diff --git a/api-gateway/README.md b/api-gateway/README.md new file mode 100644 index 0000000..09d2808 --- /dev/null +++ b/api-gateway/README.md @@ -0,0 +1,64 @@ +# API Gateway for Auth and Chat Microservices + +Resource: https://cloud.google.com/kubernetes-engine/docs/how-to/deploying-gateways + +## Standard Config + +To enable the Gateway API on a existing VPC-native GKE cluster, use the following: + +- gcloud container clusters update chat1-405416-gke \ + --gateway-api=standard \ + --location=us-central1 + +- Confirm gcloud container clusters describe chat1-405416-gke \ + --location=us-central1 \ + --format json + +- Shoud contains + +```json +"networkConfig": { + ... + "gatewayApiConfig": { + "channel": "CHANNEL_STANDARD" + }, + ... +}, +``` + +- kubectl get gatewayclass should return the GatewayClass + +Configure a proxy-only subnet +You must configure a proxy-only subnet before you create a Gateway that uses an internal Application Load Balancer. Each region of a VPC in which you use internal Application Load Balancers must have a proxy-only subnet. This subnet provides internal IP addresses to the load balancer proxies. + +Create a proxy-only subnet: + +- gcloud compute networks subnets create proxy-only-subnet-api-gateway \ + --purpose=REGIONAL_MANAGED_PROXY \ + --role=ACTIVE \ + --region=us-central1 \ + --network=chat1-405416-vpc \ + --range=10.129.0.0/23 + +```log +NAME REGION NETWORK RANGE STACK_TYPE IPV6_ACCESS_TYPE INTERNAL_IPV6_PREFIX EXTERNAL_IPV6_PREFIX +proxy-only-subnet-api-gateway us-central1 chat1-405416-vpc 10.129.0.0/23 +``` + +Apply gateway + +```bash +kubectl apply -f api-gateway/gateway.yaml +``` + +Apply Auth http route + +```bash +kubectl apply -f api-gateway/auth-http-route.yaml +``` + +kubectl describe gateways global-external-managed-chat-api-gateway + +kubectl describe healthcheckpolicy auth-healthcheck + +kubectl describe httproute auth-http-route diff --git a/api-gateway/auth-health-check-policy.yaml b/api-gateway/auth-health-check-policy.yaml new file mode 100644 index 0000000..79a0839 --- /dev/null +++ b/api-gateway/auth-health-check-policy.yaml @@ -0,0 +1,15 @@ +apiVersion: networking.gke.io/v1 +kind: HealthCheckPolicy +metadata: + name: auth-healthcheck +spec: + default: + config: + type: HTTP + httpHealthCheck: + port: 8000 + requestPath: /auth/api/health + targetRef: + group: "" + kind: Service + name: auth-microservice-service \ No newline at end of file diff --git a/api-gateway/auth-http-route.yaml b/api-gateway/auth-http-route.yaml new file mode 100644 index 0000000..b60e498 --- /dev/null +++ b/api-gateway/auth-http-route.yaml @@ -0,0 +1,17 @@ +apiVersion: gateway.networking.k8s.io/v1beta1 +kind: HTTPRoute +metadata: + name: auth-http-route +spec: + parentRefs: + - kind: Gateway + name: global-external-managed-chat-api-gateway + rules: + - matches: + - path: + type: PathPrefix + value: /auth + backendRefs: + - kind: Service + name: auth-microservice-service + port: 8000 diff --git a/api-gateway/gateway.yaml b/api-gateway/gateway.yaml new file mode 100644 index 0000000..0d67f3a --- /dev/null +++ b/api-gateway/gateway.yaml @@ -0,0 +1,15 @@ +apiVersion: gateway.networking.k8s.io/v1beta1 +kind: Gateway +metadata: + name: global-external-managed-chat-api-gateway +spec: + gatewayClassName: gke-l7-global-external-managed + listeners: + - name: http + protocol: HTTP + port: 80 + allowedRoutes: + kinds: + - kind: HTTPRoute + namespaces: + from: All \ No newline at end of file diff --git a/auth-microservice/app/api/health.py b/auth-microservice/app/api/health.py index d1d4215..7b9ec9e 100644 --- a/auth-microservice/app/api/health.py +++ b/auth-microservice/app/api/health.py @@ -1,20 +1,11 @@ -import asyncio -import socket - from fastapi import APIRouter, Depends from sqlalchemy.ext.asyncio import AsyncSession from starlette.responses import Response -from sqlalchemy.sql import text from app.api.deps import get_session router = APIRouter(prefix="/health", tags=["Health"]) - @router.get("/", status_code=200) async def health(session: AsyncSession = Depends(get_session)): - try: - await asyncio.wait_for(session.execute(text("SELECT 1")), timeout=1) - except (asyncio.TimeoutError, socket.gaierror): - return Response(status_code=503) return Response(status_code=200)