SlideShare a Scribd company logo
1 of 28
Download to read offline
Route Service
03/31/2016
Etourneau Gwenn
@The_shinji62
About me
Etourneau Gwenn
Sr Solution Architect
Bef.: Platform Architect
https://github.com/shinji62
https://twitter.com/the_shinji62
Pivotal
• Spring Framework
• RabbitMQ
• Concourse
• Cloud Foundry
• Pivotal Tracker
• Gemfire
Agenda
• Cloud Foundry
• Route service
• Usage
• Demo
• Q&A
Cloud Foundry
• Truly OpenSource Platform as a Service
• Aim to be de-facto enteprise PaaS
• Huge community
• Authentication, Log Agg., LB, Service, High Availability …
• Support Buildpack and Docker as well
• IaaS Agnostic (Bosh)
cf push
Application deployed
Deploying to Cloud Foundry
Route Service
What’s that ?!
I want to forward every request to test.local.pcfdev.io through https://
rproxy.mydomain.io
As a Cloud Foundry user I want to be able to forward
all my request
for my.domain.com to my.service.com
Why?!
• Off-load authentication
• Rate-limiting
• Inspect request
• Plug with your internal system
• etc …
Normal Request
R
O
U
T
E
R
App
Load Balancer
1
Client to LB
2
LB to CF router
3
Router to the
apps test.local.pcfdev.io
Request with RS outside CF
R
O
U
T
E
R
App
Route-Service
Load Balancer
1
Client to LB
2
LB to CF router
3 Router to the
route-service
4
RS to Load
Balancer
6
Router to the
application
5
LB to CF
router
test.local.pcfdev.io
rproxy.mydomain.io
Request with RS in CF
R
O
U
T
E
R
App
Route
Service
Load Balancer
1
Client to Load
Balancer
2
LB to CF router
5
RS to Load
Balancer
7
Router to the
application
6
LB to CF
router
3
CF router To RS
4
Router to the
route-service
rproxy.mydomain.io
test.local.pcfdev.io
Request with RS
Route-Service
X-CF-Proxy-Signature
X-CF-Proxy-Metadata
Router forward original request to RS
R
O
U
T
E
R
X-CF-Forwarded-Url ==>
rproxy.mydomain.io
test.local.pcfdev.io
Headers by CF routers
Contains the URL of the application route. The route service
should forward the request to this URL.
X-CF-Forwarded-Url
X-CF-Proxy-Signature
Every request is sign by the goRouter.
Use by the router to validate the request.
X-CF-Proxy-Metadata
test.local.pcfdev.io
Response with RS
Route-Service
Sent Response to Router
R
O
U
T
E
R
X-CF-Proxy-Signature
X-CF-Proxy-Metadata
Requirements
• CF-Release >= 231
• Cloud Foundry CLI >= 6.16.0
• Router secret should be configure in the CF manifest.
Manifest properties
Properties names Description
route_services_secret Secret use to encrypt the signature
route_services_recommend_https
Scheme recommended between RS and
final domain
route_services_secret_decrypt_only Use to rotate the secret Key
route_services_timeout
Route services must forward the request
to the application route within this timeout
ssl_skip_validation
CF router only forward over HTTPS
Use this to skip ssl validation
Usage with User Provided
• Don’t need service broker
• Simply create an user provided instances
• Bind the service to the hostname and domain !
• Not the application !
I want to forward every request to test.local.micropcf.io through the
service “my-route-service” (https://rproxy.mydomain.io)
>$ cf create-user-provided-service my-route-service -r https://rproxy.mydomain.io
>$ cf bind-route-service local.pcfdev.io my-route-service -n test
Usage with Service Broker
• Catalog should include “requires:route_forwarding”
• Bind response should include
“route_service_url:my.endpoint.com”
I want to forward every request to test.local.micropcf.io through the
service “route-service” (https://rproxy.mydomain.io)
>$ cf bind-route-service local.micropcf.io route-service -n test
>$ cf create-service service-broker plan my-route-service
Demo
Request with RS in CF
R
O
U
T
E
R
App
Route
Service
Load Balancer
1
Client to Load
Balancer
2
LB to CF router
5
RS to Load
Balancer
7
Router to the
application
6
LB to CF
router
3
CF router To RS
4
Router to the
route-service
Without RS
With RS
Documentation
• Route-Service
• http://docs.cloudfoundry.org/services/route-services.html
• Blog post about Route-Service
• https://www.cloudfoundry.org/route-services/
Examples
• Rate Limiting (Java)
• https://github.com/cloudfoundry-samples/ratelimit-service
• Sleeping (Go)
• https://github.com/cloudfoundry-samples/logging-route-service
• Simple reverse proxy (Go)
• https://github.com/shinji62/route-service-cf
Today materials
• materials
• https://github.com/shinji62/cf-meetup-tokyo-2016-03-01--1
Q & A
Thank You !!

