问题
I'm trying to set up a basic reverse-proxy from http://foo.com to http://foo.internal:38121 using API Gateway (so I don't have to get involved w/ deploying NGINX clusters).
I cannot just use CloudFront -> http://foo.internal:38121 without API Gateway, since I need to change http://foo.internal:38121 to something else on each deploy... and changing the CloudFront origin would trigger an untenable ~40 minute update. Furthermore, I cannot used fixed ports (so CloudFront w/ fixed origin and a DNS change per-deploy is also not an option)... something needs to be able to instantly map foo.com:80 onto foo.internal:???.
I'm attempting to use API Gateway:
/
/{proxy+}
ANY
However, the endpoint produces this:
> curl https://XYZ.execute-api.eu-west-1.amazonaws.com/prod/
{ "message": "Missing Authentication Token" }
Whereas this works:
> curl https://XYZ.execute-api.eu-west-1.amazonaws.com/prod/hello_world/
Hello!
I can workaround the issue by adding a secondary ANY method:
/
ANY
/{proxy+}
ANY
Which fixes it:
> curl https://XYZ.execute-api.eu-west-1.amazonaws.com/prod/
Hello!
However the duplicate config for each deployment is not ideal.
For example: it could produce a bug. Although deployments occur atomically, "staging" the changes does not. This means there's a risk whereby 2 concurrent CI builds could update / and /.+ to point to a new upstream (e.g. with aws apigateway update-integration x2 -- one for each resource), but as the 4x total commands overlap from the 2x concurrent CI builds, the methods could end up pointing to different upstreams, and subsequently get deployed.
Is it possible for {proxy+} to capture / in API Gateway? (Or is there a simpler/better way to achieve this style of reverse-proxying w/ instant-ish upstream changes, just using AWS components?)
回答1:
"However the duplicate config for each deployment is not ideal..." There is no the duplicate here. You can use the same lambda for both methods.
来源:https://stackoverflow.com/questions/46578615/is-it-possible-for-proxy-to-capture-in-api-gateway