-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
00ace89
commit 7ada304
Showing
5 changed files
with
111 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,64 @@ | ||
| # API Gateway for Auth and Chat Microservices | ||
|
|
||
| Resource: https://cloud.google.com/kubernetes-engine/docs/how-to/deploying-gateways | ||
|
|
||
| ## Standard Config | ||
|
|
||
| To enable the Gateway API on a existing VPC-native GKE cluster, use the following: | ||
|
|
||
| - gcloud container clusters update chat1-405416-gke \ | ||
| --gateway-api=standard \ | ||
| --location=us-central1 | ||
|
|
||
| - Confirm gcloud container clusters describe chat1-405416-gke \ | ||
| --location=us-central1 \ | ||
| --format json | ||
|
|
||
| - Shoud contains | ||
|
|
||
| ```json | ||
| "networkConfig": { | ||
| ... | ||
| "gatewayApiConfig": { | ||
| "channel": "CHANNEL_STANDARD" | ||
| }, | ||
| ... | ||
| }, | ||
| ``` | ||
|
|
||
| - kubectl get gatewayclass should return the GatewayClass | ||
|
|
||
| Configure a proxy-only subnet | ||
| You must configure a proxy-only subnet before you create a Gateway that uses an internal Application Load Balancer. Each region of a VPC in which you use internal Application Load Balancers must have a proxy-only subnet. This subnet provides internal IP addresses to the load balancer proxies. | ||
|
|
||
| Create a proxy-only subnet: | ||
|
|
||
| - gcloud compute networks subnets create proxy-only-subnet-api-gateway \ | ||
| --purpose=REGIONAL_MANAGED_PROXY \ | ||
| --role=ACTIVE \ | ||
| --region=us-central1 \ | ||
| --network=chat1-405416-vpc \ | ||
| --range=10.129.0.0/23 | ||
|
|
||
| ```log | ||
| NAME REGION NETWORK RANGE STACK_TYPE IPV6_ACCESS_TYPE INTERNAL_IPV6_PREFIX EXTERNAL_IPV6_PREFIX | ||
| proxy-only-subnet-api-gateway us-central1 chat1-405416-vpc 10.129.0.0/23 | ||
| ``` | ||
|
|
||
| Apply gateway | ||
|
|
||
| ```bash | ||
| kubectl apply -f api-gateway/gateway.yaml | ||
| ``` | ||
|
|
||
| Apply Auth http route | ||
|
|
||
| ```bash | ||
| kubectl apply -f api-gateway/auth-http-route.yaml | ||
| ``` | ||
|
|
||
| kubectl describe gateways global-external-managed-chat-api-gateway | ||
|
|
||
| kubectl describe healthcheckpolicy auth-healthcheck | ||
|
|
||
| kubectl describe httproute auth-http-route |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| apiVersion: networking.gke.io/v1 | ||
| kind: HealthCheckPolicy | ||
| metadata: | ||
| name: auth-healthcheck | ||
| spec: | ||
| default: | ||
| config: | ||
| type: HTTP | ||
| httpHealthCheck: | ||
| port: 8000 | ||
| requestPath: /auth/api/health | ||
| targetRef: | ||
| group: "" | ||
| kind: Service | ||
| name: auth-microservice-service |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| apiVersion: gateway.networking.k8s.io/v1beta1 | ||
| kind: HTTPRoute | ||
| metadata: | ||
| name: auth-http-route | ||
| spec: | ||
| parentRefs: | ||
| - kind: Gateway | ||
| name: global-external-managed-chat-api-gateway | ||
| rules: | ||
| - matches: | ||
| - path: | ||
| type: PathPrefix | ||
| value: /auth | ||
| backendRefs: | ||
| - kind: Service | ||
| name: auth-microservice-service | ||
| port: 8000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| apiVersion: gateway.networking.k8s.io/v1beta1 | ||
| kind: Gateway | ||
| metadata: | ||
| name: global-external-managed-chat-api-gateway | ||
| spec: | ||
| gatewayClassName: gke-l7-global-external-managed | ||
| listeners: | ||
| - name: http | ||
| protocol: HTTP | ||
| port: 80 | ||
| allowedRoutes: | ||
| kinds: | ||
| - kind: HTTPRoute | ||
| namespaces: | ||
| from: All |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,20 +1,11 @@ | ||
| import asyncio | ||
| import socket | ||
|
|
||
| from fastapi import APIRouter, Depends | ||
| from sqlalchemy.ext.asyncio import AsyncSession | ||
| from starlette.responses import Response | ||
| from sqlalchemy.sql import text | ||
|
|
||
| from app.api.deps import get_session | ||
|
|
||
| router = APIRouter(prefix="/health", tags=["Health"]) | ||
|
|
||
|
|
||
| @router.get("/", status_code=200) | ||
| async def health(session: AsyncSession = Depends(get_session)): | ||
| try: | ||
| await asyncio.wait_for(session.execute(text("SELECT 1")), timeout=1) | ||
| except (asyncio.TimeoutError, socket.gaierror): | ||
| return Response(status_code=503) | ||
| return Response(status_code=200) |