Skip to main content

Expose APIs using Hub API Gateway

Traefik Hub API Gateway allows exposing your APIs using rules which can be defined on:

  • The Host name
  • The Headers
  • The HTTP Methods
  • The Path
  • The Query parameters
  • The Client IP address

In the examples below, Traefik Hub API Gateway was deployed using the Helm Chart default configuration.

It creates an entryPoint named websecure that allows exposing the Ingress on the port 443.

Host Name

To expose an API checking the requests the Host name, apply the following configuration:

apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: my-app
  namespace: apps
spec:
  entryPoints:
    - websecure
  routes:
  - match: Host(`whoami.example.com`)
    kind: Rule
    services:
    - name: whoami
      port: 80
  tls: {}

Host Name and Path Prefix

To expose an API checking the requests the Host name and the Path, apply the following configuration:

apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: my-app
  namespace: apps
spec:
  entryPoints:
    - websecure
  routes:
  # Check the Host Name and the path prefix
  - match: Host(`example.com`) && PathPrefix(`/whoami`)
    kind: Rule
    services:
    - name: whoami
      port: 80
  tls: {}

Regular Expression on the Path and low priority

To expose an API checking if the requests path matches the expected regular expression, apply the following configuration:

apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: my-app
  namespace: apps
spec:
  entryPoints:
    - websecure
  routes:
    # Match both /products/shoes and /products/socks with and ID like /products/shoes/31
  - match: PathRegexp(`^/products/(shoes|socks)/[0-9]+$`)
    kind: Rule
    # The smaller the number, the lower the priority
    # Every other router will be evaluated before this one
    priority: 1
    services:
    - name: whoami
      port: 80
  tls: {}

Path, Method and Header

To expose an API checking if a request header matches the expected regular expression, and checking its path and method, apply the following configuration:

apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: my-app
  namespace: apps
spec:
  entryPoints:
    - websecure
  routes:
    # Match requests with a Content-Type header set to either application/json or application/yaml
    # And a path set to /products but neither /products/shoes nor /products/
    # AND only the HTTP Methods GET, POST and PUT
  - match: Path(`/products`) && HeaderRegexp(`Content-Type`, `^application/(json|yaml)$`) && (Method(`GET`) || Method(`POST`) || Method(`PUT`))
    kind: Rule
    services:
    - name: whoami
      port: 80
  tls: {}

Related Content