#Apigee Extension Processor v1.0
Explore tagged Tumblr posts
Visit Tumblr Blog
Explore Tumblr blogs with no restrictions, modern design and the best experience.
Last Seen Tumblr Blogs
rosecarat
happy thoughts,warm feelings
111K posts
hmcvlscl
Gaze, don't glance.
270 posts
bon3shak3r
799 posts
eclectictimemachinephilosopher
My smart blog 7574
3 posts
dancer4life18
A Fangirl's Thoughts and Stuff
11K posts
Fun Fact
Total funding amounts to $125.3M.
govindhtech ยท 2 months ago
Text
Apigee Extension Processor v1.0: CLB Policy Decision Point
Tumblr media
V1.0 Apigee Extension Processor
This powerful new capability increases Apigee's reach and versatility and makes managing and protecting more backend services and modern application architectures easier than ever.
Modern deployers may add Apigee rules to their scalable containerised apps using the Extension Processor's seamless Cloud Run interface.
Additionally, the Extension Processor creates powerful new connections. With gRPC bidirectional streaming, complicated real-time interactions are easy, enabling low-latency, engaging apps. For event-driven systems, the Extension Processor controls and protects Server-Sent Events (SSE), enabling data streaming to clients.
Benefits extend beyond communication standards and application implementation. When used with Google Token Injection rules, the Apigee Extension Processor simplifies safe Google Cloud infrastructure access. Apigee's consistent security architecture lets you connect to and manage Bigtable and Vertex AI for machine learning workloads.
Finally, by connecting to Google's Cloud Load Balancing's advanced traffic management features, the Extension Processor offers unequalled flexibility in routing and controlling various traffic flows. Even complex API landscapes may be managed with this powerful combine.
This blog demonstrates a powerful technique to manage gRPC streaming in Apigee, a major issue in high-performance and real-time systems. gRPC is essential to microservices, however organisations employing Google Cloud's Apigee as an inline proxy (traditional mode) face issues owing to its streaming nature.
Nous will examine how Apigee's data plane may regulate gRPC streaming traffic from the ALB to the Extension Processor. A service extension, also known as a traffic extension, allows efficient administration and routing without passing the gRPC stream through the Apigee gateway.
Read on to learn about this solution's major features, its benefits, and a Cloud Run backend use case.
Overview of Apigee Extension Processor
Cloud Load Balancing may send callouts to Apigee for API administration via the Apigee extender Processor, a powerful traffic extender. Apigee can apply API management policies to requests before the ALB forwards them to user-managed backend services, extending its robust API management capabilities to Cloud Load Balancing workloads.
Infrastructure, Dataflow
Apigee Extension Processor requirements
Apigee Extension Processor setup requires several components. Service Extensions, ALBs, and Apigee instances with Extension Processors are included.
The numerical steps below match the flow diagram's numbered arrows to demonstrate order:
The ALB receives client requests.
The Policy Enforcement Point (PEP) ALB processes traffic. This procedure involves calls to Apigee via the Service Extension (traffic extension).
After receiving the callout, the Apigee Extension Processor, which acts as the Policy Decision Point (PDP), applies API management policies and returns the request back to the ALB.
After processing, the ALB forwards the request to the backend.
The ALB gets the backend service-started response. Before responding to the client, the ALB may utilise the Service Extension to contact Apigee again to enforce policies.
Making gRPC streaming pass-through possible
Apigee, an inline proxy, does not support streaming gRPC, even though many modern apps do. Apigee Extension Processor is handy in this circumstance since it allows the ALB to process streaming gRPC communication and act as the PEP and the Apigee runtime as the PDP.
Important components for Apigee's gRPC streaming pass-through
Using the Apigee Extension Processor for gRPC streaming pass-through requires the following components. Get started with the Apigee Extension Processor has detailed setup instructions.
gRPC streaming backend service: A bidirectional, server, or client streaming service.
The Application Load Balancer (ALB) routes traffic and calls to the Apigee Service Extension for client requests.
One Apigee instance with the Extension Processor enabled: A targetless API proxy is used by an Apigee instance and environment with Extension Processor to process Service Extension communication using ext-proc.
In order to link the ALB and Apigee runtime, a traffic extension (ideally Private Service link (PSC)) is configured.
When configured properly, client to ALB, ALB to Apigee, and ALB to backend may interact.
