DO240 - ch03s02

Bookmark this page

Guided Exercise: Creating Self Managed APIcast Gateways

In this exercise, you will deploy a new APIcast Gateway that you will use in the staging environment.

Outcomes

You should be able to:

Install the APIcast Gateway operator.
Deploy a new APIcast Gateway in a different OpenShift project.
Create an OpenShift route to access to the gateway externally.
Test the gateway with a sample 3scale product.

As the student user on the workstation machine, use the lab command to prepare your system for this exercise.

[student@workstation ~]$ lab start gateways-apicast

The start function creates a 3scale product called apicast, which points to a backend that uses the 3scale Echo API. You will use this product in this exercise to test the self-managed APIcast.

Procedure 3.1. Instructions

Create a new OpenShift project called apicast, where you will deploy the APIcast custom resource. By deploying it in a different namespace, you simulate the logical isolation that you might require in a real-world scenario.
1. Log in to RHOCP:
```
[student@workstation ~]$ oc login \
-u=admin -p=redhat --server=https://api.ocp4.example.com:6443
...output omitted...
```
2. In a your command-line terminal, create the apicast project.
```
[student@workstation ~]$ oc new-project apicast
...output omitted...
```
Install the APIcast Gateway operator.
1. In a web browser, navigate to https://console-openshift-console.apps.ocp4.example.com, and log in to the OpenShift Console with the following credentials by using the htpasswd provider:
  - Username: admin
  - Password: redhat
2. In the left pane, click Operators → OperatorHub.
3. Type APIcast in the search text box input, and select the Red Hat Integration - 3scale APIcast gateway option. Then, click Install.
4. Complete the Install Operator form with the following options.
  - Installed Namespace: apicast
  Leave other fields with the default selected options. Then, click Install. The operator takes some time to install.
Create a personal access token in the default 3scale tenant, so that the APIcast operator can fetch the information from the APIManager.
1. In your command-line terminal, use the oc get secret command to retrieve the password for the 3scale tenant Admin Portal, where you will create the access token.
```
[student@workstation ~]$ oc get secret system-seed -n 3scale \
--template={{.data.ADMIN_PASSWORD}} | base64 -d; echo
```
  The default passwords of 3scale are stored in the system-seed secret. By executing the previous command, you retrieve the ADMIN_PASSWORD entry of the system-seed secret. Then, because the secret is encoded in Base64, you decode it.
2. Navigate to https://3scale-admin.apps.ocp4.example.com, the 3scale tenant Admin Portal. Log in with the the following credentials:
  - Username: admin
  - Password: Password from the system-seed secret
3. In the top pane, click Dashboard to display the drop-down menu. Then, click Account Settings.
4. In the left pane, click Personal → Tokens.
5. In the Access Tokens section, click Add Access Token. Complete the form according to the following values:
  - Name: apicast
  - Scopes: Account Management API
  - Permission: Read Only
  Then, click Create Access token. Save the access token displayed.
6. Create an OpenShift secret that contains the access token. You will use this secret later to authenticate the APIcast operator.
```
[student@workstation ~]$ oc create secret generic apicast-secret \
--from-literal=AdminPortalURL=https://ACCESS_TOKEN@3scale-admin.apps.ocp4.example.com
secret/apicast-secret created
```
  In the preceding command, replace ACCESS_TOKEN with your access token.
Deploy the APIcast custom resource. Use the the OpenShift secret created in the previous step.
1. By using a text editor of your preference, create a new file called apicast.yaml that contains the following snippet.
  You can use the /home/student/DO240/labs/gateways-apicast/apicast.yaml file.
```
apiVersion: apps.3scale.net/v1alpha1
kind: APIcast
metadata:
  name: custom-apicast
spec:
  adminPortalCredentialsRef:
    name: apicast-secret
  deploymentEnvironment: staging
  exposedHost:
    host: custom-apicast.apps.ocp4.example.com
    tls:
    - {}
  resources:
    limits:
      cpu: '0'
      memory: 128Mi
```
  The deploymentEnvironment parameter sets what environment this gateway replaces (either staging or production). The host parameter is the external route where your gateway is accessible.
2. Apply the APIcast resource by using the oc command.
```
[student@workstation ~]$ oc apply -f apicast.yaml
apicast.apps.3scale.net/custom-apicast created
```
Update the gateways_apicast product settings to use the self-managed APIcast Gateway. The gateways_apicast product was created for you when you executed the start function of this exercise.
1. In the 3scale tenant Admin Portal, click Products in the drop-down menu. Then click gateways_apicast.
2. In the left pane menu, click Integration → Settings. The settings page for the gateways_apicast product is displayed.
3. In the DEPLOYMENT section, select APIcast self-managed.
4. In the Staging Public Base URL field, type the OpenShift route that you created previously, https://custom-apicast.apps.ocp4.example.com. Then, click Update Product.

Promote the new configuration to Staging.

In the left pane, click Integration → Configuration.
Click Promote v. 1 to Staging APIcast to replace the default Staging APIcast by your self-managed APIcast.

Copy the curl example and execute it in a command-line terminal.

[student@workstation ~]$ curl "https://custom-apicast.apps.ocp4.example.com:443/echo?user_key=USER_KEY"
{
  "method": "GET",
  "path": "/",
  ...output omitted...
  "headers": {
    "HTTP_VERSION": "HTTP/1.1",
    "HTTP_HOST": "echo-api.3scale.net",
    ...output omitted...
  },
  ...output omitted...
}

Finish

On the workstation machine, use the lab command to complete this exercise. This is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish gateways-apicast

This concludes the guided exercise.

Discuss Cloud-native API Administration with Red Hat 3scale API Management

Go to community

Welcome to the Cloud-native API Administration (DO240) group in the Red Hat Learning Community!

Deanna

11 sie 2023

We are excited to launch a space dedicated to the Red Hat Training course Cloud-native API Administration with Red Hat 3scale API Management! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to DO240.Read more about Cloud-native API Administration with Red Hat 3scale API Management here.

Revision: do240-2.11-40390f6