Ceptor Docs

Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

JSON Configuration for Destinations

"destinations" is an array of JSON objects where each object contains the configuration for a single destination.

{
  "destinations": [
    {
      "name": "demoapp",
      "description": "Demonstration application",
      "cookiesnapper": {
        "pattern": "JSESSIONID",
        "classifier": "default"
      },
      "ping": {
        "expect": "200",
        "timeout.seconds": 5,
        "method": "HEAD",
        "uri": "/",
        "meod": "GET",
        "interval.seconds": 30,
        "response.verify.script": "if (input.contains('For further information about PortalProtect')) true; else false;"
      },
      "loadbalance": "roundrobin",
      "target.consul.askviaconfigserver": false,
      "target.consul.interval": 60,
      "targets": [{
        "scheme": "http",
        "port": 8080,
        "unavailable": false,
        "name": "demoapp1",
        "host": "127.0.0.1",
        "disabled": false,
        "limits": {
          "queue.length": 100,
          "max.idle.connections.hard": 20,
          "idle.ttl": 10,
          "max.idle.connections.soft": 5,
          "max.concurrent.requests": 20
        }
      }],
      "limits": {
        "queue.length": 200,
        "max.idle.connections.hard": 20,
        "idle.ttl": -1,
        "max.idle.connections.soft": 5,
        "max.concurrent.requests": 10
      },
      "authentication": {
        "plugins": [
          "io.ceptor.authentication.target.TAuthenticatorBasicAuth",
          "io.ceptor.authentication.target.TAuthenticatorSSL",
          "io.ceptor.authentication.target.TAuthenticatorBearerToken"
        ],
        "basicauth": {
          "password": "password",
          "anonymous.password": "password",
          "anonymous.userid": "%{REQUEST_ID}",
          "userid": "%{REQUEST_ID}"
        },
        "bearer": {
          "authenticationplugin": 48,
          "forward.from.request": true,
          "call.newtoken": false,
          "base64encode": false,
          "newtoken.input": null,
          "use.ticket.from.session": true
        },
        "ssl": {
          "header.cipher": "SSL_CIPHER",
          "header.sessionid": "SSL_SESSION_ID",
          "header.clientcert": "SSL_CLIENT_CERT"
        }
      }
    }
  ]
}

Configuration using Ceptor Console

Here is the list of destinations, where you can add new destinations, or remove existing ones.


When you click Add, you get this prompt:

where you need to enter a name and optionally a description for your own use.

When you have entered this, you are brought to the Destination Configuration

Configuration is stored in the JSON object for the destination directly

The configuration on this screen is split into 2 different sections.

Destination Configuration

Name

Name of destination - used for logging/debugging and stickinesss (hash of name is in sticky cookie)

Default: none, a name is required
JSON key: name

Description

Description of destination - an optional description for your own use.

Default: none
JSON key: description

Enable HTTP2

Enable HTTP/2 protocol support - if not checked, HTTP 1.1 will be used instead when making connections towards the server.
Whenever possible, you should enable this, since HTTP/2 performs significantly better than older versions of the HTTP protocol.

Default: true
JSON key:http2.enable

Enable KeepAlive

If set, enables HTTP keepalive support - if not set, new connections will be created for each request which performs a lot worse than when enabled.

Default: true
JSON key: keepalive.enable

Sticky

If set, stickiness is enabled, meaning a sticky cookie is set, so user hits the same server again next time.

Default: true
JSON key: sticky

CookieSnapper

Configuration is stored in the JSON object cookiesnapper.

Cookies to snap

Pattern defining which cookies to remove from the response and place into the session. Any cookies matching this pattern will be moved from the response to the session, and added on future requests.

Default value: blank
JSON key: pattern

Classifier

Classifier to use - here you can use %{} variables, such as %{HTTP_HOST} or %{script:xxxx} to specify the classifier or scope to restrict these cookies to.
The classifier can ensure that the cookies are not forwarded on all requests, but only where the next request has the same classifier - so if it is e.g. set to %{HTTP_HOST} then the cookie will only be added to future requests, if these request has the exact same hostname as this one.
If the classifier is left as "default" then if if the next request has a different hostname, e.g. app2.mydomain.com then the cookie will be added to the request again, which is usually what you want. 

Default value: "default"
JSON key: classifier

Targets

A destination server has one or more target servers attached to it - target servers can be configured individually, or they can come from an application cluster, or even a consul service repository.

Target Server Configuration

Target server config is stored in the JSON object targets

See Destination Target Servers for details.

Alternative target settings

As an alternative to defining each target server one at a time, you can configure the gateway to use either an application cluster or do a consul service lookup.

An application cluster is a dynamic cluster created by importing a directory of configuration files into one, so the act of act of adding or removing the server is simply adding or removing a file within this directory. See Ceptor Configuration Server for details.

A consul service repository is also supported - se https://www.consul.io for information.

Applicationcluster name

Name of application cluster to automatically choose targets from - all servers in the applicationcluster will be used"

Default: none
JSON key: target.applicationcluster 

Lookup targets from services in consul

If set, lookup additional targets in consul using the configured consul service URI and consul server URLs

Default: false
JSON key: target.consul.enabled

Consul service URI

Service URL to query - e.g. /v1/catalog/service/customerservice

Default: none (but required when consul lookups are enabled)
JSON key: target.consul.serviceuri 

Call consul via configserver

If set, the "Consul servers URLs" is not used, but instead the config server is asked to call consul on behalf of the gateway.

Default: false
JSON key: target.consul.askviaconfigserver 

Consul servers URLs

List of URLs (separated by semicolon) to consul server(s), Do not include path - e.g. https://server1:4443;https://server2:4443

Default: none (but required when consul lookups are enabled, unless "Call consul via configserver" is set)
JSON key: target.consul.url 

Consul check interval

Interval in seconds between checking consul for updates

Default: 60
JSON key: target.consul.interval 


  • No labels