Quickstart

AWS ECS E2E Architecture has API Gateway usage.

URL Rewriting using AWS API Gateway

Pending

Need referer and authority header attributes to target the entry endpoints for the backend - to test switching content based on URL origin

need private cert to allow for non-api gateway URLs

Base HAproxy example - https://en.wikipedia.org/wiki/Rewrite_engine and https://en.wikipedia.org/wiki/HAProxy and

Plan

In this section we will determine how to use the API Gateway service to route multiple alias URLs into a single backend service. Routing a many to one set of calls is the reverse of the usual use case of an API Gateway or L7 load balancer or proxy where the a single URL is parsed and distributed among a set of micro service backends depending on a particular match on part of the path/context-root of the URI part of the URL.

For example we usually route one to many (1:m) like this.

http://site.com/api/first-app to L7 route reroute http://hidden-dns/api/first or L4 port reroute http://hidden-dns:31111/api
and
http://site.com/api/last-app to L7 route reroute http://hidden-dns/api/last or L4 port reroute http://hidden-dns:32222/api

In this example we want to route many to one (m:1) like this.

http://first-dns.com/api or http://last-dns.com/api

into

http://hidden-dns.com/api

Single micro service served by dual domain URLs

site	url
git	https://github.com/obrienlabs/refarch
docker hub	https://hub.docker.com/repository/docker/obrienlabs/reference-nbi
jenkins	http://jenkins.obrienlabs.cloud/job/ref-arch-java/
base endpoint	http://services.obrienlabs.cloud:8888/nbi/api

Build/Run Docker endpoint on RKE EC2 VM

Locally
mvn clean install -U
cd src/docker/
./build.sh 

On VM
ubuntu@ip-172-31-81-46:~$ docker run --name reference-nbi -d -p 8888:8080 obrienlabs/reference-nbi:0.0.1
ubuntu@ip-172-31-81-46:~$ curl http://127.0.0.1:8888/nbi/api
{"id":1,"content":"1 PASS cloud.containerization.reference.nbi.ApiController queryString: null decodedQueryString: "}

Setup API Gateway API and GET Method

https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-set-up-simple-proxy.html

Add Integration Response - Mapping Template JSON

##  See http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html
##  This template will pass through all parameters including path, querystring, header, stage variables, and context through to the integration endpoint via the body/payload
#set($allParams = $input.params())
{
"body-json" : $input.json('$'),
"params" : {
#foreach($type in $allParams.keySet())
    #set($params = $allParams.get($type))
"$type" : {
    #foreach($paramName in $params.keySet())
    "$paramName" : "$util.escapeJavaScript($params.get($paramName))"
        #if($foreach.hasNext),#end
    #end
}
    #if($foreach.hasNext),#end
#end
},

Deploy API

Using http beta API instead of the default rest api for API Gateway

Domain URL

API Gateway URL

type

obrien-labs.com

cname

https://www.obrien-labs.com/dev/nbi/api

https://juursjt8i2.execute-api.us-east-1.amazonaws.com/dev

https://juursjt8i2.execute-api.us-east-1.amazonaws.com/dev/nbi/api

http

obriencloud.com

cname

https://fxfqqwqngj.execute-api.us-east-1.amazonaws.com/stg

https://fxfqqwqngj.execute-api.us-east-1.amazonaws.com/stg/nbi/api

http

https://www.obriencloud.com/dev

https://91u52epqzc.execute-api.us-east-1.amazonaws.com/dev

rest

Route53 CNAME records

Dig

www.obriencloud.com. 236 IN CNAME 91u52epqzc.execute-api.us-east-1.amazonaws.com.

