X

Best Practices from Oracle Development's A‑Team

  • June 17, 2020

A Simple Guide to Setup API Gateway with Oracle Integration Cloud

Executive Overview

Oracle Integration Cloud (OIC) is an Oracle managed service and it is accessible with an internet facing public URL. However, there may be requirements to access the integration service from on-premise applications over secure and private network. This requirement can be addressed by setting up an API Gateway in front of OIC. The API Gateway can provide the functionality to enable access of OIC via public or private networks. The configuration of API Gateway requires minimal effort and this blog attempts to walk through this simple process.

Solution Approach

Solution Architecture

The network topology for setting up API Gateway within a public subnet is shown in Fig. 1. In this configuration, the API Gateway resides on a public subnet within the VCN (Virtual Cloud Network). The requests from an on-premise application are routed via the Internet Gateway to the API Gateway.

API Gtwy Public

Fig. 1 API Gateway Connectivity with Oracle Integration over Public Subnet

The corresponding diagram for API Gateway over a private subnet is shown in Fig. 2. In this situation, the API Gateway is setup on a private subnet within the VCN. Accordingly, the traffic from on-premise application is routed via a secure tunnel and a DRG (Dynamic Routing Gateway) in to the API Gateway.

Fig. 2 API Gateway Connectivity with Oracle Integration over Private Subnet

This blog outlines the process to configure a simple connectivity of API Gateway with Oracle Integration over public or private subnet. Since our primary goal in this blog is to describe the basic configuration of API Gateway with Oracle Integration, other complex network routing options for this connectivity are considered out of scope. However, there is an existing blog by our colleague, Jack Desai, which goes into more details on this topic [1].

Configuration Process

The configuration of API Gateway primarily consists of 2 steps, as listed below.

  • Create the API Gateway in the VCN using public or private subnet
  • Populate the routing rules for the gateway. These are called Deployments in the API Gateway console.

I. Create API Gateway

The API Gateway can be created from the OCI console. The detailed steps are described below.

Navigation

  • Tool: OCI UI in browser
  • Console: OCI main console
  • Click on Menu: Top Left Hamburger
  • Left Side Menu: Developer Services
  • Select/Click Sub-Menu Item: API Gateway
    This selection pops up the API Gateway screen, where it needs to be created.
  • Click on Button: Create Gateway
  • A pop-up window appears as shown in Fig. 3

 

 

 

 

 

 

 

 

 

 

 

 

 

Fig. 3 Create API Gateway

Parameter Entry

The parameters and values provided below are entered for creation of the API Gateway.

  • Name: MyAPIGateway (Any meaningful name for the API Gateway, free format)
  • Type: Public/Private (Select value from drop-down list)
  • Compartment: MyCompartment (Select value from drop-down list)
  • VCN in Compartment: MyVCN (Select value from drop-down list)
  • Subnet in VCN: Public Subnet-MyVCN/Private Subnet-MyVCN(Select value from drop-down list)
  • Tags: Fill in as appropriate (optional)

Click on Create button to create the gateway.

II. Create Deployment to configure the routing rules to OIC

Next, the deployment will be configured that will contain the routing rules of all the HTTP requests going to OIC. The configuration follows a wizard driven process and is described below.

Navigation

  • Click on MyAPIGateway created in Step I
  • Left Side Menu for Resources section: Select Deployments
  • Click on Create Deployments button
  • A pop-up wizard appears for creating the deployment

Parameter Entry

The first screen of the wizard is shown in Fig. 4. The corresponding parameters and values to be entered in this screen are listed thereafter.

Fig. 4 Create Deployment Wizard - First Screen

  • Select From Scratch option (selected by default)
  • Name: OICRoute (Any meaningful name for the Deployment, free format)
  • Path Prefix: /ic (An appropriate leading prefix of the URI for OIC requests)
  • Compartment: MyCompartment (Select value from drop-down list)
  • API Request Policies: Optional section and can be ignored for our basic setup
  • API Logging Policies: Optional section and can be ignored for our basic setup

Click on Next button to proceed to next screen of the wizard. In this screen, the mapping rules for  OIC are entered, as shown in Fig. 5.

Fig. 5 Create Deployment Wizard - Second Screen

Parameters and values entered in the second screen of the wizard are listed below.

  • Path: /api/integration/{myIntegrations*} (A regular expression to capture the trailing URI for all OIC requests)
  • Methods: ANY (Select value from drop-down list to support all the types of requests)
  • Type: HTTP (Select value from drop-down list to enable routing for HTTP traffic only)
  • URL: https://myoic-mytenancy.integration.ocp.oraclecloud.com/ic/api/integration/${request.path[myIntegrations]} (Full URL for OIC service including the regular expression entered in the variable Path field earlier in this screen)
  • Timeout Parameters: Optional parameters and can be ignored for our basic setup
  • SSL check box: Optional flag and can be ignored for our basic setup
  • API Request Policies: Optional section and can be ignored for our basic setup
  • API Logging Policies: Optional section and can be ignored for our basic setup

Click on Next button to proceed to the summary screen of the wizard.

Click on Save Changes button to create the deployment.

This completes the configuration process of the API Gateway for OIC.

Testing

Navigation

  • Click on MyAPIGateway created in Step I
  • Left Side Menu for Resources section: Select Deployments
  • Click on OICRoute deployment created in Step II

Deployment Information section of the screen will have the endpoint details that can be used to send all OIC requests. It will be of the following form:

  • https://cryptichostname.apigateway.cc-region-1.oci.customer-oci.com/ic

For testing purposes, at first, we send a curl request to invoke any existing activated integration using the direct OIC endpoint . A sample curL command is shown below.

curl --location --request POST "https://myoic-mytenancy.integration.ocp.oraclecloud.com/ic/api/integration/v1/flows/rest/TESTDB/1.0/db/dept" -H "Content-Type: application/json" -H "Accept: application/json" -H "Authorization: Basic MyCredentials" -d "{ \"deptno\" : \"1\"}"
{
  "deptno" : "1",
  "deptname" : "Accounting"
}

Next, we use the curL command to invoke the same OIC integration service, but replace the OIC host name and route prefix with the API Gateway endpoint determined from the Deployment Information section earlier. The response from the same curL command using the API Gateway is shown below.

curl --location --request POST "https://cryptichostname.apigateway.us-ashburn-1.oci.customer-oci.com/ic/api/integration/v1/flows/rest/TESTDB/1.0/db/dept" -H "Content-Type: application/json" -H "Accept: application/json" -H "Authorization: Basic MyCredentials" -d "{ \"deptno\" : \"1\"}"
{
  "deptno" : "1",
  "deptname" : "Accounting"
}

We should get the same results back. This validates the setup of the API Gateway with Oracle Integration Cloud (OIC).

Summary

As the title suggests, this blog is an attempt to provide the guidelines for getting a quick start on the API Gateway configured for Oracle Integration Cloud (OIC) Service. For further details on the advanced usage of API Gateway, it is recommended to refer to the Oracle API Documentation[2].

Acknowledgements

Antony Reynolds from OIC Product Management and Jack Desai from OIC Engineering have provided their technical advice and guidance, whenever needed. Thanks also to Greg Mally in our team for his valuable assistance in preparation and validation of the blog content.

References

  1. FastConnect and VPN with Oracle Integration Cloud (OIC) - Jack Desai
  2. Creating an API Gateway - Oracle Documentation

 

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha