Ocelot API Gateway implementation in AKS

Pwncic 1 Reputation point
2020-11-13T22:31:57.617+00:00

I'm creating AKS cluster, and I want to use API gateway (Ocelot ) to route, and authenticate requests towards containers(microservices) behind the gateway. My question is how to achieve this? I know I must deploy ocelot API gateway inside node, but I don't know how will I configure all traffic to go through API gateway. Can't find an example or directions that could help me. What steps do I need to take? Or is there maybe a better way of accomplishing the desired scenario?

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,931 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. vipullag-MSFT 25,441 Reputation points
    2020-11-15T04:03:14.91+00:00

    @Pwncic

    Apologies in delayed response on this.

    Please check this document which has the details on implementing API Gateway with Ocelot.
    Also, on ocelot documentation, there are details "If you have services deployed in Kubernetes you will normally use the naming service to access them. Ocelot will call the k8s endpoints API in a given namespace to get all of the endpoints for a pod and then load balance across them". Please check this document for more details on this.

    Hope the provided information is helpful.

    Please 'Accept as answer' if it helped, so that it can help others in the community looking for help on similar topics.

    0 comments No comments

  2. Pwncic 1 Reputation point
    2020-11-15T19:59:52.407+00:00

    @vipullag-MSFT

    I already did,

    you will normally use the naming service to access them

    It is not clear to me, do I need to use Ingress or Network policy is just enough?
    What is "naming service"?

    I want that no microservice is directly accessible except through API gateway.
    When the cluster is created, are all pods by default accessible from the Internet or not?