This is a fork repository from https://github.com/3scale/APIcast initially created to use a ubi8-minimal based image because it is a smaller image, we will have less packages to maintain and in turn fewer CVEs.
APIcast is an API gateway built on top of NGINX. It is part of the Red Hat 3scale API Management Platform.
master
branch is not recommended for production use. For the latest
release, go to the Releases page
You need to specify an ACCESS_TOKEN
, that you can get from the 3scale admin
portal, and also your ADMIN_PORTAL_DOMAIN
. If you are using SaaS, it is
YOUR_ACCOUNT-admin.3scale.net
.
docker run --name apicast --rm -p 8080:8080 -e THREESCALE_PORTAL_ENDPOINT=https://ACCESS_TOKEN@ADMIN_PORTAL_DOMAIN quay.io/3scale/apicast:master
You can use a JSON configuration file instead:
docker run --name apicast --rm -p 8080:8080 -v $(pwd)/config.json:/opt/app/config.json:ro -e THREESCALE_CONFIG_FILE=/opt/app/config.json quay.io/3scale/apicast:master
In this example config.json
is located in the same directory where the
docker
command is executed, and it is mounted as a volume at
/opt/app/config.json
. :ro
indicates that the volume will be read-only.
The JSON file needs to follow the schema, see an example file with the fields that are used by APIcast.
You need to create a secret with your ACCESS_TOKEN
and your ADMIN_PORTAL_DOMAIN
:
oc create secret generic apicast-configuration-url-secret \
--from-literal=password=https://ACCESS_TOKEN@ADMIN_PORTAL_DOMAIN \
--type=kubernetes.io/basic-auth
oc new-app -f https://raw.githubusercontent.com/3scale/apicast/master/openshift/apicast-template.yml
- Performance: it is fast because it's built on top of NGINX and uses LuaJIT.
- Scalability: APIcast is stateless, so it scales horizontally.
- Request transformation: allows to modify the headers, the path and the arguments of a request.
- Rate-limit: can apply limits based on a header, JWT claims, the IP of the request and many more.
- Modular and extensible: thanks to the APIcast policies framework.
- Monitoring with Prometheus.
- NGINX instrumentation using OpenTelemetry. Works with Jaeger.
- Can be deployed in Openshift.
- Integrates with IDPs like Keycloak to provide authentication based on OIDC.
Using Docker you just need to run:
make development
That will create a Docker container and run bash inside it. The project's source
code will be available in the container and sync'ed with your local apicast
directory, so you can edit files in your preferred environment and still be able
to run whatever you need inside the Docker container.
To install the dependencies inside the container run:
make dependencies
To run the unit tests inside the container:
make busted
To run the integration tests inside the container:
make prove
To learn about the other available make targets:
make help
APIcast uses:
- OpenResty: a platform that includes NGINX, LuaJIT and Lua modules.
- busted: for the unit tests.
- Test::Nginx: for the integration tests.
More info can be found in the development specific doc.