gateway | Websockets Server Gateway for wallets | Networking library

1. This version already has a built-in jager tracer, see the documentation.
2. In order for the events to be nested, it is necessary to transfer the context inside the actions, use ctx.call calls instead of broker.call, so they will be nested.
3. To quickly receive support for the moleculer, join us in discord!

Your current flow does not return a value, you are simply logging the message.

A terminating .log() ends the flow.

Delete the .log() element so the result of the transform will automatically be routed back to the gateway.

Or add a .bridge() (a bridge to nowhere) after the log and it will bridge the output to the reply channel.

I suggest first create MultiIndex in columns by header=[0,1] by convert first 2 headers rows:

WiFi channels 12-14 are not used in some countries (e.g. US). Perhaps the ESP32 AP picked one of those channels, and ESP8266 is configured by default with settings from a country which doesn't allow them. Set the AP channel to some reasonably safe value in range 1-11.

I can see that the default channel should be 1, but I'd suggest experimenting with it, perhaps setting it to 6:

To put it simple a Circuit Breaker can have only just a single state. One of these: Closed, Open, Half-Open.

You should consider the CB as a proxy. It allows each request to go trough it if the downstream system is considered health. If CB detects transient failure (by examining the responses if any) then it will shortcut the execution by denying all requests.

So, if you want to differentiate the healthiness of C and D downstream systems then you would need two CBs (one for each). That allows you to separately allow or deny outgoing requests against different subsystems.

You can place the two CBs inside service A. Here you can register two named HttpClients which are decorated with different Circuit Breakers:

Remove the dot if you use the indirect addressing

Ingress internal means "Accept only the requests coming from the project's VPC or VPC SC perimeter".

When you use API Gateway, you aren't in your VPC, it's serverless, it's in Google Cloud managed VPC. Therefore, your query are forbidden.

And because API Gateway can't be plugged to a VPC Connector (for now) and thus can't route the request to your VPC, you can't use this ingress=internal mode.

Thus, the solution is to set an ingress to all, which is not a concern is you authorize only the legit accounts to access it.

For that, check in Cloud Run service is there is allUsers granted with the roles/run.invoker in your project.

• If yes, remove it

Then, create a service account and grant it the roles/run.invoker on the Cloud Run service.

Follow this documentation

• Step 4: update the x-google-backend in your OpenAPI spec file to add the correct authentication audience when you call your Cloud Run (it's the base service URL)
• Step 5: create a gateway with a backend service account; set the service account that you created previously

At the end, only the account authenticated and authorized will be able to reach your Cloud Run service

All the unauthorized access are filtered by Google Front End and discarded before reaching your service. Therefore, your service isn't invoked for nothing and therefore your pay nothing!

Only API Gateway (and the potential other accounts that you let on the Cloud Run service) can invoke to the Cloud Run service.

So, OK, your URL is public, reachable from the wild internet, but protected with Google Front End and IAM.

Apparently Traefik can't drain the connections during update (maybe it doesn't have access to healthchecks and swarm info?).

To achieve a zero-downtime rolling update you should delegate the load-balancing to docker swarm itself:

Change your locals from