91u52epqzc.execute-api.us-east-1.amazonaws.com. 60 IN A 54.86.151.249

91u52epqzc.execute-api.us-east-1.amazonaws.com. 60 IN A 52.21.235.3

91u52epqzc.execute-api.us-east-1.amazonaws.com. 60 IN A 52.201.133.213

91u52epqzc.execute-api.us-east-1.amazonaws.com. 60 IN A 3.82.70.24

91u52epqzc.execute-api.us-east-1.amazonaws.com. 60 IN A 3.233.55.7

91u52epqzc.execute-api.us-east-1.amazonaws.com. 60 IN A 34.232.7.153

5 min

www.obrien-labs.com. 300 IN CNAME juursjt8i2.execute-api.us-east-1.amazonaws.com.

juursjt8i2.execute-api.us-east-1.amazonaws.com. 59 IN A 34.228.92.62

juursjt8i2.execute-api.us-east-1.amazonaws.com. 59 IN A 54.80.226.164

Request/Response

https://juursjt8i2.execute-api.us-east-1.amazonaws.com/dev/nbi/api?ZXhlY3V0aW9uPWUxczEmYWN0aW9uPXRlc3Q=

{"id":4,"content":"4 PASS cloud.containerization.reference.nbi.ApiController 
URL: http://services.obrienlabs.cloud:8888/nbi/api URI: /nbi/api path: null 
queryString: ZXhlY3V0aW9uPWUxczEmYWN0aW9uPXRlc3Q= decodedQueryString: execution=e1s1&action=test"}

https://fxfqqwqngj.execute-api.us-east-1.amazonaws.com/stg/nbi/api?ZXhlY3V0aW9uPWUxczEmYWN0aW9uPXRlc3Q=

{"id":3,"content":"3 PASS cloud.containerization.reference.nbi.ApiController 
URL: http://services.obrienlabs.cloud:8888/nbi/api URI: /nbi/api path: null 
queryString: ZXhlY3V0aW9uPWUxczEmYWN0aW9uPXRlc3Q= decodedQueryString: execution=e1s1&action=test"}

https://91u52epqzc.execute-api.us-east-1.amazonaws.com/dev?ZXhlY3V0aW9uPWUxczEmYWN0aW9uPXRlc3Q=

"Host" : "91u52epqzc.execute-api.us-east-1.amazonaws.com"

"api-id" : "91u52epqzc",
"stage" : "dev",

serverName: services.obrienlabs.cloud

URL: http://services.obrienlabs.cloud:8888/nbi/api

Headers

https://91u52epqzc.execute-api.us-east-1.amazonaws.com/dev

{
"body-json" : {"id":2,"content":"2 PASS cloud.containerization.reference.nbi.ApiController URL: http://services.obrienlabs.cloud:8888/nbi/api URI: /nbi/api path: null origin: null caller: null queryString: null decodedQueryString2: : remoteAddr: 3.216.139.252 localAddr: 172.17.0.2 remoteHost: 3.216.139.252 serverName: services.obrienlabs.cloud"},
"params" : {
"path" : {
}
,"querystring" : {
}
,"header" : {
"accept" : "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8,application\/signed-exchange;v=b3;q=0.9"
, "accept-encoding" : "gzip, deflate, br"
, "accept-language" : "en-CA,en-GB;q=0.9,en-US;q=0.8,en;q=0.7"
, "cache-control" : "max-age=0"
, "Host" : "91u52epqzc.execute-api.us-east-1.amazonaws.com"
, "sec-fetch-dest" : "document"
, "sec-fetch-mode" : "navigate"
, "sec-fetch-site" : "none"
, "sec-fetch-user" : "?1"
, "upgrade-insecure-requests" : "1"
, "User-Agent" : "Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/80.0.3987.87 Safari\/537.36"
, "X-Amzn-Trace-Id" : "Root=1-5e4e23fe-fffae98ae7c0dbea36daca2a"
, "X-Forwarded-For" : "174.112.79.79"
, "X-Forwarded-Port" : "443"
, "X-Forwarded-Proto" : "https"
}
},
"stage-variables" : {
},
"context" : {
"account-id" : "",
"api-id" : "91u52epqzc",
"api-key" : "",
"authorizer-principal-id" : "",
"caller" : "",
"cognito-authentication-provider" : "",
"cognito-authentication-type" : "",
"cognito-identity-id" : "",
"cognito-identity-pool-id" : "",
"http-method" : "GET",
"stage" : "dev",
"source-ip" : "174.112.79.79",
"user" : "",
"user-agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.87 Safari/537.36",
"user-arn" : "",
"request-id" : "b76d5b33-647b-4540-adbd-d4c26164d309",
"resource-id" : "i138yesehf",
"resource-path" : "/"
}
}

endpoint