11436 SSO

Apigee Edge Update: New Node.js Features

Apigee Product Team
Oct 15, 2014

We recently released a scheduled update of Apigee Edge, which gives free, open access to the same enterprise-grade API platform used by industry leaders like Walgreens, eBay, and AT&T.

This update adds some new features to Apigee’s set of resources that enables you to build Node.js applications that run on Edge.

Using apigeetool: the new CLI

Apigeetool is the CLI utility we use to deploy both Node.js code and regular proxies to Edge. Even though everything apigeetool does is in our public API, the process of packaging up a Node.js app and its dependencies entails many steps; combining it into a single tool simplifies things.

The original version of apigeetool is built in Python, and a lot of people have been using it. However, as part of the Apigee-127 project, we’ve built a new version in Node.js. It’s better and faster in a few ways:

  • Because it’s built in Node.js, it’s easy to perform certain tasks in parallel, which makes it run faster.

  • It breaks up the contents of the node_modules folder into different files and uploads them separately. This means that Node.js apps that were too large to deploy using the old Python tool can work with the new Node.js tool.

  • It can be embedded in larger Node.js apps, like the a127 CLI utility, which is also a part of the Apigee-127 project.

  • When you set the -R flag, it can automatically run npm on Edge in the cloud, as described below.

Installing the tool is simple if you’ve already installed Node.js and npm. Just run:

sudo npm install -g apigeetool

And here is an example of the command that will deploy a Node.js application to Apigee:

$ apigeetool deploynodeapp -n myNodeApp -d . -m server.js -o myorg -e test -b myNodeApp -u ntesla -p myPassword -R

For more details about apigeetool and the -R flag, see "Deploying a standalone Node.js app."

Run npm on Edge in the cloud

Since we first introduced Node.js support, Edge has required that Node.js app dependencies (all the stuff in the node_modules folder) be uploaded when the app is deployed. This caused problems for some of our users because the modules—and the entire collection of modules—often grew too large, causing deployments to fail. This dependency upload requirement also meant that with every deployment to Apigee, apigeetool needed to push several megabytes up to the Apigee cloud.

Now enter a recent release of Apigee Edge that supports the ability to run npm in the cloud. This reduces the amount of stuff that needs to be uploaded for apps.

Here’s how it works:

  1. Use the new Node.js-based version of apigeetool to deploy your app.

  2. Apigeetool uploads everything in your app, with the exception of the node_modules folder.

  3. Once everything’s been uploaded, apigeetool makes an API call to Apigee that runs the npm install command. This installs all of the dependencies referenced in your app’s package.json in the Apigee cloud.

  4. App deployment proceeds as usual.

This “npm in the cloud” feature has an API, of course, which makes it possible to run and rerun npm on the same revision of an application. It supports a number of npm commands:

  • install

  • update

  • pack

  • outdated

  • prune

For information about using the npm API, see the Manage Node Packaged Modules SmartDocs.

Securely store sensitive data

Node.js apps that use the Volos Connectors often need to do things like connect to databases. These connections often require security credentials, such as passwords. Previously, this meant carefully storing credentials in the code or in a file and trying to ensure that they aren’t accidentally emailed or pushed to GitHub.

The Edge secure store feature is designed to help solve this problem. You can use it to upload secure values, such as passwords, to Edge via the vaults API. The secure values are encrypted and stored as entries in vaults, which are secure storage areas in the secure store. The secure values are decrypted and made available only to Node.js applications that are running inside the correct context and that use the apigee-access module to retrieve them.

Vaults can be scoped to either the organization or environment levels. For example, each Edge organization has a set of secure stores and each environment, such as test, dev, or prod, has an additional store. In this way, organizations and environments that have different security requirements for different backends can store different secure values.

For more information about the secure store, see “Using the secure store.”  To learn more of the basics around Node.js on Apigee Edge, check out this webcast with Greg Brail (@gbrail) of Apigee.

To get all of the details, see our Apigee Node.js docs.

Scaling Microservices