172 lines
6.4 KiB
Markdown
172 lines
6.4 KiB
Markdown
# OCI API Gateways - Completo
|
|
|
|
## Gateway 1: api-gateway-nexus-dev
|
|
|
|
| Propriedade | Valor |
|
|
|-------------|-------|
|
|
| Nome | api-gateway-nexus-dev |
|
|
| Tipo | PRIVATE |
|
|
| Hostname | `dnqe6ufrommkqxtfp7k2ehrbmu.apigateway.sa-saopaulo-1.oci.customer-oci.com` |
|
|
| IP | 10.6.0.123 |
|
|
| Compartment | cmp-dev-nexus |
|
|
| Estado | ACTIVE |
|
|
|
|
### Deployments
|
|
|
|
| Nome | Endpoint |
|
|
|------|----------|
|
|
| auth | /api/auth |
|
|
| user | /api/user |
|
|
| user-external | /api/user-external |
|
|
| user-internal | /api/user-internal |
|
|
| person | /api/person |
|
|
| role | /api/role |
|
|
| sso | /api/sso |
|
|
| cache | /api/cache |
|
|
| poc | /api/poc |
|
|
| commercial-manager | /api/commercial-manager |
|
|
|
|
---
|
|
|
|
## Gateway 2: api-gateway-insign-dev
|
|
|
|
| Propriedade | Valor |
|
|
|-------------|-------|
|
|
| Nome | api-gateway-insign-dev |
|
|
| Tipo | PRIVATE |
|
|
| Hostname | `oyk5unl6ec7a53aychqlvz5bwa.apigateway.sa-saopaulo-1.oci.customer-oci.com` |
|
|
| IP | 10.6.0.33 |
|
|
| Compartment | cmp-dev-insign |
|
|
| Estado | ACTIVE |
|
|
|
|
### Deployments
|
|
|
|
| Nome | Endpoint |
|
|
|------|----------|
|
|
| insign-deploy-dev | /insign |
|
|
| insing-dev | / |
|
|
| root | / |
|
|
|
|
---
|
|
|
|
## Gateway 3: api-gateway-mfe-dev (Terraform-managed)
|
|
|
|
| Propriedade | Valor |
|
|
|-------------|-------|
|
|
| Nome | api-gateway-mfe-dev |
|
|
| Tipo | PRIVATE |
|
|
| OCID | `ocid1.apigateway.oc1.sa-saopaulo-1.amaaaaaasks3yliabdiquogy2pqyohas4wjopizv2xzgzrclmsvsh4x7ewea` |
|
|
| Hostname | `guhal72tzyekzchzamhhi3lvgi.apigateway.sa-saopaulo-1.oci.customer-oci.com` |
|
|
| IP | 10.110.198.250 |
|
|
| VCN | vcn-oke (10.110.0.0/16) |
|
|
| Subnet | sbn-api-gateway (10.110.192.0/20) |
|
|
| Compartment | DEV (`ocid1.compartment.oc1..aaaaaaaa76x3nykkjwvctpr6px34dysu3pbg7p62h2r65fegt7fvbrioll3a`) |
|
|
| Estado | ACTIVE |
|
|
| Gerenciado por | Terraform (`tf_oci_clusters/modules/api_gateway_mfe`) |
|
|
| Criado em | 2026-02-22 (pipeline build #5964) |
|
|
|
|
### Deployments
|
|
|
|
6 deployments — um por MFE. Cada deployment tem 2 rotas: `/` (index.html) e `/{path*}` (arquivos estáticos).
|
|
|
|
| Deployment | Bucket OCI | Hostname planejado |
|
|
|------------|-----------|-------------------|
|
|
| deploy-mfe-shell-dev | `mfe-shell-dev` | `mfe-shell-dev.invista.com.br` |
|
|
| deploy-mfe-auth-dev | `mfe-auth-dev` | `mfe-auth-dev.invista.com.br` |
|
|
| deploy-mfe-user-dev | `mfe-user-dev` | `mfe-user-dev.invista.com.br` |
|
|
| deploy-mfe-person-dev | `mfe-person-dev` | `mfe-person-dev.invista.com.br` |
|
|
| deploy-mfe-formalization-dev | `mfe-formalization-dev` | `mfe-formalization-dev.invista.com.br` |
|
|
| deploy-mfe-poc-dev | `mfe-poc-dev` | `mfe-poc-dev.invista.com.br` |
|
|
|
|
Namespace Object Storage: `grbb7qzeuoag` | Region: `sa-saopaulo-1`
|
|
|
|
### Acesso
|
|
|
|
| Tipo | URL |
|
|
|------|-----|
|
|
| Direto (privado) | `https://guhal72tzyekzchzamhhi3lvgi.apigateway.sa-saopaulo-1.oci.customer-oci.com/{mfe-name}/` |
|
|
| Planejado (DNS) | `https://mfe-{name}-dev.invista.com.br` (pendente VCN peering + LB + Cloudflare) |
|
|
|
|
### Terraform
|
|
|
|
```hcl
|
|
# environments/dev/api_gateway_mfe.tf
|
|
module "api_gateway_mfe" {
|
|
count = var.enable_api_gateway_mfe ? 1 : 0
|
|
source = "../../modules/api_gateway_mfe"
|
|
|
|
compartment_id = local.compartment_id
|
|
subnet_id = module.network.lb_subnet_ids[0]
|
|
env_name = var.env_name
