You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/spring-apps/how-to-configure-enterprise-spring-cloud-gateway.md
+32-31Lines changed: 32 additions & 31 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -31,13 +31,14 @@ VMware Spring Cloud Gateway includes the following features:
31
31
- Circuit breaker configuration
32
32
- Support for accessing application services via HTTP Basic Authentication credentials
33
33
34
-
To integrate with the API portal for VMware Tanzu, VMware Spring Cloud Gateway automatically generates OpenAPI version 3 documentation after any additions or changes to route configuration. For more information, see [Use API portal for VMware Tanzu](./how-to-use-enterprise-api-portal.md).
34
+
To integrate with API portal for VMware Tanzu, VMware Spring Cloud Gateway automatically generates OpenAPI version 3 documentation after any additions or changes to route configuration. For more information, see [Use API portal for VMware Tanzu](./how-to-use-enterprise-api-portal.md).
35
35
36
36
## Prerequisites
37
37
38
-
- An already provisioned Azure Spring Apps (Enterprise plan) service instance with VMware Spring Cloud Gateway enabled. For more information, see [Quickstart: Build and deploy apps to Azure Spring Apps using the Enterprise plan](quickstart-deploy-apps-enterprise.md).
38
+
- An already provisioned Azure Spring Apps Enterprise plan service instance with VMware Spring Cloud Gateway enabled. For more information, see [Quickstart: Build and deploy apps to Azure Spring Apps using the Enterprise plan](quickstart-deploy-apps-enterprise.md).
39
39
40
-
You must enable VMware Spring Cloud Gateway when you provision your Azure Spring Apps service instance. You can't enable VMware Spring Cloud Gateway after provisioning.
40
+
> [!NOTE]
41
+
> You must enable VMware Spring Cloud Gateway when you provision your Azure Spring Apps service instance. You can't enable VMware Spring Cloud Gateway after provisioning.
41
42
42
43
- Azure CLI version 2.0.67 or later. For more information, see [How to install the Azure CLI](/cli/azure/install-azure-cli).
43
44
@@ -53,9 +54,9 @@ Use the following steps to enable or disable VMware Spring Cloud Gateway by usin
53
54
1. Select **Manage**.
54
55
1. Select or clear the **Enable Spring Cloud Gateway** checkbox, and then select **Save**.
55
56
56
-
You can now view the state of Spring Cloud Gateway on the **Spring Cloud Gateway**pane.
57
+
You can now view the state of the Spring Cloud Gateway on the **Spring Cloud Gateway**page.
57
58
58
-
:::image type="content" source="media/how-to-configure-enterprise-spring-cloud-gateway/gateway-manage-restart.png" alt-text="Screenshot of the Azure portal that shows the Spring Cloud Gateway pane." lightbox="media/how-to-configure-enterprise-spring-cloud-gateway/gateway-manage-restart.png":::
59
+
:::image type="content" source="media/how-to-configure-enterprise-spring-cloud-gateway/gateway-manage-restart.png" alt-text="Screenshot of the Azure portal that shows the Spring Cloud Gateway page." lightbox="media/how-to-configure-enterprise-spring-cloud-gateway/gateway-manage-restart.png":::
59
60
60
61
### [Azure CLI](#tab/Azure-CLI)
61
62
@@ -87,11 +88,11 @@ Use the following steps to restart VMware Spring Cloud Gateway by using the Azur