Apigee secures and manages cloud gRPC streaming services
Imagine a customer creating a high-performance backend service to deliver real-time application logs using gRPC. For scalability and administrative ease, their primary Google Cloud project hosts this backend application on Google Cloud Run. The customer wants a secure API gateway to offer this gRPC streaming service to its clients. They choose Apigee for its API administration capabilities, including authentication, authorisation, rate restriction, and other regulations.
Challenge
Apigee's inline proxy mode doesn't allow gRPC streaming. Typical Apigee installations cannot directly expose the Cloud Run gRPC service for client, server, or bi-di streaming.
Solution
The Apigee Extension Processor bridges gRPC streaming traffic to a Cloud Run backend application in the same Google Cloud project.
A concentrated flow:
Client start
Client applications initiate gRPC streaming requests.
The entry point ALB's public IP address or DNS name is the target of this request.
ALB and Service Extension callout
The ALB receives gRPC streaming requests.
A serverless Network Endpoint Group connects the ALB's backend service to Cloud Run.
The ALB also features a Service Extension (Traffic extension) with an Apigee runtime backend.
The ALB calls this Service Extension for relevant traffic.
Processing Apigee proxy
Service Extensions redirect gRPC requests to Apigee API proxies.
Apigee X proxy implements API management controls. This includes rate limiting, authorisation, and authentication.
No Target Endpoint is defined on the Apigee proxy in this situation.ALB finalises route.
Return to ALB
Since the Apigee proxy has no target, the Service Extension answer returns control to the ALB after policy processing.
Backend routing in Cloud Run by Load Balancer
The ALB maps the gRPC streaming request to the serverless NEG where the Cloud Run service is situated, per its backend service parameters.
ALB manages Cloud Run instance routing.
Managing responses
Request and response flow are similar. The backend starts the ALB to process the response. The ALB may call Apigee for policy enforcement before responding to the client via the Service Extension (traffic extension).
This simplified use case explains how to apply API management policies to gRPC streaming traffic to a Cloud Run application in the same Google Cloud project using the Apigee Extension Processor. The ALB largely routes to Cloud Run using its NEG setup.
Advantages of Apigee Extension Processor for gRPC Streaming
Using the Apigee Extension Processor to backend manage gRPC streaming services brings Apigee's core features to this new platform application, with several benefits:
Extended Apigee's reach
This technique extends Apigee's strong API management tools to gRPC streaming, which the core proxy does not handle natively.
Utilising current investments
Businesses using Apigee for RESTful APIs may now control their gRPC streaming services from Apigee. Even while it requires the Extension Processor, it uses well-known API management techniques and avoids the need for extra tools.
Centralised policymaking
Apigee centralises API management policy creation and implementation. Integrating gRPC streaming via the Extension Processor gives all API endpoints similar governance and security.
Moneymaking potential
Apigee's monetisation features may be utilised for gRPC streaming services. Rate plans in Apigee-customized API solutions let you generate money when gRPC streaming APIs are accessed.
Better visibility and traceability
Despite limited gRPC protocol-level analytics in a pass-through situation, Apigee provides relevant data on streaming service traffic, including connection attempts, error rates, and use trends. Troubleshooting and monitoring require this observability.
Apigee's distributed tracing solutions may help you trace requests in distributed systems utilising gRPC streaming services with end-to-end visibility across apps, services, and databases.
Business intelligence
Apigee API Analytics collects the massive amount of data going through your load balancer and provides UI visualisation or offline data analysis. This data helps businesses make smart decisions, identify performance bottlenecks, and understand usage trends.
These benefits show that the Apigee Extension Processor can offer essential API management functionalities to Google Cloud's gRPC streaming services.
Looking Ahead
Apigee Extension Processor enhances Apigee's functionality. Apigee's policy enforcement will eventually be available on all gateways. The Apigee runtime will serve as the Policy Decision Point (PDP) and the ext-proc protocol will allow many Envoy-based load balancers and gateways to act as Policy Enforcement Points. Due to this innovation, organisations will be better able to manage and protect their digital assets in more varied situations.
#technology#technews#govindhtech#news#technologynews#Apigee Extension Processor#Apigee Extension#gRPC#Cloud Run#Apigee#Apigee Extension Processor v1.0#Application Load Balancer
0 notes