In this article, we would deploy the endpoint configuration for our microservices application. As mentioned earlier, we are using Cloud Endpoints for API management to secure, monitor, analyze, and set quotas on our APIs.
Endpoints support version 2 of the OpenAPI Specification. For more details, refer to https://cloud.google.com/endpoints/docs/openapi/.
The OpenAPI configuration file of our microservice project is provided in script/kube-openapi-backend.yaml.
Open kube-openapi-backend.yaml and replace the host “apis.navveenbalani.dev” with the hostname where your API would be available. My APIs are available at apis.navveenbalani.dev. If you don’t have a host readily available, you can use <api-name>.endpoints.<YOUR-PROJECT-ID>.cloud.goog in host name, replace api-name with the name for your api and YOUR-PROJECT-ID with your google project id. You can later use the host name and map it to the IP address in your DNS settings and use the host name to invoke your service. For more details, refer to Configuring DNS for Endpoints section at https://cloud.google.com/endpoints/docs/openapi/get-started-kubernetes#configuring-endpoints-dns.
Next, we would deploy the endpoints for the application by following the steps below:
- Install Google Cloud SDK (if you haven’t already) from https://cloud.google.com/sdk/) on your local machine.
- With Google SDK installed, open a command prompt and set the project. Replace navveen-api with your project id.
> gcloud config set project navveen-api
- Go to scripts folder. Deploy the endpoint configuration by running the following command: –
> gcloud endpoints services deploy kube-openapi-backend.yaml
You should see similar messages being printed on the console and a URL being provided at the end to manage your APIs.
Figure 17 – Output of endpoint deployment
- Next, create an API key to access the Endpoint. Go to https://console.cloud.google.com/apis/credentials and select your GCP project.
- Click Create credentials, and then select API key,
- Copy the key to the clipboard. We will use the API key later when calling our endpoint.
- You can further apply restrictions on the API key (like HTTP Referrer, IP address, devices etc.) on who can invoke your endpoint based on your application needs. For instance, if you want to ensure your application can be invoked by specific IP addresses only, you can specify the list of IP addresses by clicking on the IP address option