Installation of Apinizer on Microsoft AKS (Azure Kubernetes Service)
In first parts of the content, step by step, starting from the beginning; AKS installation, creation and use of resources and external MongoDb and ElasticSearch server steps are explained.
If there is a ready cluster on the AKS, you can directly start from the 5th step, AKS, from the Installation of Apinizer section.
1.Introduction
What is Microsoft AKS (Azure Kubernetes Service)?
Azure is a complete cloud platform that facilitates new application development by hosting existing applications.
Azure Kubernetes Service (AKS) enables you to create, configure, and manage a preconfigured cluster of virtual machines to run containerized applications.
When you deploy an AKS cluster, the master nodes and all other kubernetes nodes are deployed and configured for you.
2. Installation and Configuring AKS, AKS CLI and kubectl
AKS Cluster Installation
Since Azure contains a structure aimed at ease of use, if a special setting is not desired, it can be easily installed by proceeding with the default settings.
To create a Kubernetes cluster, the selected links in the image below are clicked in order.
If there is no selection available to give the name to the created cluster, a new resource group can be created.
As Kubernetes version, 1.18 or 1.20 major type can be selected.
Adding a Node Pool
The Node Pool contains the settings for the nodes within the cluster.
You can select an existing node definition or create a new definition.
Below is the screenshot with the name to be given to the node pool and the settings that can be selected:
Authentication Settings
In the Authentication section, you can set how you want to restrict your cluster.
Networking Settings
The Networking tab includes whether to leave network settings to Kubenet or Azure CNI, which template you want your DNS name in and security and networking settings related to access.
Integrations Settings
The Integrations tab sets your decisions regarding some of the useful integrations Azure provides.
In the last step, the settings you make go through a control mechanism and are submitted for your approval.
When you complete the process, you will see a screen like the one below.
After creating your cluster, the system related to AKS CLI and kubernetes to be installed on your computer can be checked.
3. AKS CLI Installation
Azure CLI can be installed in Windows, MacOS, and Linux environments. It can also be run in a Docker container.
The operating system version of the Azure CLI can be installed by downloading it from: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli
Then it connects to your client account on your computer with the following command and the following process.
az loginStep 1: The CLI will open your default browser and load an Azure login page.
Otherwise, open a browser page and go to this link: https://aka.ms/devicelogin. Enter the authorization code that appears on your terminal.
If there is no web browser or the Web browser cannot be opened, use the device code stream with the az Login--Use-Device-Code command.
Step 2: Sign in to the browser with your account credentials.
Then the Kubernetes command line tool kubectl should be downloaded and installed.
az aks install-cliAccess credentials must be obtained for a managed Kubernetes cluster.
By default, the credentials are combined in the .kube/config file, so kubectl can use them.
You can configure the default group using the name of the managed cluster and the name of the resource group.
az aks get-credentials --resource-group myResourceGroup --name myAKSClusterIt is checked whether the access is provided correctly with the following command.
kubectl get nodes4. Installing and Configuring Cloud MongoDb and ElasticSearch
Replicaset MongoDB and Elasticsearch are needed as stated in the Installation and Configuration document. They can be installed on any virtual server or used as a cloud, or if they already exist, the these steps can be skipped.
In this section, cloud systems in the applications' own environments are used.
- Create an account for MongoDB by going to https://account.mongodb.com/account/register and it is available for free up to a restricted DB size. Apinizer does not need a large database as it only keeps configuration definitions in MongoDB.
- For Elasticsearch, Apinizer can be defined by using an elastic service in the cloud via https://cloud.elastic.co/registration.
Mongo Cloud Configurations
After creating an account on MongoDB's own site, it is necessary to create a database with the desired name and adjust the relevant settings.
For access permission, click the Add IP Address button from the Network Access menu.
Then, fields are filled in such a way that it can be accessed from anywhere, such as the desired ip's or the Allow Access From Anywhere option selected in the image below.
Getting Mongo's Connection String
To get the Connection String that will provide the connection to the created database, turn on the Databases page and click on the Connect link.
From here, you can get the necessary information to connect to any MongoDb database editor yourself or click the Connect your application button to connect the Apinizer application.
When Java is selected as the Driver and 3.4 or higher is selected as the Version (Version), a text appears at the bottom of the screen.
This article is the definition of connection that you will connect Apinizer to Mongo by typing in apinizer-deployment.yaml file in the following sections.
5. Installing Apinizer on AKS
What is explained under this title, unlike Apinizer installation documents, describes the definition of opening Apinizer as a service.
Apinizer API Manager Installation
The .yaml file created by paying attention to the definitions in the Installation and Configuration document should be uploaded to the AKS cluster.
