DIY Exercise 5-1: Deploy and secure an API

Time estimate: 2 hours

Objectives

In this exercise, you deploy and secure an API implementation. You will:

·       Deploy a Mule API application to CloudHub.

·       Create simple test flows to automatically set sample required headers and parameters before calling an API endpoint. 

·       Create an API proxy for a Mule application and apply an SLA based rate limiting policy.

Scenario

The Accounts API has been implemented as a Mule application and you are now ready to deploy it to CloudHub. After deploying the Mule application, secure it by creating an API proxy for it and applying an SLA based rate limiting policy.

Import the starting project

Use your solution from exercise 4-1 or import /files/module04/accounts-mod04-api-implementation-solution.jar (in the MUFundamentals4.x DIY Files zip that you can download from the Course Resources) into Anypoint Studio.

Create API client test flows

Create test flows that proxy and test the accounts-api.raml endpoints so that each API endpoint can be tested by making simple GET requests to TCP port 9090. Add a new HTTP Listener global configuration for all the test flows to listen on HTTP port 9090.

 

The network flow should look like this:

Web client -----9090-----> Test HTTP Listener -----8081-----> API

 

For each flow, set example values for any required parameters and headers according to the accounts-api.raml specification in the project's src/main/api folder. In order to trigger each test flow, use one shared HTTP Listener configuration, listening on port 9090.

Note: This is an alternate way to test your API without using the mocking service or a separate REST client.

Test direct access to the API endpoints

Debug your Mule application in Anypoint Studio. Use the APIkit Console to make requests to http://localhost:8081/api/accounts. Be sure to set the required headers and query parameters.

Test access to the API endpoints via the test endpoints

Use a web client to make requests to your test flow URLs at http://localhost:9090/{yourTestEndpoint}.

Deploy the Mule application to CloudHub and test the API

In order to reduce the file size to be as small as possible, export the JAR file with only the option: Include project modules and dependencies. Deploy the Mule application to your Anypoint Platform account.

 

Try to test the flow endpoints (URIs) by making requests to http://appname.cloudhub.io:9090/{yourTestEndpoint}.

Answer the following questions

·       What happens when you try to access your test flow endpoints on port 9090?

·       What additional steps might you need to take to make your test endpoints available in CloudHub?

·       What happens when you try to access your test flow endpoints through the CloudHub elastic load balancer via its public URL http://appname.cloudhub.io/{yourTestEndpoint}?

·       What happens when you try to access your test flow endpoints via the direct Mule worker URL: http://mule-worker-appname.cloudhub.io:9090/{yourTestEndpoint}?

·       What happens when you try to access your test flow endpoints via the direct Mule worker URL: http://mule-worker-appname.cloudhub.io:8081/{yourTestEndpoint}?

Test the API directly

Try to access the various API endpoints (including the correct URI parameters, query parameters, and headers) at various baseUris.

Answer the following questions

·       What happens when you try to access the API:

o   Through the external elastic load balancer URL at http://appname.cloudhub.io/api?

o   Through the external elastic load balancer URL at http://appname.cloudhub.io:8081/api?

o   Directly at a Mule worker, bypassing the external elastic load balancer, at http://mule-worker-appname.cloudhub.io/api?

o   Directly at a Mule worker, bypassing the external elastic load balancer, at http://mule-worker-appname.cloudhub.io:8081/api?

Note: To learn more about using CloudHub, take the Anypoint Platform Operations: CloudHub course.

Apply a rate limiting SLA based policy to the API implementation

Now that the Mule application is deployed and tested, secure the API by creating an API proxy for it and then apply a rate limiting SLA based policy with the following SLA levels:

·       Free (with automatic approval)

·       Professional (with manual approval)

·       Enterprise (with manual approval)

Verify your solution

Load the solution /files/module05/accounts-mod05-deploy-solution.jar (in the MUFundamentals4.x DIY Files zip that you can download from the Course Resources)

and compare your solution.



Did you complete the exercise?

  Yes, I completed the exercise

  No, I did not complete the exercise

  I completed part of the exercise


Comments and/or feedback