More Related Content

What's hot

Auto-scaled Concourse CI on AWS w/o BOSH
Auto-scaled Concourse CI on AWS w/o BOSHAuto-scaled Concourse CI on AWS w/o BOSH
Auto-scaled Concourse CI on AWS w/o BOSH佑介 九岡
 
London Community Summit - Habitat 2016
London Community Summit - Habitat 2016London Community Summit - Habitat 2016
London Community Summit - Habitat 2016Sarah Richards
 
Zero to #Serverless in 60 seconds, anywhere
Zero to #Serverless in 60 seconds, anywhereZero to #Serverless in 60 seconds, anywhere
Zero to #Serverless in 60 seconds, anywhereAlex Ellis
 
Ceylon From Here to Infinity: The Big Picture and What's Coming
Ceylon From Here to Infinity: The Big Picture and What's Coming Ceylon From Here to Infinity: The Big Picture and What's Coming
Ceylon From Here to Infinity: The Big Picture and What's Coming Virtual JBoss User Group
 
Ansible Introduction
Ansible Introduction Ansible Introduction
Ansible Introduction Robert Reiz
 
Lessons Learned: Using Concourse In Production
Lessons Learned: Using Concourse In ProductionLessons Learned: Using Concourse In Production
Lessons Learned: Using Concourse In ProductionShingo Omura
 
Implementation of the Continuous Integration based on Atlassian Bamboo
 Implementation of the Continuous Integration based on Atlassian Bamboo Implementation of the Continuous Integration based on Atlassian Bamboo
Implementation of the Continuous Integration based on Atlassian BambooАнете Аннемария
 
CI/CD Using Ansible and Jenkins for Infrastructure
CI/CD Using Ansible and Jenkins for InfrastructureCI/CD Using Ansible and Jenkins for Infrastructure
CI/CD Using Ansible and Jenkins for InfrastructureFaisal Shaikh
 
Built in ci-cd with kubernetes, jenkins and helm
Built in ci-cd with kubernetes, jenkins and helmBuilt in ci-cd with kubernetes, jenkins and helm
Built in ci-cd with kubernetes, jenkins and helmPau López
 
HOW TO DRONE.IO IN CI/CD WORLD
HOW TO DRONE.IO IN CI/CD WORLDHOW TO DRONE.IO IN CI/CD WORLD
HOW TO DRONE.IO IN CI/CD WORLDAleksandr Maklakov
 
OpenFaaS KubeCon Zero to Serverless in 60 seconds anywhere
OpenFaaS KubeCon Zero to Serverless in 60 seconds anywhereOpenFaaS KubeCon Zero to Serverless in 60 seconds anywhere
OpenFaaS KubeCon Zero to Serverless in 60 seconds anywhereAlex Ellis
 
GitOps meets Serverless
GitOps meets ServerlessGitOps meets Serverless
GitOps meets ServerlessAlex Ellis
 
TechXLR8 - XLR8 your cloud with Docker and Serverless FaaS
TechXLR8 - XLR8 your cloud with Docker and Serverless FaaSTechXLR8 - XLR8 your cloud with Docker and Serverless FaaS
TechXLR8 - XLR8 your cloud with Docker and Serverless FaaSAlex Ellis
 
"Workstation Up" - Docker Development at Flow by Mike Roth
"Workstation Up" - Docker Development at Flow by Mike Roth"Workstation Up" - Docker Development at Flow by Mike Roth
"Workstation Up" - Docker Development at Flow by Mike RothDocker, Inc.
 
OpenFaaS serverless framework for Docker and Kubernetes - London
OpenFaaS serverless framework for Docker and Kubernetes - LondonOpenFaaS serverless framework for Docker and Kubernetes - London
OpenFaaS serverless framework for Docker and Kubernetes - LondonAlex Ellis
 
BlaBlaCar and infrastructure automation
BlaBlaCar and infrastructure automationBlaBlaCar and infrastructure automation
BlaBlaCar and infrastructure automationsinfomicien
 
Serverless Pune meetup 3
Serverless Pune meetup 3Serverless Pune meetup 3
Serverless Pune meetup 3Vishal Biyani
 
Enabling Hybrid Workflows with Docker/Mesos @Orbitz
Enabling Hybrid Workflows with Docker/Mesos @OrbitzEnabling Hybrid Workflows with Docker/Mesos @Orbitz
Enabling Hybrid Workflows with Docker/Mesos @OrbitzSteve Hoffman
 
Migration Station at SAS - DevOps for Fusion with Version Control and Continu...
Migration Station at SAS - DevOps for Fusion with Version Control and Continu...Migration Station at SAS - DevOps for Fusion with Version Control and Continu...
Migration Station at SAS - DevOps for Fusion with Version Control and Continu...Lucidworks
 

What's hot (20)

Auto-scaled Concourse CI on AWS w/o BOSH
Auto-scaled Concourse CI on AWS w/o BOSHAuto-scaled Concourse CI on AWS w/o BOSH
Auto-scaled Concourse CI on AWS w/o BOSH
 
London Community Summit - Habitat 2016
London Community Summit - Habitat 2016London Community Summit - Habitat 2016
London Community Summit - Habitat 2016
 
Zero to #Serverless in 60 seconds, anywhere
Zero to #Serverless in 60 seconds, anywhereZero to #Serverless in 60 seconds, anywhere
Zero to #Serverless in 60 seconds, anywhere
 
Ceylon From Here to Infinity: The Big Picture and What's Coming
Ceylon From Here to Infinity: The Big Picture and What's Coming Ceylon From Here to Infinity: The Big Picture and What's Coming
Ceylon From Here to Infinity: The Big Picture and What's Coming
 
Ansible Introduction
Ansible Introduction Ansible Introduction
Ansible Introduction
 
Lessons Learned: Using Concourse In Production
Lessons Learned: Using Concourse In ProductionLessons Learned: Using Concourse In Production
Lessons Learned: Using Concourse In Production
 
Implementation of the Continuous Integration based on Atlassian Bamboo
 Implementation of the Continuous Integration based on Atlassian Bamboo Implementation of the Continuous Integration based on Atlassian Bamboo
Implementation of the Continuous Integration based on Atlassian Bamboo
 
CI/CD Using Ansible and Jenkins for Infrastructure
CI/CD Using Ansible and Jenkins for InfrastructureCI/CD Using Ansible and Jenkins for Infrastructure
CI/CD Using Ansible and Jenkins for Infrastructure
 
Built in ci-cd with kubernetes, jenkins and helm
Built in ci-cd with kubernetes, jenkins and helmBuilt in ci-cd with kubernetes, jenkins and helm
Built in ci-cd with kubernetes, jenkins and helm
 
How Docker simplifies CI/CD
How Docker simplifies CI/CDHow Docker simplifies CI/CD
How Docker simplifies CI/CD
 
HOW TO DRONE.IO IN CI/CD WORLD
HOW TO DRONE.IO IN CI/CD WORLDHOW TO DRONE.IO IN CI/CD WORLD
HOW TO DRONE.IO IN CI/CD WORLD
 
OpenFaaS KubeCon Zero to Serverless in 60 seconds anywhere
OpenFaaS KubeCon Zero to Serverless in 60 seconds anywhereOpenFaaS KubeCon Zero to Serverless in 60 seconds anywhere
OpenFaaS KubeCon Zero to Serverless in 60 seconds anywhere
 
GitOps meets Serverless
GitOps meets ServerlessGitOps meets Serverless
GitOps meets Serverless
 
TechXLR8 - XLR8 your cloud with Docker and Serverless FaaS
TechXLR8 - XLR8 your cloud with Docker and Serverless FaaSTechXLR8 - XLR8 your cloud with Docker and Serverless FaaS
TechXLR8 - XLR8 your cloud with Docker and Serverless FaaS
 
"Workstation Up" - Docker Development at Flow by Mike Roth
"Workstation Up" - Docker Development at Flow by Mike Roth"Workstation Up" - Docker Development at Flow by Mike Roth
"Workstation Up" - Docker Development at Flow by Mike Roth
 
OpenFaaS serverless framework for Docker and Kubernetes - London
OpenFaaS serverless framework for Docker and Kubernetes - LondonOpenFaaS serverless framework for Docker and Kubernetes - London
OpenFaaS serverless framework for Docker and Kubernetes - London
 
BlaBlaCar and infrastructure automation
BlaBlaCar and infrastructure automationBlaBlaCar and infrastructure automation
BlaBlaCar and infrastructure automation
 
Serverless Pune meetup 3
Serverless Pune meetup 3Serverless Pune meetup 3
Serverless Pune meetup 3
 
Enabling Hybrid Workflows with Docker/Mesos @Orbitz
Enabling Hybrid Workflows with Docker/Mesos @OrbitzEnabling Hybrid Workflows with Docker/Mesos @Orbitz
Enabling Hybrid Workflows with Docker/Mesos @Orbitz
 
Migration Station at SAS - DevOps for Fusion with Version Control and Continu...
Migration Station at SAS - DevOps for Fusion with Version Control and Continu...Migration Station at SAS - DevOps for Fusion with Version Control and Continu...
Migration Station at SAS - DevOps for Fusion with Version Control and Continu...
 

