta": 1 + }, + { + "http_method": "POST", + "pattern": "/", + "metric_system_name": "hits", + "delta": 1 + }, + { + "http_method": "PUT", + "pattern": "/", + "metric_system_name": "hits", + "delta": 1 + } + ] + } + } + ] +} \ No newline at end of file diff --git a/hello-world/hello-world.yaml b/hello-world/hello-world.yaml new file mode 100644 index 0000000..913d678 --- /dev/null +++ b/hello-world/hello-world.yaml @@ -0,0 +1,35 @@ +--- + +- name: Deploy an APIcast gateway with the Echo API + gather_facts: no + hosts: localhost + tasks: + - name: Deploy APIcast + docker_container: + name: apicast-hello-world + image: quay.io/3scale/apicast:v3.3.0 + volumes: + - '{{ playbook_dir }}/config:/config:ro' + env: + THREESCALE_CONFIG_FILE: /config/apicast.conf + ports: + - 8080:8080 + cleanup: yes + detach: yes + state: started + + - name: Wait for APIcast to start + pause: + seconds: 5 + + - name: Ensure the Echo API is working + uri: + url: http://localhost:8080/?user_key=dummy + method: GET + timeout: 5 + status_code: 200 + + - name: Delete APIcast + docker_container: + name: apicast-hello-world + state: absent \ No newline at end of file diff --git a/path-routing/config/apicast.conf b/path-routing/config/apicast.conf new file mode 100644 index 0000000..bb2caba --- /dev/null +++ b/path-routing/config/apicast.conf @@ -0,0 +1,71 @@ +{ + "services": [ + { + "id": 123, + "backend_version": 1, + "proxy": { + "api_backend": "http://127.0.0.1:8081", + "hostname_rewrite": "echo", + "hosts": [ + "localhost" + ], + "backend": { + "endpoint": "http://127.0.0.1:8081", + "host": "echo" + }, + "policy_chain": [ + { "name": "apicast.policy.apicast" }, + { + "name": "apicast.policy.headers", + "configuration": { + "response": [ + { "op": "set", "header": "X-SVC", "value": "svc1" } + ] + } + } + ], + "proxy_rules": [ + { + "http_method": "GET", + "pattern": "/svc1", + "metric_system_name": "hits", + "delta": 1 + } + ] + } + }, { + "id": 456, + "backend_version": 1, + "proxy": { + "api_backend": "http://127.0.0.1:8081", + "hostname_rewrite": "echo", + "hosts": [ + "localhost" + ], + "backend": { + "endpoint": "http://127.0.0.1:8081", + "host": "echo" + }, + "policy_chain": [ + { "name": "apicast.policy.apicast" }, + { + "name": "apicast.policy.headers", + "configuration": { + "response": [ + { "op": "set", "header": "X-SVC", "value": "svc2" } + ] + } + } + ], + "proxy_rules": [ + { + "http_method": "GET", + "pattern": "/svc2", + "metric_system_name": "hits", + "delta": 1 + } + ] + } + } + ] +} \ No newline at end of file diff --git a/path-routing/path-routing.yaml b/path-routing/path-routing.yaml new file mode 100644 index 0000000..64114ad --- /dev/null +++ b/path-routing/path-routing.yaml @@ -0,0 +1,55 @@ +--- + +- name: Deploy an APIcast gateway with Path Routing enabled + gather_facts: no + hosts: localhost + tasks: + - name: Deploy APIcast + docker_container: + name: apicast-path-routing + image: quay.io/3scale/apicast:v3.3.0 + volumes: + - '{{ playbook_dir }}/config:/config:ro' + env: + THREESCALE_CONFIG_FILE: /config/apicast.conf + APICAST_PATH_ROUTING: 'true' + ports: + - 8080:8080 + cleanup: yes + detach: yes + state: started + + - name: Wait for APIcast to start + pause: + seconds: 5 + + - name: Ensure Service1 is working + uri: + url: http://localhost:8080/svc1?user_key=dummy + method: GET + timeout: 5 + status_code: 200 + register: response + + - name: The X-SVC HTTP header must be equal to "svc1" + assert: + that: + - response.x_svc == 'svc1' + + - name: Ensure Service2 is working + uri: + url: http://localhost:8080/svc2?user_key=dummy + method: GET + timeout: 5 + status_code: 200 + register: response + + - name: The X-SVC HTTP header must be equal to "svc2" + assert: + that: + - response.x_svc == 'svc2' + + - name: Delete APIcast + docker_container: + name: apicast-path-routing + state: absent \ No newline at end of file diff --git a/with-https/config/apicast.conf b/with-https/config/apicast.conf new file mode 100644 index 0000000..cf0d8d2 --- /dev/null +++ b/with-https/config/apicast.conf @@ -0,0 +1,43 @@ +{ + "services": [ + { + "id": 1234, + "backend_version": 1, + "proxy": { + "api_backend": "http://127.0.0.1:8081", + "hostname_rewrite": "echo", + "hosts": [ + "localhost", + "127.0.0.1" + ], + "backend": { + "endpoint": "http://127.0.0.1:8081", + "host": "echo" + }, + "policy_chain": [ + { "name": "apicast.policy.apicast" } + ], + "proxy_rules": [ + { + "http_method": "GET", + "pattern": "/", + "metric_system_name": "hits", + "delta": 1 + }, + { + "http_method": "POST", + "pattern": "/", + "metric_system_name": "hits", + "delta": 1 + }, + { + "http_method": "PUT", + "pattern": "/", + "metric_system_name": "hits", + "delta": 1 + } + ] + } + } + ] +} \ No newline at end of file diff --git a/with-https/with-https.yaml b/with-https/with-https.yaml new file mode 100644 index 0000000..2645f2d --- /dev/null +++ b/with-https/with-https.yaml @@ -0,0 +1,61 @@ +--- + +- name: Deploy an APIcast gateway with HTTPS + gather_facts: no + hosts: localhost + tasks: + - name: Generate a private key + openssl_privatekey: + path: '{{ playbook_dir }}/config/tls.key' + size: 1024 + state: present + + - name: Generate a CSR + openssl_csr: + path: '{{ playbook_dir }}/config/tls.csr' + privatekey_path: '{{ playbook_dir }}/config/tls.key' + common_name: localhost + subject_alt_name: 'DNS:localhost' + state: present + + - name: Generate a self-signed certificate + openssl_certificate: + path: '{{ playbook_dir }}/config/tls.crt' + privatekey_path: '{{ playbook_dir }}/config/tls.key' + csr_path: '{{ playbook_dir }}/config/tls.csr' + provider: selfsigned + state: present + + - name: Deploy APIcast + docker_container: + name: apicast-https + image: quay.io/3scale/apicast:v3.3.0 + volumes: + - '{{ playbook_dir }}/config:/config:ro' + env: + THREESCALE_CONFIG_FILE: /config/apicast.conf + APICAST_HTTPS_PORT: 8443 + APICAST_HTTPS_CERTIFICATE: /config/tls.crt + APICAST_HTTPS_CERTIFICATE_KEY: /config/tls.key + ports: + - 8443:8443 + cleanup: yes + detach: yes + state: started + + - name: Wait for APIcast to start + pause: + seconds: 5 + + - name: Ensure the Echo API is working + uri: + url: https://localhost:8443/?user_key=dummy + method: GET + timeout: 5 + status_code: 200 + validate_certs: no + + - name: Delete APIcast + docker_container: + name: apicast-https + state: absent \ No newline at end of file