Repose is an open-source, RESTful middleware platform that transparently integrates with your existing infrastructure. Technically, it is a pseudo-transparent reverse proxy.
Repose provides highly scalable, extensible solutions to common API processing tasks including authentication, rate limiting, access control, logging, and more.
Additionally, Repose allows services to use Enterprise Integration Patterns.
Repose takes incoming requests from clients and adjusts them for consumption by services by passing the requests through a series of extensible filters. These filters provide functionality such as authentication, authorization, rate-limiting, and request modification. Repose can run as a stand-alone proxy server between the client and the origin service. The Repose instance can be on the same host as the origin service, but it doesn’t have to be. This deployment method, illustrated in the following graphic, is called Valve.
Repose can also run within a servlet container such as GlassFish or Tomcat using the WAR deployment.
You can decide which configuration works best for you, and you can tweak many of your configurations without having to restart Repose – it will pick up configuration changes on the fly, making it easy to configure and test.
Repose can be configured to use a distributed data store service where cached information is exchanged across multiple nodes. This makes Repose fault tolerant with proven performance.
Repose provides a series of customizable filters that you can configure to perform a large number of API tasks. The full list of filters is on the Filters page. Following are some of the most common ones:
Translating requests and responses so that services receive them in the format that they are expecting.
Rate limiting requests and responses to control network traffic.
Authenticating requests to enhance security.
Validating that requests conform to XSD and WADL specifications.
Logging to keep inventories of events.
Blacklisting to prevent others from spoofing authentication credentials and roles.
Caching to reduce load on authentication services.
Role-based access control (RBAC) to restrict access to authorized users.
API Coverage to map the state of your API.
HTTP Client Authentication for federated applications.
SSL/TLS Termination and Ciphers/Protocols inclusion/exclusion.
Anyone can use Repose! It is an open-source platform for the general public to consume, share, and improve.
To get Repose, log in to your server and run the Installation commands for your desired environment. Then, configure your origin service endpoint in the system model, and you are ready to configure filters and services that work for you. We have many sample configurations that you can use to get started. Or, because Repose is open source, you can build your own stacks of reusable software components.
Installation instructions are provided for Debian package managers (e.g., APT) and RPM package managers (e.g., Yum).
Certain deployment methods will handle environment setup automatically.
The recommended and most common way to run Repose is as a standalone application using the Valve installation. This installation allows Repose to be executed either as a Linux service (e.g., systemd) or directly from the installed JAR. An alternative would be to run Repose inside an existing servlet container (e.g., Tomcat, GlassFish) using the WAR installation.
The most recent addition to the Repose family is a containerized release of the Valve installation. This is great if you are looking to eventually run Repose with a container service or are just trying it out for the first time.
While Repose can be installed manually, there are other deployment options available. However, these other methods do require a little more System Administration knowledge which is not covered here. See: Deployment
This is the most common setup and is detailed on the Valve Installation page.
After installing it this way, consult the Running Valve page for details on starting and stopping Repose.
Instructions for installing the WAR are on the WAR Installation page.
After installing the WAR, there is additional setup to get everything working with Tomcat. See Tomcat Setup for more details.
See GlassFish Setup for more details.
See Quick Start for more details.
Once you know how you’ll want to configure Repose, you may want to automate the deployment using a configuration management tool or reusable container.
There is an unsupported starter module in the GitHub repository rackerlabs/puppet-repose.
There is an unsupported starter cookbook in the GitHub repository rackerlabs/cookbook-repose.
Repose has been battle tested in production environments and in our performance testing environments. See Performance Best Practices for more details.