|
|
endpoint_type = "PUBLIC"
|
|
|
|
mfe_deployments = [
|
|
{ name = "mfe-shell", hostname = "mfe-shell-dev.invista.com.br", bucket_name = "mfe-shell-dev", object_namespace = var.mfe_object_namespace, region = var.oci_region },
|
|
{ name = "mfe-auth", hostname = "mfe-auth-dev.invista.com.br", bucket_name = "mfe-auth-dev", object_namespace = var.mfe_object_namespace, region = var.oci_region },
|
|
{ name = "mfe-user", hostname = "mfe-user-dev.invista.com.br", bucket_name = "mfe-user-dev", object_namespace = var.mfe_object_namespace, region = var.oci_region },
|
|
{ name = "mfe-person", hostname = "mfe-person-dev.invista.com.br", bucket_name = "mfe-person-dev", object_namespace = var.mfe_object_namespace, region = var.oci_region },
|
|
{ name = "mfe-formalization", hostname = "mfe-formalization-dev.invista.com.br", bucket_name = "mfe-formalization-dev", object_namespace = var.mfe_object_namespace, region = var.oci_region },
|
|
{ name = "mfe-poc", hostname = "mfe-poc-dev.invista.com.br", bucket_name = "mfe-poc-dev", object_namespace = var.mfe_object_namespace, region = var.oci_region },
|
|
]
|
|
}
|
|
```
|
|
|
|
### Pendencias
|
|
|
|
- [ ] VCN Peering: Attach vcn-oke ao DRG-Invista-Shared
|
|
- [ ] Rota no LB Test_Crivo_Dev: backend set apontando para 10.110.198.250:443
|
|
- [ ] Routing policy por hostname: `mfe-{name}-dev.invista.com.br` para cada MFE
|
|
- [ ] DNS Cloudflare: 6 CNAMEs `mfe-{name}-dev` -> LB IP (via Cloudflare proxy)
|
|
- [ ] Atualizar `federation.manifest.json` do mfe-shell com URLs reais dos remotes
|
|
- [ ] Migrar `EnvironmentService` do mfe-shell de AWS para OCI api-gateway-nexus-dev
|
|
|
|
---
|
|
|
|
## Frontends Estaticos (Buckets)
|
|
|
|
| Bucket | Namespace | Acesso | Descricao |
|
|
|--------|-----------|--------|-----------|
|
|
| `mfe-shell-dev` | grbb7qzeuoag | API Gateway MFE | Shell Angular (HOST) — orquestra todos os remotes |
|
|
| `mfe-auth-dev` | grbb7qzeuoag | API Gateway MFE | MFE Auth |
|
|
| `mfe-user-dev` | grbb7qzeuoag | API Gateway MFE | MFE User |
|
|
| `mfe-person-dev` | grbb7qzeuoag | API Gateway MFE | MFE Person |
|
|
| `mfe-formalization-dev` | grbb7qzeuoag | API Gateway MFE | MFE Formalization |
|
|
| `mfe-poc-dev` | grbb7qzeuoag | API Gateway MFE | MFE PoC |
|
|
| `app-front-insign-teste` | grbb7qzeuoag | Cloudflare + OCI | Site estatico de teste (insign) |
|
|
| `front` | grbb7qzeuoag | — | Icones SVG |
|
|
|
|
Todos os buckets MFE: `public-access-type = ObjectReadWithoutList`, criados via pipeline CI/CD (Azure DevOps).
|
|
|
|
---
|
|
|
|
## Conectividade de Rede
|
|
|
|
### VCNs envolvidas
|
|
|
|
| VCN | CIDR | Componentes |
|
|
|-----|------|-------------|
|
|
| VCN-Shared | 10.8.0.0/16 | LB Test_Crivo_Dev (10.8.4.127) |
|
|
| vcn-oke (dev) | 10.110.0.0/16 | API Gateway MFE (10.110.198.250), OKE clusters |
|
|
|
|
### DRG (Dynamic Routing Gateway)
|
|
|
|
| Propriedade | Valor |
|
|
|-------------|-------|
|
|
| Nome | DRG-Invista-Shared |
|
|
| OCID | `ocid1.drg.oc1.sa-saopaulo-1.aaaaaaaazuiluiavm3zcrzelqs2f3k3sdy3fka5yytwjua37a2ksn446deza` |
|
|
| VCN-Shared | Attached |
|
|
| vcn-oke (dev) | **Pendente** - necessario para LB acessar API Gateway |
|
|
|
|
### Fluxo de rede planejado
|
|
|
|
```
|
|
Browser -> Cloudflare (mfe-{name}-dev.invista.com.br)
|
|
-> LB Test_Crivo_Dev (10.8.4.127, VCN-Shared)
|
|
-> DRG-Invista-Shared (VCN peering — PENDENTE)
|
|
-> API Gateway MFE (10.110.198.250, vcn-oke)
|
|
-> Object Storage (mfe-{name}-dev, namespace grbb7qzeuoag)
|
|
```
|
|
|
|
---
|
|
|
|
*Atualizado em: 2026-02-28*
|