Hybrid Cloud & Azure API Management : Self-Hosted Gateway

Hey everyone, Recently the Self-Hosted Gateway of the Azure API Management was released to GA.

The Self-Hosted Gateway will open a door and create a way to enable the hybrid cloud. It means, now, we can deploy Azure API Management anywhere !

  • In another cloud provider, On-Premises or both :
  • What are the benefits ?

First you will get benefit of all what Azure API Management offers (Policies, Logs …), then let’s assume that you already use APIM on another project on Azure and you want to keep the same policy for another application deployed inside another Cloud Provider. You just have to enable the gateway and configure APIM.

Let’s assume that your teams use a local version of the application, in order to test the application before deploying it. You may get benefit of APIM Self-Hosted feature to deploy it On-Premise so your team may test it. Now, your developers may test the policy and their APIs locally.

That’s not all of course, it depends on your use case :).

  • How it works ?

I will show you how it works through a demo. The architecture will be as below :

The idea here is to deploy Azure API Management inside Google Kubernetes Engine.

Note that the self-hosted gateway is packaged as a docker container which means you can run anywhere using an orchestrator.

  • Step 1 — Create a GKE :

You need to enable the GKE Api and download the Google Cloud SDK.

Run the init command :

gcloud init

Then create the cluster :

gcloud container clusters create hybrid-cluster

Once is done, an entry is added automatically to the kubeconfig. Otherwise, run :

gcloud container clusters get-credentials cluster-name

to add the entry.

Once is done, you will get this beauty :

Step 2 — Create Azure API Management :

Back to Azure, we need an instance of APIM, create one :

You must have this :

Step 3 — Enable the Self-Hosted Gateway :

Go to the gateway tab, and create one :

The name is the gateway’s name, the location, I put GCP ( to reference Google Cloud Platform). for the APis, I added the echo one for the demo. You may add yours.

Step 4 — Deploy API Management inside GKE :

Go to the deployment tab of the gateway :

Click on Kubernetes :

You will get some commands :

kubectl create secret generic hybrid-token --from-literal=value="GatewayKey hybrid&202006031551&fsnFBO92zYDbDskDGxjNrdmIsdshZv7YMrnCCTWA58T8zVQ+aKI3tfioAAxVQTAjZUfEWDDGwdHZldze6slcZQ=="  --type=Opaque

This one, creates a secret with the gateway Key.

Then download tha configuration file and run :

kubectl apply -f hybrid.yaml

Once is done run :

kubectl get services

you must have as following :

(Not the IPs of course).

Step 5 — Test it !

Using the endpoint of Azure :

Using the endpoint of Google Cloud:

Now, let’s take a look for the logs.

Get the name of the pod :

kubectl get pods

then run :

kubectl logs <NAME>

you must get all these logs and also :

the details of the request that we just sent.

Note that the configuration is maintained inside Azure. Let’s play with it and see what it gives :

I will try to return another response when running the Get API of the echo-api :

I will add the following to the outbound policy :

<return-response>  <set-status code="200" reason="Get GKE"/>  <set-body>Hello From Google</set-body></return-response>

The policy must be something like :

First let’s check the logs :

Note that the configuration is pulled automatically without any need of restart.

Let’s try the request again :

Here is it ! the new policy is applied to the echo-api automatically.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store