REST Gateway
The REST Gateway is an Envoy instance for proxying and rewriting requests that would have previously gone to RESTBase as part of our migration away from the platform. It is a subconfiguration of the API Gateway chart. It runs as a Kubernetes service and is accessible via https://rest-gateway.discovery.wmnet:4113/
Services currently supported
The following is a non-exhaustive list of services where traffic is routed via the REST gateway (and so avoid use of RESTBase):
- Proton
- Wikifeeds
- geo-analytics (AQS 2)
- device-analytics (AQS 2)
- media-analytics (AQS 2)
- page-analytics (AQS 2)
- editor-analytics (AQS 2)
- edit-analytics (AQS 2)
- commons-impact-analytics (AQS 2)
Gateway configuration
Per-service configuration and traffic routing
The service configuration should be queried for the most up to date list of proxied services. These services are configured in the gateway but may not be configured to route public traffic, verify this by checking Puppet. The gateway-checkLua script configured on ATS instances checks request paths for /rest_v1/ URLs and, if they are in the config, route the requests to the configured gateway.
Headers
The REST Gateway automatically adds a set of headers to all responses as part of the RESTBase compatibility layer. See git for an up to date list. The REST Gateway will also add a content-security-policy header only if the header is absent.
Acceptance criteria
For a service to be routed to via the rest-gateway, certain criteria should be met before routing public traffic:
- The service must have a discovery DNS record configured ($service.discovery.wmnet)
- The service must be running in both eqiad and codfw
- The service must emit either an
etagorlast-modifiedheader - The service must emit a
cache-controlheader
If a URL is being migrated from one service to another, the headers should match as closely as is reasonable with particular attention paid to the above.
Testing
The REST Gateway can be reached directly from inside the infrastructure. For instance, to query wikifeeds availability path:
curl -v -H 'de.wikipedia.org' https://rest-gateway.discovery.wmnet:4113/de.wikipedia.org/v1/feed/availability