azure api management,

Using Azure API Management APIs with Docker

Sven Malvik Sven Malvik Connect Jun 27, 2020 · 3 mins read
Using Azure API Management APIs with Docker

We use Azure API Management in some cases for calling external services from Azure Kubernetes Service (AKS). Azure API Management acts in this case as a link between an internal service running on AKS and an external service running at a third-party. The third-party knows who we are, and has whitelisted our outgoing IP address which is the egress IP from Azure API Management. The problem is when redeploying Azure API Management. As we emphasize immutable infrastructure, this may happen at some point. Redeploying Azure API Management results then in a different IP address that the third-party has to whitelist again. This may take time and effort. Fortunately, Azure API Management has the concept of self-hosted gateways. This post will show how to use a self-hosted gateway with Docker.

Self-hosted API Gateway without Round-Trip

The diagram below shows that instead of making the round-trip from a service running outside of Azure to Azure API Management and then to a backend service, we can go the direct route with a self-hosted API gateway.

Azure API Management Gateway diagramAzure API Management Gateway diagram

Deploying a self-hosted API gateway in Docker

I added two APIs to an Azure API Management instance that are public available without a subscription-key. Both APIs are hosted in the US. The Azure API Management instance is deployed in West Europe (Amsterdam).

Adding APIs to Azure API ManagementAdding APIs to Azure API Management

We can simply test the endpoint in any browser. I send a request from my local machine in Norway to an Azure API Management instance that is running in West Europe (Amsterdam) which then forwards the request to a service in the US. This is a long journey with an unnecessary stop in the Netherlands. Let’s see how we can communicate directly with a self-hosted gateway.

Round-Trip of a requestRound-Trip of a request

The service in the US has whitelisted all IPs. It’s a public available service. In case it would only have whitelisted our IP address of this Azure API Management instance, we were in no trouble either. Would we then redeploy, and get a new instance, we would also get a new IP address that the service in the US would need to whitelist again.

Testing an API against Azure API ManagementTesting an API against Azure API Management

Here’s how we create a self-hosted gateway in the Azure Portal. We add only the APIs that we want to move outside Azure API Management.

Creating an API GatewayCreating an API Gateway

What we get is a Docker image and a file with some key-value pairs that we can download.

API Gateway configurationAPI Gateway configuration

We put the downloaded file at a location from where we will run Docker.

Running the API Gateway in DockerRunning the API Gateway in Docker

The container started successfully on port 80.

The API Gateway is running on port 80The API Gateway is running on port 80

We can finally test the same API from localhost. The IP address that the service in the US would need to whitelist is the one from my local machine. That means that I can redeploy my Azure API Management instance as often as I want without notifying third-parties about a change in IP address.

Testing an API against the local API GatewayTesting an API against the local API Gateway

Changing an API in the Portal

The self-hosted gateway needs still to talk to Azure API Management to send metrics. Also, when we make a change in the API, we don’t need to create a new Docker image. All changes are communicated to the self-hosted gateway directly and take Immediately effect.

Summary

A self-hosted gateway puts APIs closer to the services calling these APIs. It also makes working in an environment that emphasizes immutable Infrastructure, because we don’t depend on the egress IP address of Azure API Management. On the flip-side, using a self-hosted gateway will increase the complexity of a system.

Resource

Join Newsletter
Get the latest updates right in your inbox. I never spam!
Sven Malvik
Written by Sven Malvik

Latest Stories

Event-Driven Infrastructure with App Configuration

Azure App Configuration is great for externalizing application configurations. But what if an application is our infrastructure? How coul...

Sep 12, 2020

Understanding Policies in Azure API Management

Policies are the heart of Azure API Management. They let us change the behavior of our APIs in a very flexible manner. Before I dive in t...

Apr 18, 2020

Logging in Azure API Management

This post is a complete step-by-step guide on how to send logs from Azure API Management to Azure Event Hub with PowerShell. We start by ...

