Gatekeeper is an API mangement system with rich API entitlement functionality. It uses Envoyproxy as API gateway.
Gatekeeper provides API entitlement management:
-
Administration of developers and their applications.
-
Fine grained access control to backends by defining API products.
-
Authenticate and authorize applications using apikeys or OAuth2.
Gatekeeper offers anapi to unlock Envoyproxy's advancing routing capabilities:
-
Gatekeeper supports TLS for downstream and upstream traffic.
-
Dynamic Routing: Gatekeeper can route traffic across multiple backends.
-
High Availability: by allowing retry behaviour to be configured per path to reduce error rates.
-
Health Checks: Gatekeeper can actively monitor backends.
-
Gatekeeper's authentication server has detailed metrics on authentication and authorization.
-
Envoyproxy provides detailed request metrics on error rates, response latencies, request size.
Deployment options:
-
Ease to deployment: deploy locally using docker compose or in Kubernetes cluster using helm chart.
-
Database: any Cassandra-CQL compatible database can be used: AWS Keyspaces, Azure CosmosDB and Apache Cassandra.
-
Designed for multi-region deployment by default.
-
docs: All documentation:
-
Architecture High-level overview.
-
deployment: Deployment documentation of each component.
-
api: management API specification.
-
examples: Example management API calls.
-
-
build: Scripts for packaging Gatekeeper components in Docker images.
-
deployment: example Docker compose configuration.
-
cmd: Source code of individual Gatekeeper components.
-
pkg: Source code of shared Gatekeeper components.
Please note Gatekeeper is still under heavy development, but feel free to open a Github issue!
Apache v2, some of Gatekeeper's API is inspired by work created and shared by Google and used according to terms described in the Creative Commons 4.0 Attribution License
Gatekeeper is current under heavy development.