87
88
1. Select **Restart**.
88
89
1. Select **OK** to confirm the restart.
89
90
90
-
:::image type="content" source="media/how-to-configure-enterprise-spring-cloud-gateway/gateway-restart.png" alt-text="Screenshot of the Azure portal that shows the Spring Cloud Gateway pane with the confirmation message about restarting the gateway." lightbox="media/how-to-configure-enterprise-spring-cloud-gateway/gateway-restart.png":::
91
+
:::image type="content" source="media/how-to-configure-enterprise-spring-cloud-gateway/gateway-restart.png" alt-text="Screenshot of the Azure portal that shows the Spring Cloud Gateway page with the confirmation message about restarting the gateway." lightbox="media/how-to-configure-enterprise-spring-cloud-gateway/gateway-restart.png":::
91
92
92
93
### [Azure CLI](#tab/Azure-CLI)
93
94
94
-
Use the following Azure CLI command to restart VMware Spring Cloud Gateway:
95
+
Use the following Azure CLI command to restart the gateway:
95
96
96
97
```azurecli
97
98
az spring spring-cloud-gateway restart \
@@ -110,7 +111,7 @@ This section describes how to assign a public endpoint to VMware Spring Cloud Ga
110
111
To assign an endpoint in the Azure portal, use the following steps:
111
112
112
113
1. Open your Azure Spring Apps instance.
113
-
1. Select **Spring Cloud Gateway** on the left pane, and then select **Overview**.
114
+
1. Select **Spring Cloud Gateway** on the navigation pane, and then select **Overview**.
114
115
1. Set **Assign endpoint** to **Yes**.
115
116
116
117
After a few minutes, **URL** shows the configured endpoint URL. Save the URL to use later.
@@ -132,9 +133,9 @@ az spring gateway update \
132
133
133
134
## Configure VMware Spring Cloud Gateway metadata
134
135
135
-
VMware Spring Cloud Gateway metadata automatically generates OpenAPI version 3 documentation. You can configure VMware Spring Cloud Gateway metadata to display route groups in the API portal for VMware Tanzu. For more information, see [Use API portal for VMware Tanzu](./how-to-use-enterprise-api-portal.md).
136
+
VMware Spring Cloud Gateway metadata automatically generates OpenAPI version 3 documentation. You can configure VMware Spring Cloud Gateway metadata to display route groups in API portal for VMware Tanzu. For more information, see [Use API portal for VMware Tanzu](./how-to-use-enterprise-api-portal.md).
136
137
137
-
The following table describes the available metadata options.
138
+
The following table describes the available metadata options:
@@ -151,15 +152,15 @@ You can use the Azure portal or the Azure CLI to edit metadata properties.
151
152
To edit metadata in the Azure portal, use the following steps:
152
153
153
154
1. Open your Azure Spring Apps instance.
154
-
1. Select **Spring Cloud Gateway** on the left pane, and then select **Configuration**.
155
+
1. Select **Spring Cloud Gateway** on the navigation pane, and then select **Configuration**.
155
156
1. Specify values for the properties listed for **API**.
156
157
1. Select **Save**.
157
158
158
159
:::image type="content" source="media/how-to-configure-enterprise-spring-cloud-gateway/gateway-configuration.png" alt-text="Screenshot of the Azure portal that shows the Spring Cloud Gateway configuration pane for an Azure Spring Apps instance, with the API section highlighted." lightbox="media/how-to-configure-enterprise-spring-cloud-gateway/gateway-configuration.png":::
159
160
160
161
#### [Azure CLI](#tab/Azure-CLI)
161
162
162
-
Use the following command to configure metadata properties for VMware Spring Cloud Gateway. You need the endpoint URL that you obtained when you [assigned a public endpoint to VMware Spring Cloud Gateway](#assign-a-public-endpoint-to-vmware-spring-cloud-gateway).
163
+
Use the following command to configure metadata properties for VMware Spring Cloud Gateway. You need the endpoint URL that you obtained when you completed the [Assign a public endpoint to VMware Spring Cloud Gateway](#assign-a-public-endpoint-to-vmware-spring-cloud-gateway) section.
163
164
164
165
```azurecli
165
166
az spring gateway update \
@@ -176,14 +177,14 @@ az spring gateway update \
176
177
177
178
## Configure single sign-on
178
179
179
-
VMware Spring Cloud Gateway supports authentication and authorization through single sign-on (SSO) with an OpenID identity provider. The provider supports the OpenID Connect Discovery protocol.
