Page Comparison

This guide explains how to set up an API Manager cluster in an Amazon Web Services (AWS) instance.

...

To create a VPC Internet gateway, go to your AWS instance and click Services -> VPC -> Internet Gateways. Then, click Create Internet Gateway  and give a name for your new gateway. Here's an example:

Creating subnets

A subnet  is  a range of IP addresses in your VPC. You can launch AWS resources into a subnet that you select. Use a public subnet for resources that must be connected to the Internet, and a private subnet for the ones that don't. 

According to the deployment pattern shared earlier, you need the following seven subnets across the three availability zones. You can use a subnet naming convention of your choice.

...

To create a new key pair, go to your AWS instance and click  Services -> EC2 -> Key pair -> Create Key Pair. Then, download the created key pair to your host machine.

Creating instances

Let's see how to create six instances as follows:

• Clustering API Manager in Amazon Web Services (AWS)

• Clustering API Manager in Amazon Web Services (AWS)

• Clustering API Manager in Amazon Web Services (AWS)

• Clustering API Manager in Amazon Web Services (AWS)

• Clustering API Manager in Amazon Web Services (AWS)

• Clustering API Manager in Amazon Web Services (AWS)

...

Creating a bastion instance

A bastion is a special-purpose server instance that is designed to be the primary access point from the Internet. It acts as a proxy to your other EC2 instances. In this guide, we use it as a base instance in our VPC and configure it to connect to other instances in our VPC via SSH.

Follow the steps below to create a bastion instance:

...

Creating a puppet master instance

A puppet is a configuration management system that allows you to define the state of your IT infrastructure, then automatically enforces the correct state.

Follow the steps below to create a puppet master instance. 

...

1. In your AWS instance, click S ervices -> RDS -> Subnet Groups -> Create DB Subnet Group.
   

2. In the Create DB Subnet Group page that opens, fill in the details according to your environment  and click  Create .
   In this guide, we select the VPC that is created here and add the two subnets that are hosted in two availability  zones separately.
   
   Next, let's create the RDS instance. 

3. In your AWS instance, click Services -> RDS -> Instance -> Launch DB Instance .

4. Select MySQL as the database engine.

5. In the second step, choose the options to use Multi-AZ deployment.
   

6. In step 3, the  Specify DB Details page, enter the database settings.
   In this guide, the DB instance identifier is apim-db and master username is wso2.
   

7. In the Configure Advanced Settings page, set the network, database options, and backup plans.
   Image Modified

8. Go to your AWS instance and click  Services -> RDS -> Instances. Then,  select the database that you created earlier (in this example, it is  apim-db) and note the details of the RDS instance that you just created.  The Endpoint specifies the server URL for connecting to the database.
   
   

...

1. Connect to the bastion instance using SSH.

   Code Block
   root# ssh -i <security certificate file path> ubuntu@<give the public IP>

2. Connect to the MySQL server using the MySQL client.
3. Create the databases described in https://docs.wso2.com/display/AM190/Setting+up+MySQL  using the MySQL server. Note that you can change the names of these databases as you like.

...

1.  In your AWS instance, click Services -> EC2 -> Load Balancers -> Create Load Balancer.
2. In the Define Load Balancer page that opens, give a name for the ELB (e.g., apim-elb-pubstore), specify the VPC, and map the incoming port to another port in the backend by configuring the Basic Configuration tab as shown below:
   
3. On the Select Subnets tab, add the DMZ subnets as selected subnets and go to the next page.
   
4. In the Assign Security Groups page that opens, select apim-dmz-sg as the security group and go to the next page.
   
5. In the Configure Security Settings page that opens, configure the SSL details and proceed to the next page.
   
   
6. In the Configure Health Check page that opens, set the following options and proceed to the next page.

   • Ping port: 9443

   • Ping path /services/echo?wsdl

   
7. Leave the default settings in the Add EC2 Instances page that opens and proceed to the next page. You can edit the ELB later to add the instances that are fronted by this ELB.
8. In the Add Tags page that opens, tag the ELB and click Create.
   
