Mesher is able to work as a API gateway to mange traffic, to run mesher as an API gateway:
mesher --config=mesher.yaml --mode edge
The ingress rule is in mesher.yaml.
mesher.ingress.type
(optional, string) Default is servicecomb, it reads servicecomb ingress rule. It is a plugin, you can custom your own implementation.
mesher.ingress.rule.http
(optional, string) Rule about how to forward http traffic. It holds a yaml content as rule.
Below explaining the content, the rule list is like a filter, all the request will go through this rule list until matching one rule.
apiPath
(required, string) If request's url matches this, it will use this rule.
host
(optional, string) If request HOST matches this, mesher will use this rule. It can be empty. If you set both host and apiPath, the request's host and api path must match them both.
service.name
(required, string) Target back-end service name in registry service (like ServiceComb service center).
service.redirectPath
(optional, string) By default, mesher uses original request's url.
service.port.value
(optional, string) If using java chassis or go chassis to develop back-end service, no need to set it. But if back-end service uses mesher-sidecar, service port must be given here.
mesher: ingress: type: servicecomb rule: http: | - host: example.com apiPath: /some/api service: name: example redirectPath: /another/api port: name: http-legacy value: 8080 - apiPath: /some/api service: name: Server port: name: http value: 8080
Generate private key
openssl genrsa -out server.key 2048
Sign cert with private key
openssl req -new -x509 -key server.key -out server.crt -days 3650
Set file path in chassis.yaml
ssl: mesher-edge.rest.Provider.certFile: server.crt mesher-edge.rest.Provider.keyFile: server.key
To know advanced feature about TLS configuration, check https://docs.go-chassis.com/user-guides/tls.html