Viewers also liked

Monitor Cloud Foundry and Bosh with Prometheus
Monitor Cloud Foundry and Bosh with PrometheusMonitor Cloud Foundry and Bosh with Prometheus
Monitor Cloud Foundry and Bosh with PrometheusGwenn Etourneau
 
Demo Pivotal Circle Of Code
Demo Pivotal Circle Of CodeDemo Pivotal Circle Of Code
Demo Pivotal Circle Of CodeGwenn Etourneau
 
从玩具到生产 - Cloud Foundry 上海峰会2015年
从玩具到生产 - Cloud Foundry 上海峰会2015年从玩具到生产 - Cloud Foundry 上海峰会2015年
从玩具到生产 - Cloud Foundry 上海峰会2015年Duncan Johnston-Watt
 
Pivotal Cloud Foundry: Building a diverse geo-architecture for Cloud Native A...
Pivotal Cloud Foundry: Building a diverse geo-architecture for Cloud Native A...Pivotal Cloud Foundry: Building a diverse geo-architecture for Cloud Native A...
Pivotal Cloud Foundry: Building a diverse geo-architecture for Cloud Native A...DataStax Academy
 
Team Support in Concourse CI 2.0 #concourse_tokyo
Team Support in Concourse CI 2.0 #concourse_tokyoTeam Support in Concourse CI 2.0 #concourse_tokyo
Team Support in Concourse CI 2.0 #concourse_tokyoToshiaki Maki
 
Cloud Foundry Technical Overview
Cloud Foundry Technical OverviewCloud Foundry Technical Overview
Cloud Foundry Technical Overviewcornelia davis
 
Bosh - Configuring Services
Bosh - Configuring ServicesBosh - Configuring Services
Bosh - Configuring ServicesAndrew Shafer
 

Viewers also liked (10)

Monitor Cloud Foundry and Bosh with Prometheus
Monitor Cloud Foundry and Bosh with PrometheusMonitor Cloud Foundry and Bosh with Prometheus
Monitor Cloud Foundry and Bosh with Prometheus
 
Lattice yapc-slideshare
Lattice yapc-slideshareLattice yapc-slideshare
Lattice yapc-slideshare
 
Demo Pivotal Circle Of Code
Demo Pivotal Circle Of CodeDemo Pivotal Circle Of Code
Demo Pivotal Circle Of Code
 
ConcourseCi Dockerimage
ConcourseCi DockerimageConcourseCi Dockerimage
ConcourseCi Dockerimage
 
从玩具到生产 - Cloud Foundry 上海峰会2015年
从玩具到生产 - Cloud Foundry 上海峰会2015年从玩具到生产 - Cloud Foundry 上海峰会2015年
从玩具到生产 - Cloud Foundry 上海峰会2015年
 
Lattice深掘り話
Lattice深掘り話Lattice深掘り話
Lattice深掘り話
 
Pivotal Cloud Foundry: Building a diverse geo-architecture for Cloud Native A...
Pivotal Cloud Foundry: Building a diverse geo-architecture for Cloud Native A...Pivotal Cloud Foundry: Building a diverse geo-architecture for Cloud Native A...
Pivotal Cloud Foundry: Building a diverse geo-architecture for Cloud Native A...
 
Team Support in Concourse CI 2.0 #concourse_tokyo
Team Support in Concourse CI 2.0 #concourse_tokyoTeam Support in Concourse CI 2.0 #concourse_tokyo
Team Support in Concourse CI 2.0 #concourse_tokyo
 
Cloud Foundry Technical Overview
Cloud Foundry Technical OverviewCloud Foundry Technical Overview
Cloud Foundry Technical Overview
 
Bosh - Configuring Services
Bosh - Configuring ServicesBosh - Configuring Services
Bosh - Configuring Services
 

Similar to Cloud Foundry Meetup Tokyo #1 Route service

Tokyo Azure Meetup #14 - Azure Functions Proxies
Tokyo Azure Meetup #14  -  Azure Functions ProxiesTokyo Azure Meetup #14  -  Azure Functions Proxies
Tokyo Azure Meetup #14 - Azure Functions ProxiesTokyo Azure Meetup
 
