aku' natural positioning is as a Gateway with aggregation. Its purpose is to link numerous backend services to a unified endpoint. It implements the pattern Domain-Oriented Microservice Architecture, allowing you to define exactly and with a declarative configuration how is the API that you want to expose to the clients.
- proxy (TCP only)
- http
- grpc
- tls
- plugin
- ip restriction
- rate limiting
- circuit breaker
- cors
- tracing
- open-telemetry
- expose metrics
-
Create
akuIngress' CRD# create a CustomResourceDefinition kubectl create -f artifacts/crd-aku.yaml # create a custom resource of type Aku kubectl create -f artifacts/aku.yaml
-
Deploy
akuand assign its role as aclusterrole. -
Configure your application's chart values behind the
akuAPI gateway:akuIngress: enabled: true routeMap: - name: open-prefix-public-path overridePath: /api/v1/your-service/public upstream_path: /public - name: open-prefix/user-path overridePath: /api/v1/your-service/user upstream_path: /user methodMap: - name: open-only-public-method proto_service: pb.ProtoService allow: - PublicMethod - name: open-all-method-except-private proto_service: pb.OtherProtoService disallow: - PrivateMethod
aku is an experimental project, and there are many pending tasks. Here is a list of what I believe is necessary:
- define CRD.
- List of features has been finalized.
- Once a gRPC connection is established, it remains active until a timeout occurs. This means that aku cannot control which methods are disallowed; in other words, clients can access any method when connected.