How to serve admin API over express gateways HTTPS?

Question

I try to set up my express gateway so that the admin API is served over express gateways own HTTPS as an apiEndpoint / serviceEndpoint.

Below is my gateway-config.yml

I followed the instructions as mentioned in the documentation as good as I can.

https:
  port: 8443
  tls:
    'default':
      key: /usr/local/share/ca-certificates/ssl.key
      cert: /usr/local/share/ca-certificates/ssl.crt
admin:
  port: 8442
  host: localhost
serviceEndpoints:
  someExampleBackend:
    url: https://some.example.com
  adminBackend:
    url: http://localhost:8442
policies:
  - proxy
pipelines:
  adminAPI:
    apiEndpoints:
      - admin
    policies:
      - proxy:
          - action:
              serviceEndpoint: adminBackend
  domeExampleAPI:
    apiEndpoints:
      - general
      - proxy:
          - action:
              serviceEndpoint: someExampleBackend
apiEndpoints:
  admin:
    host: localhost
  general:
    host: localhost
    methods:
      - GET
      - POST
      - PUT
      - DELETE
      - OPTIONS
    paths:
      - "/echo"

I expected to be able to use admin API like that:

https://localhost:8443/api-endpoints

And the example general endpoint like that simultaneously:

https://localhost:8443/echo

When I do so, only the admin API is working as expected. All other apiEndpoints return a 404 "Cannot GET /echo". When I remove everything with admin or only change the host, than the other apiEndpoints work correctly.

How do I solve that task?

score 0 · Accepted Answer · answered Jun 05 '19 at 09:42

Solved after some more try and error.

For all the others struggling with this: You can use the rewrite policy.

https:
  port: 8443
  tls:
    'default':
      key: /usr/local/share/ca-certificates/ssl.key
      cert: /usr/local/share/ca-certificates/ssl.crt
admin:
  port: 8442
  host: localhost
serviceEndpoints:
  someExampleBackend:
    url: https://some.example.com
  adminBackend:
    url: http://localhost:8442
policies:
  - proxy
pipelines:
  adminAPI:
    apiEndpoints:
      - admin
    policies:
      - rewrite:
          - condition:
              name: pathmatch
              match: /adminapi/:route*
            action:
              rewrite: /:route
      - proxy:
          - action:
              serviceEndpoint: adminBackend
  domeExampleAPI:
    apiEndpoints:
      - general
      - proxy:
          - action:
              serviceEndpoint: someExampleBackend
apiEndpoints:
  admin:
    host: localhost
    paths: "/adminapi/*"
  general:
    host: localhost
    methods:
      - GET
      - POST
      - PUT
      - DELETE
      - OPTIONS
    paths:
      - "/echo"

How to serve admin API over express gateways HTTPS?

1 Answers1