Apigee
This component was created and is maintained by an Istio partner. Please address support questions to the partner directly.
Partner | Apigee |
Support Site | https://apigee.com/about/support/portal |
Source Code | https://github.com/apigee/istio-mixer-adapter |
Latest Release | https://github.com/apigee/istio-mixer-adapter/releases |
Tested by Apigee with these Istio Versions | 1.1.x, 1.2.x, 1.3.x |
Supported Templates | Analytics , Authorization |
The Apigee Mixer adapter provides Apigee’s distributed authentication and quota policy checks as well as the ingestion of Istio telemetry for analysis and reporting.
Important: The adapter is provided in an enhanced Mixer image. The default Mixer image must be replaced and the proper CRDs must be applied in order to use these features. Complete Apigee documentation on the concepts and usage of this adapter is available on the Apigee Adapter for Istio site. For more information and product support, please contact Apigee support.
This adapter supports the authorization template and Apigee’s analytics template.
Example config:
apiVersion: config.istio.io/v1alpha2
kind: apigee
metadata:
name: apigee-handler
namespace: istio-system
spec:
apigee_base: https://istioservices.apigee.net/edgemicro
customer_base: https://myorg-test.apigee.net/istio-auth
hybrid_config: /opt/apigee/customer/default.properties
org_name: myorg
env_name: test
key: mykey
secret: mysecret
temp_dir: /tmp/apigee-istio
client_timeout: 30s
allowUnverifiedSSLCert: false
products:
refresh_rate: 2m
analytics:
legacy_endpoint: false
file_limit: 1024
auth:
api_key_claim:
api_key_cache_duration: 30m
Params
The Configuration for the Apigee adapter provides information on how the adapter should contact the Apigee proxies and how it should operate. Running the apigee-istio provision
CLI command will ensure that all proxies are installed into your Apigee environment and generate this file with all required settings for you. For additional information on this adapter or support please contact anchor-prega-support@google.com.
Field | Type | Description |
---|---|---|
apigeeBase | string | Apigee Base is the URI for a shared proxy on Apigee. Required. |
customerBase | string | Customer Base is the URI for an organization-specific proxy on Apigee. Required. |
orgName | string | Org Name is the name of the organization on Apigee. Required. |
envName | string | Env Name is the name of the environment on Apigee. Required. |
key | string | Key is used to authenticate to the Apigee proxy endpoints, generated during provisioning. Required. |
secret | string | Secret is used to authenticate to the Apigee proxy endpoints, generated during provisioning. Required. |
tempDir | string | The local directory to be used by the adapter for temporary files. Optional. Default: “/tmp/apigee-istio”. |
clientTimeout | google.protobuf.Duration | The timeout to be used for adapter requests to Apigee servers. Optional. Default: “30s” (30 seconds). |
allowUnverifiedSSLCert | bool | Set to true to allow an unknown server SSL Certificate (eg. self-signed) Optional. Default: false. |
hybridConfig | string | Path to the local Apigee Hybrid configuration file. Optional. Presence indicates Hybrid environment, must not be set for SaaS or OPDK. |
products | Params.product_options | Options specific to to products handling. |
analytics | Params.analytics_options | Options specific to to analytics handling. |
auth | Params.auth_options | Options specific to to auth handling. |
Params.analytics_options
Options specific to to analytics handling.
Field | Type | Description |
---|---|---|
legacyEndpoint | bool | If true, use legacy direct communication analytics protocol instead of buffering. Must be true for OPDK. Optional. Default: false. |
fileLimit | int64 | The number of analytics files that can be buffered before oldest files are dropped. Optional. Default: 1024. |
sendChannelSize | int64 | The size of the channel used to buffer rfecord sends in memory. Optional. Default: 10. |
collectionInterval | google.protobuf.Duration | How often spooled analytics are swept and sent to Apigee. Optional. Default: “2m” (2 minutes). |
Params.auth_options
Options specific to to auth handling.
Field | Type | Description |
---|---|---|
apiKeyCacheDuration | google.protobuf.Duration | The length of time API Keys are valid in the cache. Optional. Default: “30m” (30 minutes). |
apiKeyClaim | string | The name of a JWT claim from which to look for an api_key. Optional. Default: none. |
Params.product_options
Options specific to to products handling.
Field | Type | Description |
---|---|---|
refreshRate | google.protobuf.Duration | The rate at which the list of products is refreshed from Apigee. Optional. Default: “2m” (2 minutes). |