[Vončina] Configuring SharePoint 2016 for BI Scenarios
[Vončina] Configuring SharePoint 2016 for BI Scenarios[Vončina] Configuring SharePoint 2016 for BI Scenarios
[Vončina] Configuring SharePoint 2016 for BI ScenariosEuropean Collaboration Summit
 
ApacheCon Core: Service Discovery in OSGi: Beyond the JVM using Docker and Co...
ApacheCon Core: Service Discovery in OSGi: Beyond the JVM using Docker and Co...ApacheCon Core: Service Discovery in OSGi: Beyond the JVM using Docker and Co...
ApacheCon Core: Service Discovery in OSGi: Beyond the JVM using Docker and Co...Frank Lyaruu
 
Migration of an Enterprise UI Microservice System from Cloud Foundry to Kuber...
Migration of an Enterprise UI Microservice System from Cloud Foundry to Kuber...Migration of an Enterprise UI Microservice System from Cloud Foundry to Kuber...
Migration of an Enterprise UI Microservice System from Cloud Foundry to Kuber...Tony Erwin
 
DEVNET-1128 Cisco Intercloud Fabric NB Api's for Business & Providers
DEVNET-1128	Cisco Intercloud Fabric NB Api's for Business & ProvidersDEVNET-1128	Cisco Intercloud Fabric NB Api's for Business & Providers
DEVNET-1128 Cisco Intercloud Fabric NB Api's for Business & ProvidersCisco DevNet
 
Skype for business mobility
Skype for business mobilitySkype for business mobility
Skype for business mobilityFabrizio Volpe
 
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...Amazon Web Services
 
Managing Microservices With The Istio Service Mesh on Kubernetes
Managing Microservices With The Istio Service Mesh on KubernetesManaging Microservices With The Istio Service Mesh on Kubernetes
Managing Microservices With The Istio Service Mesh on KubernetesIftach Schonbaum
 
Secure Content Delivery Using Amazon CloudFront
Secure Content Delivery Using Amazon CloudFrontSecure Content Delivery Using Amazon CloudFront
Secure Content Delivery Using Amazon CloudFrontAmazon Web Services
 
Consull7 webinar hasicorp
Consull7 webinar hasicorpConsull7 webinar hasicorp
Consull7 webinar hasicorpHien Nguyen Van
 
Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh GatewaysConsul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh GatewaysMitchell Pronschinske
 
Hybrid integration with self hosted azure api gateways - published v1.0
Hybrid integration with self hosted azure api gateways - published v1.0Hybrid integration with self hosted azure api gateways - published v1.0
Hybrid integration with self hosted azure api gateways - published v1.0Nikolai Blackie
 
Building high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache ThriftBuilding high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache ThriftRX-M Enterprises LLC
 
MNAssociationEnterpriseArchitectsCloudFoundryJuly2017
MNAssociationEnterpriseArchitectsCloudFoundryJuly2017MNAssociationEnterpriseArchitectsCloudFoundryJuly2017
MNAssociationEnterpriseArchitectsCloudFoundryJuly2017Andrew Ripka
 
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸Amazon Web Services
 
Architecting &Building Scalable Secure Web API
Architecting &Building Scalable Secure Web APIArchitecting &Building Scalable Secure Web API
Architecting &Building Scalable Secure Web APISHAKIL AKHTAR
 
API Testing. Streamline your testing process.
API Testing. Streamline your testing process.API Testing. Streamline your testing process.
API Testing. Streamline your testing process.Andrey Oleynik
 
Clean up this mess - API Gateway & Service Discovery in .NET
Clean up this mess - API Gateway & Service Discovery in .NETClean up this mess - API Gateway & Service Discovery in .NET
Clean up this mess - API Gateway & Service Discovery in .NETMarcin Tyborowski
 
The Greatest Introduction to SharePoint Framework (SPFx) on earth!
The Greatest Introduction to SharePoint Framework (SPFx) on earth!The Greatest Introduction to SharePoint Framework (SPFx) on earth!
The Greatest Introduction to SharePoint Framework (SPFx) on earth!Małgorzata Borzęcka
 
Introduction to SharePoint Framework
Introduction to SharePoint FrameworkIntroduction to SharePoint Framework
Introduction to SharePoint FrameworkMałgorzata Borzęcka
 

Similar to Cloud Foundry Meetup Tokyo #1 Route service (20)

Tokyo Azure Meetup #14 - Azure Functions Proxies
Tokyo Azure Meetup #14  -  Azure Functions ProxiesTokyo Azure Meetup #14  -  Azure Functions Proxies
Tokyo Azure Meetup #14 - Azure Functions Proxies
 