180
+
VMware Spring Cloud Gateway supports authentication and authorization through single sign-on (SSO) with an OpenID identity provider. The provider supports the OpenID Connect Discovery protocol. The following table describes the SSO properties:
|`issuerUri`| Yes | The URI that's asserted as its issuer identifier. For example, if `issuer-uri` is `https://example.com`, an OpenID Provider Configuration Request is made to `https://example.com/.well-known/openid-configuration`. The result is expected to be an OpenID Provider Configuration Response. |
184
-
|`clientId`| Yes | The OpenID Connect client ID from your identity provider. |
185
-
|`clientSecret`| Yes | The OpenID Connect client secret from your identity provider. |
186
-
|`scope`| Yes | A list of scopes to include in JWT identity tokens. This list should be based on the scopes that your identity provider allows. |
185
+
|`clientId`| Yes | The OpenID Connect client ID from your identity provider. |
186
+
|`clientSecret`| Yes | The OpenID Connect client secret from your identity provider. |
187
+
|`scope`| Yes | A list of scopes to include in JWT identity tokens. This list should be based on the scopes that your identity provider allows. |
187
188
188
189
To set up SSO with Azure Active Directory, see [Set up single sign-on with Azure Active Directory for Spring Cloud Gateway and API portal](./how-to-set-up-sso-with-azure-ad.md).
189
190
@@ -194,7 +195,7 @@ You can use the Azure portal or the Azure CLI to edit SSO properties.
194
195
To edit SSO properties in the Azure portal, use the following steps:
195
196
196
197
1. Open your Azure Spring Apps instance.
197
-
1. Select **Spring Cloud Gateway** on the left pane, and then select **Configuration**.
198
+
1. Select **Spring Cloud Gateway** on the navigation pane, and then select **Configuration**.
198
199
1. Specify values for the properties listed for **SSO**.
199
200
1. Select **Save**.
200
201
@@ -231,7 +232,7 @@ VMware Spring Cloud Gateway service instances provide a default API endpoint to
231
232
232
233
### Log out of the IdP and SSO session
233
234
234
-
If you send a `GET` request to the `/scg-logout` endpoint, the endpoint sends a `302` redirect response to the IdP logout URL. To get the endpoint to return the user to a path on the VMware Spring Cloud Gateway service instance, add a redirect parameter to the `GET` request with the `/scg-logout` endpoint. For example, use `${server-url}/scg-logout?redirect=/home`.
235
+
If you send a `GET` request to the `/scg-logout` endpoint, the endpoint sends a `302` redirect response to the IdP logout URL. To get the endpoint to return the user to a path on the gateway service instance, add a redirect parameter to the `GET` request with the `/scg-logout` endpoint. For example, you can use `${server-url}/scg-logout?redirect=/home`.
235
236
236
237
The value of the redirect parameter must be a valid path on the VMware Spring Cloud Gateway service instance. You can't redirect to an external URL.
237
238
@@ -296,8 +297,8 @@ With the certificate updated to Azure Spring Apps, you can configure the TLS cer
296
297
297
298
Use the following steps to configure the certificate in the Azure portal:
298
299
299
-
1. In your Azure Spring Apps instance, select **Spring Cloud Gateway** on the left pane.
300
-
1. On the **Spring Cloud Gateway** pane, select **Certificate management**.
300
+
1. In your Azure Spring Apps instance, select **Spring Cloud Gateway** on the navigation pane.
301
+
1. On the **Spring Cloud Gateway** page, select **Certificate management**.
301
302
1. Select **Enable cert verification**.
302
303
1. Select the TLS certificate in **Certificates**.
303
304
1. Select **Save**.
@@ -365,8 +366,8 @@ VMware Spring Cloud Gateway restarts to ensure that the gateway uses the new cer
365
366
366
367
Use the following steps to synchronize certificates:
367
368
368
-
1.In your AzureSpringApps instance, select **SpringCloudGateway** on the left pane.
369
-
1.On the **SpringCloudGateway**pane, select **Restart**, and then confirm the operation.
369
+
1.In your AzureSpringApps instance, select **SpringCloudGateway** on the navigation pane.