Apr 11, 2020

Backup and Restore in Azure API Management

As infrastructure gets more complex, more parts will eventually break. This is even more true as we make frequently changes. Sometimes we...

May 02, 2020

How To Manage Azure Virtual Machines

I will go through the first steps for managing Virtual Machines. We will create a Windows VM, start the Internet Information Service IIS,...

Dec 26, 2020

Introduction to Azure API Management

Azure API Management (APIM) is a way to create consistent and modern API gateways for existing backend services. It provides an interface...

Jan 25, 2021

Serving Website Images from Azure CDN with SSL

In this post I will show you step by step how to serve images on a website from Azure CDN with SSL enabled. My blog has a couple of Azure...

Apr 25, 2020

How To Debug Policies in Azure API Management. A Step-by-Step Guide.

In this post I want to briefly go through the Azure API Management extension for VSCode and how we can debug policies. It’s one of the qu...

Jan 16, 2021

AZ-303 Self-Study Guide for Becoming an Azure Solution Architect

Microsoft updated it’s role based exam for AZ-300. It’s now called AZ-303 and launched last year. This certification is a great proof for...

Feb 01, 2021

How to Secure Azure Functions App with Azure API Management

How to use an Azure Managed Identity to authenticate against an Azure Functions app that is exposed through Azure API Management. Our Fun...

Feb 02, 2021

Azure API Management with Terraform

Terraform is a popular tool for managing infrastructure resources. I counted about 120 supported providers. Azure is one of them. In this...

Apr 04, 2020

Latest Stories

Event-Driven Infrastructure with App Configuration

Event-Driven Infrastructure with App Configuration

Azure App Configuration is great for externalizing application configurations. But what if an application is our infrastructure? How coul...

Sep 12, 2020

Understanding Policies in Azure API Management

Understanding Policies in Azure API Management

Policies are the heart of Azure API Management. They let us change the behavior of our APIs in a very flexible manner. Before I dive in t...

Apr 18, 2020

Logging in Azure API Management

Logging in Azure API Management

This post is a complete step-by-step guide on how to send logs from Azure API Management to Azure Event Hub with PowerShell. We start by ...

Apr 11, 2020

Backup and Restore in Azure API Management

Backup and Restore in Azure API Management

As infrastructure gets more complex, more parts will eventually break. This is even more true as we make frequently changes. Sometimes we...

May 02, 2020

How To Manage Azure Virtual Machines

How To Manage Azure Virtual Machines

I will go through the first steps for managing Virtual Machines. We will create a Windows VM, start the Internet Information Service IIS,...

Dec 26, 2020

Introduction to Azure API Management

Introduction to Azure API Management

Azure API Management (APIM) is a way to create consistent and modern API gateways for existing backend services. It provides an interface...

Jan 25, 2021

Serving Website Images from Azure CDN with SSL

Serving Website Images from Azure CDN with SSL

In this post I will show you step by step how to serve images on a website from Azure CDN with SSL enabled. My blog has a couple of Azure...

Apr 25, 2020

How To Debug Policies in Azure API Management. A Step-by-Step Guide.

How To Debug Policies in Azure API Management. A Step-by-Step Guide.

In this post I want to briefly go through the Azure API Management extension for VSCode and how we can debug policies. It’s one of the qu...

Jan 16, 2021

AZ-303 Self-Study Guide for Becoming an Azure Solution Architect

AZ-303 Self-Study Guide for Becoming an Azure Solution Architect

Microsoft updated it’s role based exam for AZ-300. It’s now called AZ-303 and launched last year. This certification is a great proof for...

Feb 01, 2021

How to Secure Azure Functions App with Azure API Management

How to Secure Azure Functions App with Azure API Management

How to use an Azure Managed Identity to authenticate against an Azure Functions app that is exposed through Azure API Management. Our Fun...

Feb 02, 2021

Azure API Management with Terraform

Azure API Management with Terraform

Terraform is a popular tool for managing infrastructure resources. I counted about 120 supported providers. Azure is one of them. In this...

Apr 04, 2020