[Vončina] Configuring SharePoint 2016 for BI Scenarios
[Vončina] Configuring SharePoint 2016 for BI Scenarios[Vončina] Configuring SharePoint 2016 for BI Scenarios
[Vončina] Configuring SharePoint 2016 for BI Scenarios
 
ApacheCon Core: Service Discovery in OSGi: Beyond the JVM using Docker and Co...
ApacheCon Core: Service Discovery in OSGi: Beyond the JVM using Docker and Co...ApacheCon Core: Service Discovery in OSGi: Beyond the JVM using Docker and Co...
ApacheCon Core: Service Discovery in OSGi: Beyond the JVM using Docker and Co...
 
Migration of an Enterprise UI Microservice System from Cloud Foundry to Kuber...
Migration of an Enterprise UI Microservice System from Cloud Foundry to Kuber...Migration of an Enterprise UI Microservice System from Cloud Foundry to Kuber...
Migration of an Enterprise UI Microservice System from Cloud Foundry to Kuber...
 
DEVNET-1128 Cisco Intercloud Fabric NB Api's for Business & Providers
DEVNET-1128	Cisco Intercloud Fabric NB Api's for Business & ProvidersDEVNET-1128	Cisco Intercloud Fabric NB Api's for Business & Providers
DEVNET-1128 Cisco Intercloud Fabric NB Api's for Business & Providers
 
Skype for business mobility
Skype for business mobilitySkype for business mobility
Skype for business mobility
 
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...
 
Managing Microservices With The Istio Service Mesh on Kubernetes
Managing Microservices With The Istio Service Mesh on KubernetesManaging Microservices With The Istio Service Mesh on Kubernetes
Managing Microservices With The Istio Service Mesh on Kubernetes
 
Secure Content Delivery Using Amazon CloudFront
Secure Content Delivery Using Amazon CloudFrontSecure Content Delivery Using Amazon CloudFront
Secure Content Delivery Using Amazon CloudFront
 
Consull7 webinar hasicorp
Consull7 webinar hasicorpConsull7 webinar hasicorp
Consull7 webinar hasicorp
 
Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh GatewaysConsul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
 
Hybrid integration with self hosted azure api gateways - published v1.0
Hybrid integration with self hosted azure api gateways - published v1.0Hybrid integration with self hosted azure api gateways - published v1.0
Hybrid integration with self hosted azure api gateways - published v1.0
 
Building high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache ThriftBuilding high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache Thrift
 
MNAssociationEnterpriseArchitectsCloudFoundryJuly2017
MNAssociationEnterpriseArchitectsCloudFoundryJuly2017MNAssociationEnterpriseArchitectsCloudFoundryJuly2017
MNAssociationEnterpriseArchitectsCloudFoundryJuly2017
 
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
 
Architecting &Building Scalable Secure Web API
Architecting &Building Scalable Secure Web APIArchitecting &Building Scalable Secure Web API
Architecting &Building Scalable Secure Web API
 
API Testing. Streamline your testing process.
API Testing. Streamline your testing process.API Testing. Streamline your testing process.
API Testing. Streamline your testing process.
 
Clean up this mess - API Gateway & Service Discovery in .NET
Clean up this mess - API Gateway & Service Discovery in .NETClean up this mess - API Gateway & Service Discovery in .NET
Clean up this mess - API Gateway & Service Discovery in .NET
 
The Greatest Introduction to SharePoint Framework (SPFx) on earth!
The Greatest Introduction to SharePoint Framework (SPFx) on earth!The Greatest Introduction to SharePoint Framework (SPFx) on earth!
The Greatest Introduction to SharePoint Framework (SPFx) on earth!
 
Introduction to SharePoint Framework
Introduction to SharePoint FrameworkIntroduction to SharePoint Framework
Introduction to SharePoint Framework
 

Recently uploaded

Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptxEmil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptxNeo4j
 
LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0DanBrown980551
 
Scenario Library et REX Discover industry- and role- based scenarios
Scenario Library et REX Discover industry- and role- based scenariosScenario Library et REX Discover industry- and role- based scenarios
Scenario Library et REX Discover industry- and role- based scenariosErol GIRAUDY
 
Where developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingWhere developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingFrancesco Corti
 
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024Brian Pichman
 
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdfQ4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdfTejal81
 
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Alkin Tezuysal
 
Extra-120324-Visite-Entreprise-icare.pdf
Extra-120324-Visite-Entreprise-icare.pdfExtra-120324-Visite-Entreprise-icare.pdf
Extra-120324-Visite-Entreprise-icare.pdfInfopole1
 
Oracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxOracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxSatishbabu Gunukula
 
Introduction to RAG (Retrieval Augmented Generation) and its application
Introduction to RAG (Retrieval Augmented Generation) and its applicationIntroduction to RAG (Retrieval Augmented Generation) and its application
Introduction to RAG (Retrieval Augmented Generation) and its applicationKnoldus Inc.
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightSafe Software
 
Keep Your Finger on the Pulse of Your Building's Performance with IES Live
Keep Your Finger on the Pulse of Your Building's Performance with IES LiveKeep Your Finger on the Pulse of Your Building's Performance with IES Live
Keep Your Finger on the Pulse of Your Building's Performance with IES LiveIES VE
 
Technical SEO for Improved Accessibility WTS FEST
Technical SEO for Improved Accessibility  WTS FESTTechnical SEO for Improved Accessibility  WTS FEST
Technical SEO for Improved Accessibility WTS FESTBillieHyde
 
How to release an Open Source Dataweave Library
How to release an Open Source Dataweave LibraryHow to release an Open Source Dataweave Library
How to release an Open Source Dataweave Libraryshyamraj55
 
Automation Ops Series: Session 2 - Governance for UiPath projects
Automation Ops Series: Session 2 - Governance for UiPath projectsAutomation Ops Series: Session 2 - Governance for UiPath projects
Automation Ops Series: Session 2 - Governance for UiPath projectsDianaGray10
 
Flow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First FrameFlow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First FrameKapil Thakar
 
The Importance of Indoor Air Quality (English)
The Importance of Indoor Air Quality (English)The Importance of Indoor Air Quality (English)
The Importance of Indoor Air Quality (English)IES VE
 
AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024Brian Pichman
 
.NET 8 ChatBot with Azure OpenAI Services.pptx
.NET 8 ChatBot with Azure OpenAI Services.pptx.NET 8 ChatBot with Azure OpenAI Services.pptx
.NET 8 ChatBot with Azure OpenAI Services.pptxHansamali Gamage
 
Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...DianaGray10
 

Recently uploaded (20)

Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptxEmil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
 
LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0
 
Scenario Library et REX Discover industry- and role- based scenarios
Scenario Library et REX Discover industry- and role- based scenariosScenario Library et REX Discover industry- and role- based scenarios
Scenario Library et REX Discover industry- and role- based scenarios
 
Where developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingWhere developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is going
 
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
 
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdfQ4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
 
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
 
Extra-120324-Visite-Entreprise-icare.pdf
Extra-120324-Visite-Entreprise-icare.pdfExtra-120324-Visite-Entreprise-icare.pdf
Extra-120324-Visite-Entreprise-icare.pdf
 
Oracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxOracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptx
 
Introduction to RAG (Retrieval Augmented Generation) and its application
Introduction to RAG (Retrieval Augmented Generation) and its applicationIntroduction to RAG (Retrieval Augmented Generation) and its application
Introduction to RAG (Retrieval Augmented Generation) and its application
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
Keep Your Finger on the Pulse of Your Building's Performance with IES Live
Keep Your Finger on the Pulse of Your Building's Performance with IES LiveKeep Your Finger on the Pulse of Your Building's Performance with IES Live
Keep Your Finger on the Pulse of Your Building's Performance with IES Live
 
Technical SEO for Improved Accessibility WTS FEST
Technical SEO for Improved Accessibility  WTS FESTTechnical SEO for Improved Accessibility  WTS FEST
Technical SEO for Improved Accessibility WTS FEST
 
How to release an Open Source Dataweave Library
How to release an Open Source Dataweave LibraryHow to release an Open Source Dataweave Library
How to release an Open Source Dataweave Library
 
Automation Ops Series: Session 2 - Governance for UiPath projects
Automation Ops Series: Session 2 - Governance for UiPath projectsAutomation Ops Series: Session 2 - Governance for UiPath projects
Automation Ops Series: Session 2 - Governance for UiPath projects
 
Flow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First FrameFlow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First Frame
 
The Importance of Indoor Air Quality (English)
The Importance of Indoor Air Quality (English)The Importance of Indoor Air Quality (English)
The Importance of Indoor Air Quality (English)
 
AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024
 
.NET 8 ChatBot with Azure OpenAI Services.pptx
.NET 8 ChatBot with Azure OpenAI Services.pptx.NET 8 ChatBot with Azure OpenAI Services.pptx
.NET 8 ChatBot with Azure OpenAI Services.pptx
 
Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...
 

