I've created several RESTful microservices and dockerized them. Now I want to have a web-based UI for them and the ability to create users and grant permissions to them to use some of the APIs.
I know that I need some kind of API gateway. My first thought was that I always could do that bruteforce way: create some django app that would serve UI and proxy all request to APIs by hand, but this seems very dull. Maybe there are some alternatives? I've ready about Tyk, but can't find any information about the ability to add users and grant permissions to them.
I probably could create an application that would serve as API gateway and automate proxying of requests by writing some code that would model that. So for example I basically need a mapping between external urls to actual api urls and some authorization logic. Maybe there are already something like that?
Unless I'm mistaken (I'm a bit new to containers) - I think all of these solutions from Amazon AWS (with AWS API Gateway itself in front of any of them for public access) would also fall in the category of freemium solutions for running / orchestrating Docker Container(s) behind a public API Gateway:
- AWS ECS - Elastic Container Service
- AWS EKS - Elastic Kubernetes Service
- AWS Fargate
Here are AWS blogs on using AWS API Gateway with them:
- Using Amazon API Gateway with microservices deployed on Amazon ECS
- API Gateway as an Ingress Controller for Amazon EKS
And depending on your requirements, either of these (also from Amazon AWS) should also meet requirements for users, accounts, permissions, authorization, etc:
- AWS Identity Access Management
- AWS Cognito
By the way, I don't think any intermediary management / compute / server should be necessary for architecting with any of those (although compute from AWS EC2 and/or AWS Lambda could still be inserted for any purpose), as they are all AWS services [that manage their functionality] unto themselves.
I was looking for something similar, including support for rate limiting, UI console, etc. It boils down to a few freemium tools like:
- apigee
- mashape
- apiary
- 3scale.net
and a few open source ones:
- tyk
- kong
- ApiAxle
- WSO2
- API Umbrella
I've decided on tyk since it has a nice UI console and solid docs. All of them were mentioned on Quora, which is nice when you want to go shopping :)
If you like getting your hands dirty, you could quite easily implement your own simplified API Gateway. I believe this approach perfectly fits into microservice paradigm - implement simple service with limited functionality that does only one thing, but does it well.
I've written a tutorial on this subject (implementing simple API Gateway for Dockerized microservices with Node.js). My example is about 100 lines of JavaScript code, it uses node-docker-monitor to listen to Docker events and http-proxy to handle HTTP requests from the clients.
https://memz.co/api-gateway-microservices-docker-node-js/
or alternative solution with SkyDNS and Nginx
https://memz.co/reverse-proxy-nginx-docker-microservices/