This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Integrate Gcp Api Gateway with GKE Cluster

Posted on 02-09-2025 09:47 PM
Harisabareesh
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

My architecture is gcp API gateway should be central endpoint (like have map domain with https for gateway url), followed by i have created gke cluster and deployed microservices in that cluster and exposed those via gcp ingress.

flow : user -> api gateway -> gke ingress endpoint -> microservices.

 i am i configures till gke ingress like all services are deployed in gke cluster and up and running via ingress endpoint. 

now i need to integrate api gateway with ingress endpoint. and here we using keyclock as auth service and backend is java application (spring boot).

Here i need you  guys help for this scenario to get integrate gcp gateway with gke cluster ingress.  


my api gateway open config file

swagger: "2.0"
info:
title: " API Gateway"
description: "Centralized API Gateway for microservices with Keycloak integration"
version: "1.0.0"
schemes:
- https
produces:
- application/json
consumes:
- application/json

x-google-management:
metrics:
- name: "requests_count"
displayName: "Request Count"
valueType: INT64
metricKind: DELTA
quota:
limits:
- name: "requests-per-project"
unit: "1/min"
values:
STANDARD: 1000

paths:
/:
get:
operationId: getInspection
security:
- keycloak_jwt: ["openid", "profile"]
- api_key: []
x-google-backend:
address: "https://api.example.com" # Ingress endpoint
path_translation: APPEND_PATH_TO_ADDRESS
deadline: 30.0
jwt_audience: "$client-id"
responses:
'200':
description: "Successful response"
'401':
description: "Unauthorized"
'403':
description: "Forbidden"
post:
operationId: postInspection
security:
- keycloak_jwt: ["openid", "profile"]
- api_key: []
x-google-backend:
address: "https://api.example.com" # Ingress endpoint
path_translation: APPEND_PATH_TO_ADDRESS
deadline: 30.0
jwt_audience: "client-id"
responses:
'200':
description: "Successful response"
'401':
description: "Unauthorized"
'403':
description: "Forbidden"

securityDefinitions:
api_key:
type: apiKey
in: header
name: X-API-KEY

keycloak_jwt:
type: "oauth2"
flow: "accessCode"
authorizationUrl: "https://auth.example.com/client/realms/client/protocol/openid-connect/auth"
tokenUrl: "https://auth.example.com/client/realms/client/protocol/openid-connect/token"
x-google-issuer: "https://auth.example.com/client/realms/client"
x-google-jwks_uri: "https://auth.example.com/client/realms/client/protocol/openid-connect/certs"
x-google-audiences: "client-id"
scopes:
openid: "OpenID Connect scope"
profile: "Profile scope"





Solved Solved
1 1 471
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
francislouie
Staff
Reply posted on --/--/---- --:-- AM

Hi @Harisabareesh,

Welcome to Google Cloud Community!

It seems like this kind of setup needs further assistance. For more detailed guidance, please feel free to reach out to the google support team.

 

View solution in original post

Jump to Solution
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
francislouie
Staff
Reply posted on --/--/---- --:-- AM

Hi @Harisabareesh,

Welcome to Google Cloud Community!

It seems like this kind of setup needs further assistance. For more detailed guidance, please feel free to reach out to the google support team.

 

Jump to Solution
0 Likes
Top Labels in this Space