Oracle Integration Cloud (OIC) is an Oracle managed service and it is accessible with an internet facing public URL. However, there may be requirements to access the integration service from on-premise applications over secure and private network. This requirement can be addressed by setting up an API Gateway in front of OIC. The API Gateway can provide the functionality to enable access of OIC via public or private networks. The configuration of API Gateway requires minimal effort and this blog attempts to walk through this simple process.
The network topology for setting up API Gateway within a public subnet is shown in Fig. 1. In this configuration, the API Gateway resides on a public subnet within the VCN (Virtual Cloud Network). The requests from an on-premise application are routed via the Internet Gateway to the API Gateway.
Fig. 1 API Gateway Connectivity with Oracle Integration over Public Subnet
The corresponding diagram for API Gateway over a private subnet is shown in Fig. 2. In this situation, the API Gateway is setup on a private subnet within the VCN. Accordingly, the traffic from on-premise application is routed via a secure tunnel and a DRG (Dynamic Routing Gateway) in to the API Gateway.
Fig. 2 API Gateway Connectivity with Oracle Integration over Private Subnet
This blog outlines the process to configure a simple connectivity of API Gateway with Oracle Integration over public or private subnet. Since our primary goal in this blog is to describe the basic configuration of API Gateway with Oracle Integration, other complex network routing options for this connectivity are considered out of scope. However, there is an existing blog by our colleague, Jack Desai, which goes into more details on this topic [1].
The configuration of API Gateway primarily consists of 2 steps, as listed below.
The API Gateway can be created from the OCI console. The detailed steps are described below.
Navigation
Fig. 3 Create API Gateway
Parameter Entry
The parameters and values provided below are entered for creation of the API Gateway.
Click on Create button to create the gateway.
Next, the deployment will be configured that will contain the routing rules of all the HTTP requests going to OIC. The configuration follows a wizard driven process and is described below.
Navigation
Parameter Entry
The first screen of the wizard is shown in Fig. 4. The corresponding parameters and values to be entered in this screen are listed thereafter.
Fig. 4 Create Deployment Wizard - First Screen
Click on Next button to proceed to next screen of the wizard. In this screen, the mapping rules for OIC are entered, as shown in Fig. 5.
Fig. 5 Create Deployment Wizard - Second Screen
Parameters and values entered in the second screen of the wizard are listed below.
Click on Next button to proceed to the summary screen of the wizard.
Click on Save Changes button to create the deployment.
This completes the configuration process of the API Gateway for OIC.
Navigation
Deployment Information section of the screen will have the endpoint details that can be used to send all OIC requests. It will be of the following form:
For testing purposes, at first, we send a curl request to invoke any existing activated integration using the direct OIC endpoint . A sample curL command is shown below.
curl --location --request POST "https://myoic-mytenancy.integration.ocp.oraclecloud.com/ic/api/integration/v1/flows/rest/TESTDB/1.0/db/dept" -H "Content-Type: application/json" -H "Accept: application/json" -H "Authorization: Basic MyCredentials" -d "{ \"deptno\" : \"1\"}" { "deptno" : "1", "deptname" : "Accounting" }
Next, we use the curL command to invoke the same OIC integration service, but replace the OIC host name and route prefix with the API Gateway endpoint determined from the Deployment Information section earlier. The response from the same curL command using the API Gateway is shown below.
curl --location --request POST "https://cryptichostname.apigateway.us-ashburn-1.oci.customer-oci.com/ic/api/integration/v1/flows/rest/TESTDB/1.0/db/dept" -H "Content-Type: application/json" -H "Accept: application/json" -H "Authorization: Basic MyCredentials" -d "{ \"deptno\" : \"1\"}" { "deptno" : "1", "deptname" : "Accounting" }
We should get the same results back. This validates the setup of the API Gateway with Oracle Integration Cloud (OIC).
As the title suggests, this blog is an attempt to provide the guidelines for getting a quick start on the API Gateway configured for Oracle Integration Cloud (OIC) Service. For further details on the advanced usage of API Gateway, it is recommended to refer to the Oracle API Documentation[2].
Antony Reynolds from OIC Product Management and Jack Desai from OIC Engineering have provided their technical advice and guidance, whenever needed. Thanks also to Greg Mally in our team for his valuable assistance in preparation and validation of the blog content.
Previous Post