问题描述
限时送ChatGPT账号..例如,我们有一些服务.
For example, we have a few services.
账户服务产品服务支付服务每项服务都是一个单独的 Google Cloud Function.每个服务都有自己的 HTTP API.例如账户服务有:
Each service is a separate Google Cloud Function. Each service has its own HTTP API. For example, the account service has:
https://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions/account/sign-uphttps://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions/account/sign-inhttps://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions/account/reset-password等每个服务都有自己的 swagger 文档端点 /docs
.
Each service has its own swagger documentation endpoint /docs
.
如何将我的 Cloud Functions 设为私有(没有公共访问权限)并将它们置于某个 API 网关之后?
How can I make my Cloud Functions private (without public access) and place them behind some API Gateway?
Google 为 Cloud Functions 提供端点(请参阅 https://cloud.google/endpoints/docs/openapi/get-started-cloud-functions).但是,据我了解,Endpoints 只允许您定义 yaml OpenAPI 文件.
Google offers Endpoints for Cloud Functions (see https://cloud.google/endpoints/docs/openapi/get-started-cloud-functions ). But, as I understand it, Endpoints allow you to define only the yaml OpenAPI file.
在这个 yaml 文件中,我可以定义如下内容:
In this yaml file, I can define something like this:
swagger: '2.0'
info:
title: Cloud Endpoints + GCF
description: Sample API on Cloud Endpoints with a Google Cloud Functions backend
version: 1.0.0
host: HOST
schemes:
- https
produces:
- application/json
paths:
/hello:
get:
summary: Greet a user
operationId: hello
x-google-backend:
address: https://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions/helloGET
responses:
'200':
description: A successful response
schema:
type: string
但就我而言,我需要能够代理我的云功能(如反向代理).
But in my case, I need to have ability to proxy my cloud functions (like reverse proxy).
推荐答案
您可以使用端点.当然,您必须手动定义 OpenAPI yaml 文件(版本 2.0,而不是 3!).使用通配符和路径翻译定义
You can use endpoint. Of course, you have to define your OpenAPI yaml file manually (version 2.0, not 3!). Use wildcard and path translation definition
...
paths:
/account/*:
get:
summary: sign-up a user
operationId: sign-up
x-google-backend:
address: https://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions
path_translation: APPEND_PATH_TO_ADDRESS
responses:
'200':
description: A successful response
schema:
type: string
APPEND_PATH_TO_ADDRESS
只需将路径值粘贴到后端定义的末尾即可.顺便说一句,仅使用此定义,您就可以访问所有私有函数端点和子端点,例如您的 swagger 文档.
The APPEND_PATH_TO_ADDRESS
simply paste the path value at the end of your backend definition. By the way, with only this definition, you can reach all your private function endpoint and sub-endpoint, like your swagger documentation.
您可以使用 API KEY 保护您的网关(我写了一篇关于此的文章)但文档中还有另一种安全解决方案.
You can protect your gateway with API KEY (I wrote an article on this) but there is also another security solution in the documentation.
但是您无法使用 Endpoint 提出的开发者门户,因为它基于 Endpoint yaml 文件定义,而不是聚合所有发现的服务定义(在您的 /docs
路径中).
However you couldn't use the developer portal proposed by Endpoint because it's based on the Endpoint yaml file definition and not aggregate all the discovered service definition (in your /docs
path).
这篇关于带有 Google Cloud Functions 的微服务 Api 网关的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
更多推荐
[db:关键词]
发布评论