Description

In this video, we will showcase how our platform empowers you to efficiently manage your APIs and API products in a Kubernetes and cloud native environment.

To begin, we'll explore a Kubernetes deployment and service that deploys a microservice with a specific API. By leveraging our Gloo annotations, we enable the platform to automatically discover the microservice's OpenAPI specification. Initially, the Kubernetes platform does not have any API documentation available. However, once we deploy our servers and deployments, the platform seamlessly discovers the OpenAPI specification. We can view the complete OpenAPI spec in the Kubernetes custom resource.

Now, we can proceed to deploy our API products using route tables in Gloo Platform Portal. A route table defines the API product, including labels, portal metadata, such as the API title, description, terms of service, contacts, licenses, and more. It also specifies the destination service that implements the API. Upon applying the API product route table, we can see the deployed API in our developer portal, which provides a comprehensive interface. Additionally, the Gloo Platform dashboard showcases the API, its OpenAPI specification, and the JSON schema format.

In the developer portal's frontend UI, which is built using React, we can explore the API product, in this case, the Catstronaut API. It is presented in both Redoc and Swagger views, allowing users to choose their preferred documentation style. We can seamlessly switch between views and utilize the "try-it-out" functionality provided by the platform. Upon execution, we receive a 200 response from the API product we deployed.

To enhance security, we decide to change the API visibility to private, requiring users to log in to access it. By defining a portal group that grants access based on specific claims, we can control the visibility of the API. Applying the portal group allows users with the "users" claim and value to access the API labeled as "tracks" (our customer's API).

Next, we focus on securing our API product through API key authentication and authorization. This involves applying an Auth policy to routes with the label "usage plan Dev portal." Our "tracks" API has the "Dev portal" usage plan, enabling us to enforce API key requirements. We also apply a rate limit policy to control the number of requests per second, minute, or hour that can be sent to our API.

When we revisit our Catstronaut API in the Dev portal UI, we notice that access is now restricted. To generate an API key, we enable the usage plans in the Dev portal configuration. We define three usage plans: bronze, silver, and gold, which align with the rate limiting configuration. These plans encompass both rate limiting and API key authentication. In the Dev portal UI, we can see the three usage plans, and we generate a new API key called "my key." After pasting the API key into the Swagger view, we can access the API and receive a 200 response. However, when the rate limit is exceeded, we receive a 429 "too many requests" response.

Furthermore, we demonstrate the cloud native approach of deploying additional API products using Argo CD and a CI/CD pipeline. We synchronize the Helm chart of a pet store API product with our cluster using Argo CD, resulting in the deployment of the parts, deployments, services, and the API product in the Dev portal. While the Petstore API initially includes only the "paths" API, we introduce two more microservices: the user API and the store API. By adding their OpenAPI specifications to our route table API products, we combine the APIs of these microservices into a single Petstore API product.

To manage the Dev portal configuration and usage plans efficiently, we utilize CI/CD pipelines and GitOps approaches. This allows development and platform teams to control and automate the deployment of APIs, API products, and the Dev portal's configuration. We showcase this by adding a new usage plan called "Platinum" to the Dev portal and rate limit server configuration. Through GitOps and synchronization with the Git repository, the changes are instantly applied, providing an initial usage plan for deployed API products on the dashboard.

Thank you for joining us in this demo of Gloo Platform Portal, where managing your APIs and API products in a Kubernetes and cloud native environment becomes streamlined and efficient. Don't forget to like, share, and subscribe to our channel for more content!