burak

Posted on Nov 30, 2020 • Updated on Dec 4, 2020

Ocelot with .Net Core 5.0

#microservices #ocelot #csharp #dotnet

Hello everybody. The world is struggling with the Covid 19 and the coronavirus is increasing day by day. I just want to say "Do not go anywhere stay at home and protect yourself".

So I have been working from home since March. Since I am always at home, I try to spend my time very efficiently. These days, I make more time to read and write code. This is my first post on this website so and I'm excited. I want to share my experience. In this post, I'm going to explain how to implement Ocelot on .Net Core Web API.

What is API Gateway?

An API Gateway is basically an interface. The API Gateway receives are calls and redirects to services.

What is Ocelot?

Ocelot is an API Gateway for the .Net Platform. Ocelot’s primary functionality is to take incoming HTTP requests and forward them to a downstream service I use for the microservice project. Here is the official page Ocelot https://ocelot.readthedocs.io/

Ocelot is a very powerful framework and here are the Ocelot features.

Routing
WebSockets
Authentication
Authorization
Rate Limiting
Caching
Retry policies/QoS
Load Balancing
Logging/Tracing/Correlation etc.. For more feature lists you should visit the official website.

I designed a new microservice project with .Net Core 5.0. If you ask why did you prefer the newest framework? Only one reason. The reason is Swagger installed by default. At the bottom of the picture, I draw my project design.

Firstly I created a Visual Studio blank application. This application includes 3 different projects in the blank application. Here is the folder structure.

If you develop with visual studio code you should visit Dotnet commands from Commands

Now I'm gonna explain how to configure Ocelot with the .Net Core project. Here is the hero :) NuGet package is Ocelot.

Install the NuGet package on the API Gateway project then create a new JSON file and called ocelot.json here is the configuration.

{
  "Routes": [
    {
      "DownstreamPathTemplate": "/api/catalog",
      "DownstreamScheme": "http",
      "DownstreamHostAndPorts": [
        {
          "Host": "localhost",
          "Port": 7001
        }
      ],
      "UpstreamPathTemplate": "/catalog-service/catalog"
    },
    {
      "DownstreamPathTemplate": "/api/customer",
      "DownstreamScheme": "http",
      "DownstreamHostAndPorts": [
        {
          "Host": "localhost",
          "Port": 7002
        }
      ],
      "UpstreamPathTemplate": "/customer-service/customer",
      "RateLimitOptions": {
        "ClientWhitelist": [],
        "EnableRateLimiting": true,
        "Period": "1s",
        "PeriodTimespan": 1,
        "Limit": 1
      }
    },
    {
      "DownstreamPathTemplate": "/api/customer/{id}",
      "DownstreamScheme": "http",
      "DownstreamHostAndPorts": [
        {
          "Host": "localhost",
          "Port": 7002
        }
      ],
      "UpstreamPathTemplate": "/customer-service/customer/{id}"
    }
  ],
  "GlobalConfiguration": {
    "BaseUrl": "http://localhost:7000"
  }
}

I defined the default port in Program.cs every project.

API Gateway runs on http://localhost:7000
Catalog API runs on http://localhost:7001
Customer API runs on http://localhost:7002

Configure the Startup file.

Every first request coming to UpstreamPathTemplate after that goes to DownstreamPathTemplate. After all the configurations start all projects without debugging mode and open the Postman application.

CatalogController.cs

UpstreamPathTemplate is /customer-service/customer
DownstreamPathTemplate is /api/customer

If you request with a {id} parameter

UpstreamPathTemplate is /customer-service/customer/{id}
DownstreamPathTemplate is /api/customer/{id}

Another important feature is Rate Limiting. Rate limiting is a strategy for limiting network traffic. It puts a cap on how often someone can repeat an action within a certain timeframe – for instance, trying to log in to an account. Rate limiting can help stop certain kinds of malicious bot activity. It can also reduce strain on web servers. However, rate limiting is not a complete solution for managing bot activity. Cloudflare

"RateLimitOptions": {
        "ClientWhitelist": [],
        "EnableRateLimiting": true,
        "Period": "1s",
        "PeriodTimespan": 1,
        "Limit": 1
      }

I configure the /customer-service/customer endpoint. If you request in 1s multiple times I'll not reach the endpoint.

Thank you for your time :) 👋🏻

Source Code: Github

Reference:
Header Image

Top comments (8)

LEXEnprise • Apr 29 '21

Hey,

This is a great stuff!
Do you have another version using Ocelot with .NET 5 that can support a custom Identity Api (Web Api with asp.net core identity) for authentication?

Looking forward with Authentication support version.

burak • May 16 '21

Hi, I found it for you. But you can use Nginx with docker. ocelot.readthedocs.io/en/latest/fe...

Tiger333 • Jan 19 '21

I've been using ocelot with a hobby project and so far its working pretty well (connected to 4 microservices) - originally using azure APIM but the consumption plan and start up cost was too much and the next level up just wasnt cost effective for a personal project *I do believe that once I'm ready to go to production I may switch to APIM though

eventaka • Oct 27 '21

Hi,

Using OCELOT, I would like to know if it's possible to send a request to a web api that know only windows authentication.

I have differents webapi applications: some that works in anonymous (so using token from ocelot is ok) and some that works with windows authentication (so I cant use the JWT).

IS Ocelot can work with only JWT or also with windows authentication ?
If yes, how to do that ?

Thanks a lot,

Aby