How to run the 3Scale APICast Gateway in a Docker container ?

With the rise of API popularity and the necessity for decent API Management some relatively new players emerged. And by know almost all are acquired by bigger fish in the software pond. One of these leading API Management software companies was 3Scale and in 2016 is was acquired by Red Hat. 3Scale then was a SaaS API Management offering only. Soon after the acquisition however Mike Piech, vice president and general manager of middleware at Red Hat, wrote in a blog post:

“3scale is today offered in an as-a-Service model and joins Red Hat OpenShift Online and Red Hat Mobile Application Platform in that format. We plan to quickly create an on-prem version and open source the code in the Red Hat way.”

The cloud hosted API gateway service APICast was published to GitHub. And in Q2 2017 the officially announcement was there that the Red Hat 3Scale API management platform was available as a Docker container and stand-alone installation for deployment on-premise. So now the implementation choice roughly consists of full SaaS and 3 on-premise variations as vanille Docker, Red Hat OpenShift and stand-alone.

This blogpost will show the steps and commands how to run the 3Scale APICast Gateway in “vanille” Docker containers.

High Level Overview

The commands

What we need:

  • Endpoint for the local API to hit, like api.ilionx.tmpldesign.nl
  • Endpoint of the 3Scale SaaS environment, like jvzoggel-admin.3scale.net)
  • provider api key which is something like 93b21fc40335f58ee3a93d5a5c343 and can be found under your 3Scale SaaS account
  • user key which is shown at the bottom of the SaaS API Configuration screen in the curl example or can be found in Application -> your app

API endpoint to hit

 

First we will create a ilionx.tmpldesign.nl Docker Network for our Apicast and API client nodes to run in:

jvzoggel$ docker network create ilionx.tmpldesign.nl
142fd0f9e4a5392f2cdd90c2a625edf655f89a56b026e3c2082060521a39f6b5

We will start the 3Scale APICast Gateway docker image and configure it to port forward 8080, connect to the ilionx.tmpldesign.nl network and use the environment property THREESCALE_PORTAL_ENDPOINT to make connection to our 3Scale SaaS environment to retrieve the API configuration.

jvzoggel$ docker run --name apicast --net=ilionx.tmpldesign.nl --rm -p 8080:8080 -h apicast.ilionx.tmpldesign.nl -e THREESCALE_PORTAL_ENDPOINT=https://PROVIDERKEY@jvzoggel-admin.3scale.net registry.access.redhat.com/3scale-amp21/apicast-gateway:1.4-2
dnsmasq[8]: started, version 2.76 cachesize 1000
dnsmasq[8]: compile time options: IPv6 GNU-getopt DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC loop-detect inotify
dnsmasq[8]: using nameserver 8 #0 dnsmasq[8]: reading /etc/resolv.conf
dnsmasq[8]: using nameserver options#0
dnsmasq[8]: using nameserver 127.0.0.11#53
dnsmasq[8]: cleared cache

The API Gateway is running as apicast.ilionx.tmpldesign.nl, the same endpoint URI as configured in the SaaS environment. So it’s time to hit it with our first request. We are going to use a Centos docker image as an API client and run it in interactive mode.

jvzoggel$ docker run --name centos --net=ilionx.tmpldesign.nl --rm -it -h centos.ilionx.tmpldesign.nl centos:latest bash
[root@centos /]# hostname
centos.ilionx.tmpldesign.nl

We can first check if both docker instances can connect to each other with a ping. After that is proven we execute the following command which will connect to the Apicast docker image on our ilionx.tmpldesign.nl network. The Apicast instance will download the configuration from the 3Scale SaaS solution and route our API call to the configured echo service back-end.

[root@centos /]# curl "http://apicast.ilionx.tmpldesign.nl:8080/echo?user_key=USERKEY"

{
"method": "GET",
"path": "/echo",
"args": "user_key=XXXXXX",
"body": "",
"headers": {
"HTTP_VERSION": "HTTP/1.1",
"HTTP_HOST": "echo-api.3scale.net",
"HTTP_ACCEPT": "*/*",
"HTTP_USER_AGENT": "curl/7.29.0",
"HTTP_X_3SCALE_PROXY_SECRET_TOKEN": "Shared_secret_sent_from_proxy_to_API_backend",
"HTTP_X_REAL_IP": "172.20.0.3",
"HTTP_X_FORWARDED_FOR": "145.15.244.22, 10.0.101.15",
"HTTP_X_FORWARDED_HOST": "echo-api.3scale.net",
"HTTP_X_FORWARDED_PORT": "443",
"HTTP_X_FORWARDED_PROTO": "https",
"HTTP_FORWARDED": "for=10.0.101.13;host=echo-api.3scale.net;proto=https",
"HTTP_CONNECTION": "close"
},
"uuid": "24e5737c-c3ff-4333-bbbb<span data-mce-type="bookmark" style="display: inline-block; width: 0px; overflow: hidden; line-height: 0;" class="mce_SELRES_start"></span>-6030aaea6521"

Hope it helps !