9. Click the load balancer's name in the status message that appears confirming that the load balancer is created.
   
10. Find the DNS name in the ELB’s description tab and make a note of it. You need this later for configuring the Puppet Master parameter file.
    
    
11. Repeat the steps you used to create the apim-elb-pubstore ELB to create apim-elb-keymanager, apim-elb-gateway-mgt, and apim-elb-gateway-wkr ELBs as well.

...

1. Navigate to Services -> EC2 -> AMIs, use the AMI ID that you created previously to find the base instance AMI, and then click Launch.
   
2. In the Choose an Instance Type page that opens, select an instance type and proceed to the next page. The instance type depends on your hardware and bandwidth requirements.
   
3. In the Configure Instance Details page that opens, add the following configurations. Leave the other values as default.
   
   • Network: select the VPC that you created earlier
   • Subnet: apim-subnet-b
   • Auto-assign Public IP: Disable

   • In the Advanced Details tab, give the following user data as you are spawning the PubStore node:
     

     Code Block
     SERVICE=pubstore SUBCLUSTERDOMAIN=mgt CLOUD=apim ENVIRONMENT=test

   
4. In the Add Storage page, set the optimal storage level according to your requirements and proceed to the next page. In this example, it is 20 GiB.
   
5. In the Tag Instance page that opens, set the tag as apim-pubstore-01 and proceed to the next page.
   
6. In the Configure Security Group page that opens, click the Select an existing security group option, and then select apim-cluster-sg and apim-natsg as the security groups. Once done, click Review and Launch.
   
7. Select the previously created key pair and click Launch Instances.
   
8. Navigate to Services -> EC2 -> Instances, select apim-pubstore-01 and view the PubStore configurations. Note the private IP of the PubStore.

9. Use the private IP of the PubStore to establish an SSH connection.
   

   Code Block
   root# ssh -i <security certificate file path> ubuntu@<give the private IP>

10. Log in to the apim-pubstore-01 instance.
    

    Code Block
    ubuntu@bastion-public:~$ ssh ubuntu@<private IP>

11. Note that you get a prompt in the command-line as ubuntu@<ramdon_number>-apim-mgt-pubstore, if you successfully log in. The init script has executed, changed the hostname, and called the Puppet Master.
    

    Tip
    Tip: To make sure that the product is running, you can inspect the wso2carbon.log file. Code Block ubuntu@67802091531-apim-mgt-pubstore:~$ tail -10000f /mnt/pubstore/wso2am-1.9.0/repository/logs/wso2carbon.log

     

12. According to our sample deployment architecture, you need two PubStore instances in two availability zones. One - one in the apim-subnet-b subnet and another in the apim-subnet-c subnet. Therefore, repeat the above steps to spawn another instance with the following changes:
    

    • In Step 3, select the subnet as apim-subnet-c. Use the same user data.

    • In Step 6, tag the instance as apim-pubstore-02.

Spawning the Key Manager instance

To According to our sample deployment architecture, you need two Key Manager instances in two availability zones- one in the apim-subnet-b subnet and another in apim-subnet-c subnet. 

 To spawn the Key Manager instance, follow the same steps in in spawning the PubStore instance except  except for a the following variations in step 3 and 6:According to the deployment architecture, you need two Key Manager instances in two availability zones. This means that you need one instance in the

• In Step 3, select the subnet as apim-subnet-b

...

• in the first instance and apim-subnet-c

...

• in the second instance. Use the following user data in both Key Manager instances:
  

  Code Block
  SERVICE=keymanager SUBCLUSTERDOMAIN=mgt CLOUD=apim ENVIRONMENT=test

   
  
• In Step 6, tag the instance as apim-keymanager-01 in the first instance and as apim-keymanager-02 in the second instance.

Spawning the Gateway Manager instance

...