Manage Services in Multi-Environments Using Gateway Group

Gateway groups are a logical grouping of one or more gateway instances that share the same configuration and behave consistently when handling API requests. Users can name the gateway groups and add labels to them to differentiate and manage different environments and clusters.

API7 Enterprise supports two types of gateway group management: API Gateway and Ingress Controller. This helps enterprises achieve environment and cluster isolation, multi-region and multi-cluster management, as well as service-level objective management based on projects.

This guide will show you how to manage service across the Test, UAT, and Prod environments using gateway groups.

Background

To ensure service stability, compliance, and data security, the service goes through multiple environments, including test, UAT, and production environments. Without multi-environment management, developers need to deploy three sets of API7 Enterprise, and log in to the API7 Enterprise dashboard under different domains to develop, test, and deploy the same API. In the case of many business projects, this process will waste a lot of machine and management resources.

The gateway group feature of the API7 Enterprise provides developers with a unified entry point. It avoids switching between multiple dashboards, and enables simple and convenient deployment operations, thereby improving work efficiency and reducing operational errors.

Prerequisite(s)

1. Install API7 Enterprise.
2. Prepare different domain names for the service in the three environments: test.acme.com, uat.acme.com, and prod.acme.com.

Steps

Create Gateway Groups

1. Refer to adding a gateway group, and create three gateway groups: Test, UAT, and Prod.

2. In the organization section of the API7 Enterprise dashboard, assign clear roles to each developer user, and define fine-grained access permissions for each role by applying access control list (ACL).

Deploy Services to the Test Environment

1. Ensure that the test environment is configured, with the upstream address pointing to http://test-backend-1, which points to the backend service cluster in the test environment.

2. Deploy the packaged UserService to the test environment servers using automated scripts or manual operations.

3. Create UserService service within the Test gateway group, and debug repeatedly on the same no-version service. Simulate real user scenarios to perform functional testing, performance testing, and security testing.

4. Run the automated test suite, including unit tests and integration tests, in the test environment to verify that the UserService works as expected.

User Acceptance Testing (UAT)

1. Prepare the UAT environment, with the upstream address configured as the load balancer address http://uat-backend-pool, which connects to multiple backend servers in the UAT environment.

2. After the UserService in the UAT gateway group is debugged, synchronize it to the UAT gateway group and change the host to uat.acme.com.

3. In the UAT gateway group, configure the gateway group's security policies and compliance check functions, such as enabling log auditing.

4. Invite business users or the QA team to conduct UAT testing to verify that the UserService service meets the business requirements.

5. Collect user feedback and make necessary adjustments based on the feedback.

Deploy Services to the Production Environment

1. Ensure that the production environment is ready, with the upstream address configured as the production environment's virtual IP address http://prod-backend-vip, which connects to a high-performance server cluster.

2. After the UserService is debugged, synchronize it to the Prod gateway group and change the host to prod.acme.com.

3. In the Prod gateway group, enable the Prometheus plugin as a global rule to monitor API metrics, ensuring that all services and routes receive consistent monitoring and tracing, and real-time tracking of the performance and stability of the UserService service.

4. Develop a detailed rollback plan, including rollback steps, required time, and responsible personnel, and roll back the published services when necessary.

5. Regularly review and analyze the logs of the UserService, perform log management, and identify potential issues for improvement.

Conclusion

Without gateway groups, several sets of control planes and data planes needed to be deployed. Now, by creating gateway groups in the API7 Enterprise dashboard, physical and logical isolation can be achieved. It ensures the security, controllability, and efficiency of the service migration process, and reduces the risk of service interruption. Meanwhile, through flexible route rule adjustments, rapid service version switching and rollback can be achieved.