2

WSO2 APIM 2.6.0 的场景:
1 个用于 API Publisher 的 VM -> 前端:https://mgt.mydomain(网关工作人员的经理)
1 个用于 API 存储的 VM -> 前端:https://store.mydomain
1 台 VM 用于流量管理器 -> 前端:https://trafficmanager.mydomain
2 台 VM 用于网关集群 -> LB:https://api.mydomain (网关工作人员)
2 台 VM 用于 IS 作为 KM 集群 -> LB:https ://security.mydomain

商店中的 carbon.xml:

<HostName>store.mydomain</HostName>
<MgtHostName>store.mydomain</MgtHostName>

商店中的 apimanager.xml:

        <Environment type="hybrid" api-console="true">
            <Name>MyGateway</Name>

            <ServerURL>https://api.mydomain:443/services/</ServerURL>
            <!-- Admin username for the API gateway. -->
            <Username>${admin.username}</Username>
            <!-- Admin password for the API gateway.-->
            <Password>${admin.password}</Password>
            <!-- Endpoint URLs for the APIs hosted in this API gateway.-->
           <GatewayEndpoint>http://api.mydomain:80,https://api.mydomain:443</GatewayEndpoint>
            <!-- Endpoint of the Websocket APIs hosted in this API Gateway -->
            <GatewayWSEndpoint>ws://${carbon.local.ip}:9099</GatewayWSEndpoint>
        </Environment>
    </Environments>
</APIGateway>

发布我的测试 API 后,当我尝试测试它时,商店使用它作为请求 URI:

请求 URL:https://store.mydimain/testAPI/v1.0.0/info
来自 API 商店的示例请求:
curl -k -X GET " https://store.mydomain/testAPI/v1.0.0/info " -H "接受:应用程序/json" -H "授权:承载 1fcf7e3f-8292-3110-8cff-27226caa59a8"

直接向网关 LB 发出的请求是可以的。
示例请求:
curl -k -X GET " https://api.mydomain/testAPI/v1.0.0/info " -H "accept: application/json" -H "Authorization: Bearer 1fcf7e3f-8292-3110-8cff-27226caa59a8 "
响应:{"version":"1.0.0","nome":"test-api"}

附加信息:在网关工作人员之间
安装了一个 NFS 在 IS-KM 之间安装了一个 NFS
发布者应该是网关管理器

附加信息 可以观察到,在发布 API 后,APIM 发布者和 APIM 商店中的概述不会'不显示端点:

在此处输入图像描述

但是我在 Publisher Server 中的 apimanager.xml 看起来正确配置如下:

PUBLISHER 中的 apimanager.xml:

<APIGateway>
        <Environments>
            <Environment type="hybrid" api-console="true">
                <Name>Production and Sandbox</Name>
                <Description>This is a hybrid gateway that handles both production and sandbox token traffic.</Description>
                <!-- Server URL of the API gateway -->
                <ServerURL>https://api.mydomain:443/services/</ServerURL>
                        <!-- Admin username for the API gateway. -->
                <Username>${admin.username}</Username>
                <!-- Admin password for the API gateway.-->
                <Password>${admin.password}</Password>
                <!-- Endpoint URLs for the APIs hosted in this API gateway.-->
                <GatewayEndpoint>http://api.mydomain:80,https://api.mydomain:443</GatewayEndpoint>
                <!-- Endpoint of the Websocket APIs hosted in this API Gateway -->
                <GatewayWSEndpoint>ws://${carbon.local.ip}:9099</GatewayWSEndpoint>
            </Environment>
        </Environments>
    </APIGateway>

新更新

对于 VirtualServer api.mydomain:443 insideapache 我的配置是:

<VirtualHost api.mydomain:443>

        SSLEngine on
        SSLCipherSuite HIGH:!aNULL:!MD5
        SSLHonorCipherOrder on
        ...
        ServerName api.mydomain

        CustomLog /var/log/httpd/api.log combined
        ErrorLog /var/log/httpd/api.error.log
        LogLevel debug

        # disable forward proxy requests
        ProxyRequests off
        SSLProxyEngine On
        SSLProxyCheckPeerCN off
        SSLProxyCheckPeerName off
        SSLProxyCheckPeerExpire off
        ProxyPreserveHost On

        UseCanonicalName On

        Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED

    <Proxy balancer://apissl_nio>
        # Add a member to the load balancing group
        BalancerMember https://gtw01.mydomain:8243 route=1
        BalancerMember https://gtw02.mydomain:8243 route=2
        ProxySet stickysession=ROUTEID
        ProxySet lbmethod=byrequests
    </Proxy>
    ProxyPass /revoke balancer://apissl_nio/revoke
    ProxyPassReverse /revoke balancer://apissl_nio/revoke

    ProxyPass /token balancer://apissl_nio/token
    ProxyPassReverse /token balancer://apissl_nio/token

    <Proxy balancer://apissl_mgt>
        # Add a member to the load balancing group
        BalancerMember https://gtw01.mydomain:9443 route=3
        BalancerMember https://gtw02.mydomain:9443 route=4
        ProxySet stickysession=ROUTEID
        ProxySet lbmethod=byrequests
    </Proxy>

    ProxyPass /services balancer://apissl_mgt/services
    ProxyPassReverse /services balancer://apissl_mgt/services


</VirtualHost>
4

2 回答 2

0

ServerURL 用于网关的管理服务,而不是 NIO。您应该启用对 9443/9763 端口的访问或创建一个新的虚拟主机来平衡网关实例的 9443 和/或 9763 端口。

    <Environment type="hybrid" api-console="true">
        <Name>Production and Sandbox</Name>
        <Description>This is a hybrid gateway that handles both production and sandbox token traffic.</Description>
        <!-- Server URL of the API gateway -->

        <ServerURL>https://gwmng:9443${carbon.context}services/</ServerURL>
                <!-- Admin username for the API gateway. -->
        <Username>${admin.username}</Username>
        <!-- Admin password for the API gateway.-->
        <Password>${admin.password}</Password>
        <!-- Endpoint URLs for the APIs hosted in this API gateway.-->
        <GatewayEndpoint>http://gw:80,https://gw:443</GatewayEndpoint>
        <!-- Endpoint of the Websocket APIs hosted in this API Gateway -->
        <GatewayWSEndpoint>ws://gw:9099</GatewayWSEndpoint>
于 2019-09-03T07:07:39.113 回答
0

首先,感谢所有评论和回答。我发现了问题及其所在

<APIGateway>
    <Environments>
      <Environment>
          <Name>****</Name>

我已经使用与其他组件不同的环境名称部署了商店。由于发布者使用名称选择正确的网关来部署 API,因此即使您的ServerURLGatewayEndpoint填写正确,商店也找不到端点。

于 2019-09-04T13:25:42.413 回答