In Phase 1 we determined that edge APIs will continue to work as-is, but there's room for improvement.  This feature aims to identify potential areas for improvements, investigate options, design, and finally implement.

Scope:

• Operational concerns - Possibly defer

  • Rate limiting / Throttling 

    • Required for LoC, e.g. for Z39.50, possibly others too.

    • Still not sure if LoC requires only SRU, or if we need to support "traditional" z39.50...

  • Transaction logging

  • Observability 

    • Open telemetry?  New Relic?

    • Keep in mind there are multiple stacks - vertx/spring.  Also there are several non-http-based edge modules (SIP2, connexion, z39.50, etc.)

  • Should we put edge APIs behind Kong? 

    • Only if it makes things easier for us.  Note that not all edge APIs are HTTP-based, so this may not even be an option.

  • Should we use an NGINX reverse proxy in the edge module containers?  

    • This would help with several of these things, at least transaction logging and rate limiting, possibly more.

• User/key mgmt 

  • Update edge-* module descriptors to specify institutional users w/ appropriate privs.

NOTE:  Need to touch base with Khalilah on requirements...  It could be that most of this can be deferred.

Source - F72847: Edge API improvements