370
+
1.On the **SpringCloudGateway**page, select **Restart**, and then confirm the operation.
370
371
371
372
#### [AzureCLI](#tab/Azure-CLI)
372
373
@@ -421,7 +422,7 @@ But if you have requirements that you can't fulfill by other configurations desc
421
422
422
423
To configure environment variables in the Azure portal, use the following steps:
423
424
424
-
1.In your AzureSpringApps instance, select **SpringCloudGateway** on the left pane, and then select **Configuration**.
425
+
1.In your AzureSpringApps instance, select **SpringCloudGateway** on the navigation pane, and then select **Configuration**.
425
426
1.Fill in the key/value pairs for the environment variables in the **Properties** and **Secrets** sections. You can include variables with sensitive information in the **Secrets** section.
426
427
1.Select**Save** to save your changes.
427
428
@@ -469,7 +470,7 @@ You can use the Azure portal or the Azure CLI to set up APM in VMware Spring Clo
469
470
470
471
Use the following steps to set up APM by using the Azure portal:
471
472
472
-
1.In your AzureSpringApps instance, select **SpringCloudGateway** on the left pane, and then select **Configuration**.
473
+
1.In your AzureSpringApps instance, select **SpringCloudGateway** on the navigation pane, and then select **Configuration**.
473
474
1.Choose the APM type in the **APM** list to monitor a gateway.
474
475
1.Fill in the key/value pairs for the APM environment variables in the **Properties** and **Secrets** sections. You can put variables with sensitive information in **Secrets**.
475
476
1.Select**Save** to save your changes.
@@ -538,7 +539,7 @@ To get environment variable keys, add the `logging.level.` prefix, and then set
538
539
539
540
To configure log levels in the Azure portal, use the following steps:
540
541
541
-
1.In your AzureSpringApps instance, select **SpringCloudGateway** on the left pane, and then select **Configuration**.
542
+
1.In your AzureSpringApps instance, select **SpringCloudGateway** on the navigation pane, and then select **Configuration**.
542
543
1.Fill in the key/value pairs for the log levels' environment variables in the **Properties** and **Secrets** sections. If the log level is sensitive information in your case, you can include it by using the **Secrets** section.
543
544
1. Select **Save** to save your changes.
544
545
@@ -587,8 +588,8 @@ The following list shows the supported add-on configurations for the add-on key
587
588
-Key name: `sso`
588
589
-Value type:Object
589
590
-Properties:
590
-
- `RolesAttributeName` (string):Specifies the name of the attribute that contains the roles associated with the SSO session.
591
-
- `InactiveSessionExpirationInMinutes` (integer):Specifies the expiration time, in minutes, for inactive SSO sessions. A value of `0` means the session never expires.
591
+
- `RolesAttributeName` (String):Specifies the name of the attribute that contains the roles associated with the SSO session.
592
+
- `InactiveSessionExpirationInMinutes` (Integer):Specifies the expiration time, in minutes, for inactive SSO sessions. A value of `0` means the session never expires.
592
593
-Example:
593
594
594
595
```json
@@ -604,7 +605,7 @@ The following list shows the supported add-on configurations for the add-on key
604
605
-Key name: `api`
605
606
-Value type:Object
606
607
-Properties
607
-
- `groupId` (string):A unique identifier for the group of APIs available on the VMwareSpringCloudGateway instance. The value can contain only lowercase letters and numbers.
608
+
- `groupId` (String):A unique identifier for the group of APIs available on the VMwareSpringCloudGateway instance. The value can contain only lowercase letters and numbers.
608
609
-Example:
609
610
610
611
```json
@@ -619,7 +620,7 @@ Use the following steps to update the add-on configuration.
619
620
620
621
### [Azure portal](#tab/Azure-portal)
621
622
622
-
1.In your AzureSpringApps instance, select **SpringCloudGateway** on the left pane, and then select **Configuration**.
623
+
1.In your AzureSpringApps instance, select **SpringCloudGateway** on the navigation pane, and then select **Configuration**.
0 commit comments