Carryout the following configurations on the Gateway manager node.
Multiexcerpt
MultiExcerptName
common-gw-steps
Note that these configurations are common to the Gateway Manager and Gateway Worker nodes.
Open the <API-M_HOME>/repository/conf/api-manager.xml file in the Gateway node.
Modify the api-manager.xml file as follows. This configures the connection to the Key Manager component.
noneChange admin password
To change the admin passowrd see admin password go to Changing the super admin password, and pay attention to Note in the documnetation if there are special characters in the password. See the note given under step 2 for instructions to follow if your password has special characters.
Configure key management related communication.
trueCluster fronted by a load balancer
In a clustered setup if the Key Manager is fronted by a load balancer, you have to use WSClient as KeyValidatorClientType in <API-M_HOME>/repository/conf/api-manager.xml. This should be configured in all Gateway and Key Manager components.
none
Disable the Thrift Client to optimize performance. You need to configure this in the Gateway <API-M_HOME>/repository/conf/api-manager.xml file.
Cluster without a load balancer
In a clustered setup if the Key Manager is NOT fronted by a load balancer, you have to use ThriftClient as KeyValidatorClientType in <API-M_HOME>/repository/conf/api-manager.xml. This should be configured in all Gateway and Key Manager components.
none
Disable the Thrift Client to optimize performance. You need to configure this in the Gateway <API-M_HOME>/repository/conf/api-manager.xml file.
Specify the ThriftClientPort and ThriftServerPort values. 10397 is the default.
Specify the hostname or IP of the Key Manager. The default is localhost. In a distributed deployment we must set this parameter in both Key Manager nodes and Gateway nodes only if the Key Manager is running on a separate machine. Gateway uses this parameter to connect to the key validation thrift service.
If you need to enable JSON Web Token (JWT) you have to enable it in all Gateway and Key Manager components. For more information on enabling JWT, see .
Step 3.2 - Configure the carbon.xml file
The following configurations are done in the <GATEWAY_MANAGER_HOME>/repository/conf/carbon.xml file.
Open <GATEWAY_MANAGER_HOME>/repository/conf/carbon.xml.
Locate the <HostName> tag and add the cluster host name: <HostName>am.wso2.com</HostName>
Locate the <MgtHostName> tag and uncomment it. Make sure that the management host name is defined as follows: <MgtHostName> mgt.am.wso2.com </MgtHostName>
Step 3.3 - Configure the catalina-server.xml file
Specify the following configurations in the catalina-server.xml file located in the <GATEWAY_MANAGER_HOME>/repository/conf/tomcat/ directory.
The TCP port number is the value that this Connector will use to create a server socket and await incoming connections. Your operating system will allow only one server application to listen to a particular port number on a particular IP address.
Step 3.4 - Map the hostnames to IPs
Open the server's /etc/hosts file and add the following.
Code Block
language
none
<GATEWAY-WORKER-IP> am.wso2.com
In this example, it would look like this:
Code Block
language
none
xxx.xxx.xxx.xx4 am.wso2.com
Once you replicate these configurations for all the manager nodes, your Gateway manager is configured. Next configure the Gateway worker.