API Gateway communication
The 3Scale API Gateway is a light-weight high-performance API Management Gateway. Since it can scale and recover easily with tools like vanilla Docker/Kubernetes or Openshift, new pods can be there in seconds to handle more APIs then you can imagine. After the API Gateway starts and during runtime it needs to communicatie with the central API Management Portal to retrieve it’s configuration. Therefore it uses these 2 APIs:
- The Service Management API to ask for authorization and report usage
- The Account Management API (read-only) to get the list of available APIs and their configuration
The Service Management API is at su1.3scale.net (port 443) whereas the Account Management API is at MyAccount–admin.3scale.net (port 443). The connection is build up by the API Gateway itself which from a security perspective is great. Only outbound port 443 is needed.
Auto updating
The gateway is able to check the configuration from time to time and self update when necessary. You can change the default by adjusting the APICAST_CONFIGURATION_CACHE (which value is in seconds). This parameter controls the polling frequency for the Gateway to connect to the Admin Portal.
-e APICAST_CONFIGURATION_CACHE=300
According to https://github.com/3scale/apicast/blob/a41b3fb90a9c9250711aa63de78eed4c5e1253d5/.env#L19 :
“Cache the configuration for N seconds. Empty means forever and 0 means don’t cache at all.”
Which means that the value should be 60 or greater, 0 or unset
- 0, don’t cache the configuration at all. Safe to use on staging together with APICAST_CONFIGURATION_LOADER=lazy. Lazy will load it on demand for each incoming request (to guarantee a complete refresh on each request.
- 60, caches for 60 seconds and is the minimal value if set.
- Empty means forever, you probably do not want to use that in production
References and all credits:
- Nicolas Massé @ 3Scale API Management by Red Hat (Google Group)
