I would like to templatize the target url, so that the same proxy could be promoted from staging to production, and if the environment configuration KVM was set correctly, the proxy targets would be correct. I could not find the correct syntax for accessing the values of the KVMs.
Here’s what I tried:
<TargetEndpoint>
...
<HTTPTargetConnection>
<Properties/>
<URL>https://{environment}-info-data.google.com/resource</URL>
</HTTPTargetConnection>
</TargetEndpoint>
My KVM was called ‘target_env’, with a key of ‘environment’ and a value of ‘staging’ or ‘production’.
In staging environment, traffic would hit
https://staging-info-data.google.com/resource
In production environment, traffic would hit:
https://production-info-data.google.com/resource
Can you please show your KVM Get policy?
You should use something like:
<KeyValueMapOperations name='KVM-Get-1' mapIdentifier='nameOfMap'>
<Scope>apiproxy</Scope>
<Get assignTo='variable_to_set' index='1'>
<Key>
<Parameter ref='variable_containing_key'/>
</Key>
</Get>
</KeyValueMapOperations>
…or…
<KeyValueMapOperations name='KVM-Get-1' mapIdentifier='nameOfMap'>
<Scope>apiproxy</Scope>
<Get assignTo='variable_to_set' index='1'>
<Key>
<Parameter>key_name</Parameter>
</Key>
</Get>
</KeyValueMapOperations>
Which I think, for your case will be:
<KeyValueMapOperations name='KVM-Get-1' mapIdentifier='target_env'>
<Scope>apiproxy</Scope>
<Get assignTo='env_host' index='1'>
<Key>
<Parameter ref='env.name'/>
</Key>
</Get>
</KeyValueMapOperations><br>
And then…
<TargetEndpoint>
...
<HTTPTargetConnection>
<URL>https://{env_host}-info-data.google.com/resource</URL>
</HTTPTargetConnection>
</TargetEndpoint>
<br>
1 Like
Hi @jasonbrown
I think you should use TargetServer for this use case. You can configure TargetServer with the same name for each environment. Use this API to configure
For staging env, the payload for Target server will be:
<TargetServer name="target1">
<Host>staging-info-data.google.com</Host>
<Port>443</Port>
<IsEnabled>true</IsEnabled>
<SSLInfo>
<Enabled>true</Enabled>
</SSLInfo>
</TargetServer>
For prod env:
<TargetServer name="target1">
<Host>production-info-data.google.com</Host>
<Port>443</Port>
<IsEnabled>true</IsEnabled>
<SSLInfo>
<Enabled>true</Enabled>
</SSLInfo>
</TargetServer>
NOTE : Make sure in your Mgmt API URL, you provide the correct environment
[https://api.enterprise.apigee.com/v1/organizations/{org}/environments/{env}/targetservers](https://api.enterprise.apigee.com/v1/organizations/{org}/environments/{env}/targetservers)
You should be able to see them in the Environment Configuration tab on the UI as well once its done.
After the configuration is all set, you can just configure your TargetEndpoint in proxy as
<HTTPTargetConnection>
<LoadBalancer>
<Server name="target1"/>
</LoadBalancer>
<Path>/resource</Path>
</HTTPTargetConnection>
Depending on which environment you are calling from, it picks the corresponding Target server configuration. With this its more configuration driven as well.
hi Sai, this worked with one caveat: the request from proxy to target backend is not-secure: “GET http://…” whereas when I hardcode the url, it uses https://.. .
does the problem have to do with the sslInfo portion of the payload?
false true false keystore-alias keystore-name truststore-name
If so, where do I find the values for keystore-alias, keystore-name, and truststore-name?
HI @jasonbrown - are you seeing http on the trace tool where you think it should be showing https ? If thats the case, thats a bug in the UI, we have an issue opened for that.
Are you getting the valid response from the target ? If you are, then I believe you are good.
thank you @Sai Saran Vaidyanathan. I am getting a valid response from the target. Do you have a link to the bug in a bug-tracker anywhere that I can show my manager?
HI @jasonbrown - unfortunately, its an internal defect tracking system. However the defect ID is APIRT-2947 and once its fixed and released, it will be available in our release notes. I will track it as well. Will update this post or drop a note once this is released.
If this fixed the issue, please accept the answer so that it is useful for others as well
hi @Sai Saran Vaidyanathan has a fix to this bug been released? I’m still seeing ‘http’ rather than ‘https’
hi @jasonbrown - its not released yet. Trying to get an ETA
1st Create - Key Value Operation policy to set keys in API Proxy , as below sample -
Key Vlaue Map Operatoion Policy:
Set Key with Values:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
SetKeyValue
86400
environment
spike_key
1pm
15pm
2nd - again create - Key Value Operation policy to Get keys in API Proxy , as below sample
Get Value from Key:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
GetKVM
86400
environment
spike_key
3rd - create Spike Arrest Policy & set tag as below -
Use Key value in SpikeArrest Policy:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
Spike Arrest-1
I followed the same way for mine case like this https://{firstVar}/. But i am getting not able to deploy my proxy it is giving me this error when i am trying to hit my proxy.
{"fault":{"faultstring":"The Service is temporarily unavailable","detail":{"errorcode":"messaging.adaptors.http.flow.ServiceUnavailable"}}}
Is this a question ? If so, please ask a new question. (don’t post new questions in comments to 2 year old questions)
Hi @Dino / @Sai Saran Vaidyanathan
My OAuth VerifyAccessToken policy looks as shown below
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 async="false"continueOnError="true"enabled="true"name=“OAuthPolicy”>OAuthPolicy
false
VerifyAccessToken
request.{asekvm.access_token_position}.{asekvm.access_token_variable}
Policy tries to pick {asekvm.access_token_position}, {asekvm.access_token_variable} variables from context which are extracted from kvm just before the execution of this policy.
asekvm.access_token_position=header
asekvm.access_token_variable=access_token
This policy is resulting in an execution error. Does OAuthV2 policy support templatizing in this way? Or am I doing something wrong?