Below is a sample apinizer-deployment.yaml file settings.
apiVersion: v1
kind: Namespace
metadata:
name: apinizer
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: manager
namespace: apinizer
spec:
replicas: 1
selector:
matchLabels:
app: manager
version: 'v1'
template:
metadata:
labels:
app: manager
version: 'v1'
spec:
containers:
- name: manager
image: apinizercloud/manager:2022.02.5
imagePullPolicy: IfNotPresent
env:
- name: SPRING_PROFILES_ACTIVE
value: prod
- name: SPRING_DATA_MONGODB_DATABASE
value: apinizerdb-aws
- name: SPRING_DATA_MONGODB_URI
value: 'mongodb://apinizer:<PASSWORD>@apinizercluster-shard-00-00.wp2bb.mongodb.net:27017,apinizercluster-shard-00-01.wp2bb.mongodb.net:27017,apinizercluster-shard-00-02.wp2bb.mongodb.net:27017/ApinizerDb?ssl=true&replicaSet=atlas-dvz21z-shard-0&authSource=admin&retryWrites=true&w=majority'
- name: JAVA_OPTS
value: ' -Xmx1400m -Xms1400m'
resources:
requests:
memory: '2Gi'
cpu: '1'
limits:
memory: '2Gi'
cpu: '1'
ports:
- name: http
containerPort: 8080kubectl apply -f D:\apinizer\AKS\apinizer-deployment.yaml
namespace/apinizer created
deployment.apps/manager created
kubectl get pods -n apinizer
NAME READY STATUS RESTARTS AGE
manager-646fcdd894-ktt97 1/1 Running 1 42s
After Apinizer API Manager is installed in AKS environment, a database named apinizerdb will be created in MongoDB database. The license key given to you by Apinizer must be entered in the general_settings table.
The following permissions must be defined for accessing and managing Kubernetes resources via Apinizer API Manager.
Below is a sample service.yaml file settings.
apiVersion: v1
kind: Namespace
metadata:
name: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-systemBelow is a sample adminuser.yaml file settings.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-systemkubectl apply -f D:\apinizer\AKS\service.yaml
kubectl apply -f D:\apinizer\AKS\adminuser.yaml
kubectl create clusterrolebinding permissive-binding --clusterrole=cluster-admin --user=admin --user=kubelet --group=system:serviceaccounts
kubectl create clusterrolebinding apinizer -n kube-system --clusterrole=cluster-admin --serviceaccount=kube-system:apinizerCreating Access Service for Apinizer API Manager
After the installation is complete, a service is required to access the Apinizer API Manager.
A service is created by following the steps below.
Sometimes it may take a minute or two to get an external IP.
kubectl expose -n apinizer deployment.apps/manager --port=80 --target-port=8080 --name=apinizer-console-service --type=LoadBalancer
service/apinizer-console-service exposed
kubectl get svc -n apinizer
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
apinizer-console-service LoadBalancer 10.100.98.34 20.10.30.40 80:31234/TCP 47s6. Accessing the Apinizer API Manager
You can log in by typing the service access address in step 2 into the address bar of the browser.
You can contact Apinizer support team for the default username and password.
Apinizer API Manager Address generated according to these settings: http://20.10.30.40/
7. Apinizer Configurations
Defining Log Servers
Apinizer maintains API traffic and metrics in the Elasticsearch database. Elasticsearch cluster definitions must be made in order to continue with the installation process.
In Apinizer Administration Console, go to Administration → Server Management → Elasticsearch Clusters page from the menu.
The picture below shows the Elasticsearch cluster definition:
Test Connection button can be used to test Elasticsearch server connection with Apinizer.
Defining the Environment
In order for an API Proxy to be accessible, at least one environment must be deployed. Apinizer also allows an API Proxy to be installed in multiple environments.
In Apinizer API Manager application, go to Administration → Server Management → Gateway Environment page from the menu.
The picture below shows the environment settings:
The following values are the default values of the servers. Cluster can be changed according to your resources.
By clicking on the Create Environment button, the environment definition process is completed.
When the environments are listed, the Prod-type environment is deployed to AKS by clicking the Unpublished button and then Publish button, which shows the status of the relevant environment on the screen.
The process will be deployed to AKS in approximately 3 minutes.
Click for detailed information about environment definition and deploying processes.
Opening the Environment as a Service
Finally, a service needs to be created to access the APIs that will run in the Environment we published.
kubectl expose -n prod deployment.apps/worker --port=80 --target-port=8091 --name=apinizer-worker-service --type=LoadBalancer
service/apinizer-worker-service exposed
kubectl get svc -n prod
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
apinizer-worker-service LoadBalancer 10.100.210.107 20.10.30.50 80:31544/TCP 54sThe AKS-generated LoadBalancer (EXTERNAL-IP) value must be set as the Access URL value of the defined Prod Environment.
First, the edit button in the Environment Info table of the page where the environment is clicked.
After that, the Access URL information of the environment is changed by clicking the edit button.
8. Publishing and Testing the First API in Apinizer
In the last step, it is explained how to open an API to Apinizer as an API Proxy through a sample API definition file.
The project where API Proxy will be registered is selected from the navbar menu.
The project where API Proxy will be registered is selected from the navbar menu.
From the project menu in the Apinizer API Manager application, go to the Development → API Proxies page.
Click the Proxy button to define a new API Proxy.
In the image below, the source from where the API Proxy will be created is selected with the selected link.
It is parsed by entering the link of the API Definition file.
API Proxy information is entered and the Save button is clicked.
The Deploy button selected in the image below is used to deploy the API Proxy.
The deployment is confirmed.
From the Develop tab of API Proxy, the Test Endpoint button on the endpoint to be tested is clicked.
The picture below shows the test dialog:
For detailed information about API Proxy, see the Developer Guide.
Click here for detailed information about the Test Console.