Create the API to proxy orion instances management

Project Summary:

This project aims to build a secure, scalable, and extensible proxy service that sits between client applications and the OrionVM Instances Management API. The proxy will provide abstraction, logging, authentication, and additional validations to simplify integration and improve security and observability for downstream systems using OrionVM’s infrastructure.

Goals:

  • Create an intermediary layer between client applications and the OrionVM API

  • Support essential instance lifecycle operations (create, update, delete, power on/off, snapshot, etc.)

  • Add a layer of access control, request validation, and error handling

  • Log and monitor API activity for audit and debugging purposes

  • Facilitate future enhancements (e.g. caching, rate limiting, throttling, usage analytics)

Key Functional Requirements:

1. Proxy API Interface

  • Expose RESTful endpoints that map to OrionVM’s instance management operations:

    • POST /instances → create instance

    • GET /instances/:id → fetch instance details

    • PATCH /instances/:id → modify instance

    • DELETE /instances/:id → delete instance

    • POST /instances/:id/poweron, .../poweroff, .../reboot, etc.

  • Support pagination, filtering, and sorting where applicable

2. OrionVM API Integration

  • Communicate with OrionVM Instances API using secure HTTP requests

  • Allow configuration of OrionVM credentials and endpoint(s) via environment variables or config files

  • Support both token-based and signature-based authentication methods if applicable

3. Authentication and Authorization

  • Require API key or token for access to the proxy

  • Optionally integrate with an external identity provider (OAuth2, JWT, etc.)

  • Restrict access to certain operations based on role/permission level

4. Request Validation & Error Handling

  • Validate incoming payloads against schemas

  • Catch and normalize OrionVM errors into consistent HTTP responses (e.g. 400, 401, 404, 500)

  • Provide detailed error messages with tracking IDs for troubleshooting

5. Logging & Monitoring

  • Log all requests and responses (headers, payloads, status codes)

  • Support structured logging (e.g., JSON format)

  • Integrate with observability tools (e.g., ELK Stack, Datadog, or Prometheus/Grafana)

6. Rate Limiting & Throttling

  • Limit the number of requests per user/client per time unit

  • Prevent abuse or accidental DDoS of OrionVM API

7. Configuration and Extensibility

  • Use a config-driven approach to define endpoint mappings and auth rules

  • Modular architecture to support easy future extension (e.g., billing, usage stats, caching layer)

Non-Functional Requirements:

  • Scalability: Capable of handling concurrent requests from multiple clients

  • Security: Secure communication via HTTPS; protect OrionVM credentials

  • Portability: Deployable via Docker; environment-agnostic

  • Testability: Unit and integration tests for all proxy logic

  • Documentation: Clear API documentation (Swagger/OpenAPI preferred)

Tech Stack Suggestions:

  • Backend: Node.js (Express.js), Python (FastAPI), or Go (Gin)

  • Logging: Winston (Node), Loguru (Python), or Zap (Go)

  • Auth: JWT / API Keys / OAuth2

  • Deployment: Docker + Kubernetes or simple systemd-based VM deployment

  • CI/CD: GitHub Actions / GitLab CI for testing and deployment

Optional Enhancements (Phase 2):

  • Web UI dashboard for monitoring and managing API usage

  • Audit trails with exportable logs

  • Multi-tenancy support

  • Caching layer for read-heavy endpoints

  • Automated alerting for failures or anomalous activity