Expose APIs using Hub API Gateway
Traefik Hub API Gateway allows exposing your APIs using rules which can be defined on:
- The Host name
- The Headers
- The HTTP Methods
- The Path
- The Query parameters
- The Client IP address
In the examples below, Traefik Hub API Gateway was deployed using the Helm Chart default configuration.
It creates an entryPoint
named websecure
that allows exposing the Ingress on the port 443.
Host Name
To expose an API checking the requests the Host name, apply the following configuration:
- IngressRoute
- Service & Deployment
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: my-app
namespace: apps
spec:
entryPoints:
- websecure
routes:
- match: Host(`whoami.example.com`)
kind: Rule
services:
- name: whoami
port: 80
tls: {}
kind: Deployment
apiVersion: apps/v1
metadata:
name: whoami
namespace: apps
spec:
replicas: 3
selector:
matchLabels:
app: whoami
template:
metadata:
labels:
app: whoami
spec:
containers:
- name: whoami
image: traefik/whoami
---
apiVersion: v1
kind: Service
metadata:
name: whoami
namespace: apps
spec:
ports:
- port: 80
name: whoami
selector:
app: whoami
Host Name and Path Prefix
To expose an API checking the requests the Host name and the Path, apply the following configuration:
- IngressRoute
- Service & Deployment
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: my-app
namespace: apps
spec:
entryPoints:
- websecure
routes:
# Check the Host Name and the path prefix
- match: Host(`example.com`) && PathPrefix(`/whoami`)
kind: Rule
services:
- name: whoami
port: 80
tls: {}
kind: Deployment
apiVersion: apps/v1
metadata:
name: whoami
namespace: apps
spec:
replicas: 3
selector:
matchLabels:
app: whoami
template:
metadata:
labels:
app: whoami
spec:
containers:
- name: whoami
image: traefik/whoami
---
apiVersion: v1
kind: Service
metadata:
name: whoami
namespace: apps
spec:
ports:
- port: 80
name: whoami
selector:
app: whoami
Regular Expression on the Path and low priority
To expose an API checking if the requests path matches the expected regular expression, apply the following configuration:
- IngressRoute
- Service & Deployment
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: my-app
namespace: apps
spec:
entryPoints:
- websecure
routes:
# Match both /products/shoes and /products/socks with and ID like /products/shoes/31
- match: PathRegexp(`^/products/(shoes|socks)/[0-9]+$`)
kind: Rule
# The smaller the number, the lower the priority
# Every other router will be evaluated before this one
priority: 1
services:
- name: whoami
port: 80
tls: {}
kind: Deployment
apiVersion: apps/v1
metadata:
name: whoami
namespace: apps
spec:
replicas: 3
selector:
matchLabels:
app: whoami
template:
metadata:
labels:
app: whoami
spec:
containers:
- name: whoami
image: traefik/whoami
---
apiVersion: v1
kind: Service
metadata:
name: whoami
namespace: apps
spec:
ports:
- port: 80
name: whoami
selector:
app: whoami
Path, Method and Header
To expose an API checking if a request header matches the expected regular expression, and checking its path and method, apply the following configuration:
- IngressRoute
- Service & Deployment
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: my-app
namespace: apps
spec:
entryPoints:
- websecure
routes:
# Match requests with a Content-Type header set to either application/json or application/yaml
# And a path set to /products but neither /products/shoes nor /products/
# AND only the HTTP Methods GET, POST and PUT
- match: Path(`/products`) && HeaderRegexp(`Content-Type`, `^application/(json|yaml)$`) && (Method(`GET`) || Method(`POST`) || Method(`PUT`))
kind: Rule
services:
- name: whoami
port: 80
tls: {}
kind: Deployment
apiVersion: apps/v1
metadata:
name: whoami
namespace: apps
spec:
replicas: 3
selector:
matchLabels:
app: whoami
template:
metadata:
labels:
app: whoami
spec:
containers:
- name: whoami
image: traefik/whoami
---
apiVersion: v1
kind: Service
metadata:
name: whoami
namespace: apps
spec:
ports:
- port: 80
name: whoami
selector:
app: whoami
Related Content
- Know more about the HTTP rules in the dedicated section.
- Know more about the prioties in the dedicated section.
- See the HTTP
IngressRoute
full options in the dedicated section. - See how to redirect the traffic from one port to another one in the dedicated section.
- See how to secure a router in the dedicated section.