Cloud Foundry Meetup Tokyo #1 Route service

  • 2. About me Etourneau Gwenn Sr Solution Architect Bef.: Platform Architect https://github.com/shinji62 https://twitter.com/the_shinji62
  • 3. Pivotal • Spring Framework • RabbitMQ • Concourse • Cloud Foundry • Pivotal Tracker • Gemfire
  • 4. Agenda • Cloud Foundry • Route service • Usage • Demo • Q&A
  • 5. Cloud Foundry • Truly OpenSource Platform as a Service • Aim to be de-facto enteprise PaaS • Huge community • Authentication, Log Agg., LB, Service, High Availability … • Support Buildpack and Docker as well • IaaS Agnostic (Bosh)
  • 8. What’s that ?! I want to forward every request to test.local.pcfdev.io through https:// rproxy.mydomain.io As a Cloud Foundry user I want to be able to forward all my request for my.domain.com to my.service.com
  • 9. Why?! • Off-load authentication • Rate-limiting • Inspect request • Plug with your internal system • etc …
  • 10. Normal Request R O U T E R App Load Balancer 1 Client to LB 2 LB to CF router 3 Router to the apps test.local.pcfdev.io
  • 11. Request with RS outside CF R O U T E R App Route-Service Load Balancer 1 Client to LB 2 LB to CF router 3 Router to the route-service 4 RS to Load Balancer 6 Router to the application 5 LB to CF router test.local.pcfdev.io rproxy.mydomain.io
  • 12. Request with RS in CF R O U T E R App Route Service Load Balancer 1 Client to Load Balancer 2 LB to CF router 5 RS to Load Balancer 7 Router to the application 6 LB to CF router 3 CF router To RS 4 Router to the route-service rproxy.mydomain.io test.local.pcfdev.io
  • 13. Request with RS Route-Service X-CF-Proxy-Signature X-CF-Proxy-Metadata Router forward original request to RS R O U T E R X-CF-Forwarded-Url ==> rproxy.mydomain.io test.local.pcfdev.io
  • 14. Headers by CF routers Contains the URL of the application route. The route service should forward the request to this URL. X-CF-Forwarded-Url X-CF-Proxy-Signature Every request is sign by the goRouter. Use by the router to validate the request. X-CF-Proxy-Metadata test.local.pcfdev.io
  • 15. Response with RS Route-Service Sent Response to Router R O U T E R X-CF-Proxy-Signature X-CF-Proxy-Metadata
  • 16. Requirements • CF-Release >= 231 • Cloud Foundry CLI >= 6.16.0 • Router secret should be configure in the CF manifest.
  • 17. Manifest properties Properties names Description route_services_secret Secret use to encrypt the signature route_services_recommend_https Scheme recommended between RS and final domain route_services_secret_decrypt_only Use to rotate the secret Key route_services_timeout Route services must forward the request to the application route within this timeout ssl_skip_validation CF router only forward over HTTPS Use this to skip ssl validation
  • 18. Usage with User Provided • Don’t need service broker • Simply create an user provided instances • Bind the service to the hostname and domain ! • Not the application ! I want to forward every request to test.local.micropcf.io through the service “my-route-service” (https://rproxy.mydomain.io) >$ cf create-user-provided-service my-route-service -r https://rproxy.mydomain.io >$ cf bind-route-service local.pcfdev.io my-route-service -n test
  • 19. Usage with Service Broker • Catalog should include “requires:route_forwarding” • Bind response should include “route_service_url:my.endpoint.com” I want to forward every request to test.local.micropcf.io through the service “route-service” (https://rproxy.mydomain.io) >$ cf bind-route-service local.micropcf.io route-service -n test >$ cf create-service service-broker plan my-route-service
  • 20. Demo
  • 21. Request with RS in CF R O U T E R App Route Service Load Balancer 1 Client to Load Balancer 2 LB to CF router 5 RS to Load Balancer 7 Router to the application 6 LB to CF router 3 CF router To RS 4 Router to the route-service
  • 24. Documentation • Route-Service • http://docs.cloudfoundry.org/services/route-services.html • Blog post about Route-Service • https://www.cloudfoundry.org/route-services/
  • 25. Examples • Rate Limiting (Java) • https://github.com/cloudfoundry-samples/ratelimit-service • Sleeping (Go) • https://github.com/cloudfoundry-samples/logging-route-service • Simple reverse proxy (Go) • https://github.com/shinji62/route-service-cf
  • 26. Today materials • materials • https://github.com/shinji62/cf-meetup-tokyo-2016-03-01--1
  • 27. Q & A