Embed Size (px)
Citation preview
APPLY RATE LIMITING SLA POLICY
WITH MULESOFT API GATEWAYVince Jason Soliza
Pre-requisites
• API in Mulesoft API Gateway– e.g. http://www.slideshare.net/VinceSoliza/proxy-existing-soap-web-service
Apply Rate Limiting – SLA Based Policy in API ManagerThis presentation will show how to apply Rate Limiting – SLA Based Policy in API Gateway using Anypoint Platform for APIs
Run in Anypoint Studio• Run the api application in anypoint studio
Apply Rate Limiting – SLA Based Policy• Login to anypoint platform and open the API Manager where we want to
apply the policy
• Click the Policies tab in the bottom part of the API Manager
Apply Rate Limiting – SLA Based Policy• We can view the list of applied and currently available policies within the
API. Currently we have no applied policies.
• Look for the Rate Limiting – SLA Based policy then click Apply
Create SLA• If there’s no SLA tiers defined in the API, a prompt occur with a message
saying SLA has to be created first before applying the policy. It contains the link where to create SLA in the API Manager. Alternately there’s a tab where SLAs can be defined.
• Click add SLA tier. The SLA example in the right has a limit of 10 requests/second. The API access requests for this SLA will be granted without the need of approval.
Create SLA• We have created 3 SLA tiers, each has different rate limits. Request for
access in Silver and Gold SLAs requires approval.
• Now we have SLAs, let’s proceed in creating applications. On the API Manager main page. Click Create Portal, We doesn’tneed to edit the portal contents at the moment.• Click live portal in the upper right corner.In the live portal, click request API access also in the upper right.• Add new application.
Create Application• Now let’s match application withSLA and click Request for API access.• The request will be automatically approved as configured in the SLA.• Applications are assigned withcliend_id & client_secret this is used toidentify the application doing the certainRequest.• Proceed to applying theRate Limiting – SLA Based Policy.• Click apply, the form in the right will be shown. • Extracting client_id &client_secret from the request isconfigured with MEL expression in this form .
Grant API access requests• Silver and Gold applications are still pending for approval, the API owner
can approve the request.
Test the Policy• Open the application details listed in DeveloperPortal. Get the client_id & client_secret.• Open SOAPUI and make request for each applications having their unique
client_id and client_secret.
• See the rate limit response properties, it coincides with the specified limit of the application’s SLA tier.
Summary
• This is how to define SLA tiers for your API version in the Anypoint Platform for APIs.
• To enforce SLA tiers, you need to apply a rate-limiting or throttling policy that is SLA-based.
• SLA based policies require all applications to register for access to a specific tier, passing client credentials is required to identify the application doing the requests.
• The additional response headers are used to inform users about the SLA restrictions and the remaining spare capacity that the SLA allows.
QUESTIONS?Please leave a comment
