Multi-environment Deployment on Gateway
APK allows users to configure multiple environments on a single gateway, in addition to the per-environment gateway setup. This flexibility enables a single runtime to support multiple environments. With APK, APIs from different environments can be deployed on a shared gateway runtime.
API Creation¶
The environment
field in the API CR can be used to specify the API environment, such as Development, QA, etc. When this is specified within the API configuration, it is considered in Analytics, Rate Limiting, Security, and other functionalities.
kind: "API"
apiVersion: "dp.wso2.com/v1alpha2"
metadata:
name: "order-api"
spec:
apiName: "Order API"
apiType: "REST"
apiVersion: "3.14"
environment: "Development"
basePath: "/order/v1"
organization: "default"
definitionFileRef: "order-api-definition"
production:
- routeRefs:
- "order-api-httproutes"
Additionally, you can specify the API access endpoints (hostnames) to indicate the environment of the API. For example, in the following access URL, org1-dev.gw.wso2.com
, the environment is indicated as dev
.
apiVersion: "gateway.networking.k8s.io/v1beta1"
kind: "HTTPRoute"
metadata:
name: "order-api-httproutes"
spec:
hostnames:
- "org1-dev.gw.wso2.com"
rules:
- matches:
- path:
type: "RegularExpression"
value: "/employee"
method: "GET"
filters:
- type: "URLRewrite"
urlRewrite:
path:
type: "ReplaceFullPath"
replaceFullPath: "/employee"
backendRefs:
- group: "dp.wso2.com"
kind: "Backend"
name: "backend-949e1e5f96ebe38-api"
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: wso2-apk-default
sectionName: "httpslistener"
Assign Token Issuers for the environment¶
A token issuer can be associated with specific environments using the environments configuration. The possible values are as follows:
-
Allow all environments
environments: - “*”
-
Allow for Dev and QA Environments
environments: - “Dev” - “QA”
-
If the environments field is not defined in the token issuer custom resource, it will apply to all environments by default.
apiVersion: dp.wso2.com/v1alpha2 kind: TokenIssuer metadata: name: dev-apk-idp-jwt-issuer spec: claimMappings: - localClaim: x-wso2-organization remoteClaim: organization - localClaim: x-wso2-groups remoteClaim: groups consumerKeyClaim: clientId environments: - “Development” - “QA” issuer: https://idp.am.wso2.com/token name: Domain-service-idp organization: apk-system scopesClaim: scope signatureValidation: certificate: secretRef: key: wso2carbon.pem name: apk-test-setup-wso2-apk-enforcer-truststore-secret targetRef: group: gateway.networking.k8s.io kind: Gateway name: wso2-apk-default