The topics in this section walk you through the steps to quickly configure and test the followingThis section walks you through the following Microgateway deployment scenarios:
- A single node Microgateway deployment.
- A high availability deployment scenario where you have two Microgateway instances fronted by a load balancer.
Tip |
---|
If you want to run the Microgateway on Docker, see Deploying the Microgateway as a Docker Container. |
The following topics provide step-by-step instructions to get started with your Microgateway deployment:
Anchor |
---|
| prerequisites |
---|
| prerequisites |
---|
|
PrerequisitesTo download and run the Microgateway:
Download a Microgateway instance
Log Sign in to WSO2 API Cloud (https://api.cloud.wso2.com) as an admin user.
On the API Publisher, click Microgateways.
- Click DOWNLOAD MICROGATEWAY to start the download.
Once the Microgateway download completes, you can configure the Microgateway deployment depending on your use case.
Depending on your requirement you can either quickly try out the basic single node Microgateway deployment for testing purposes, or you can try out a production level high availability deployment.
Expand |
---|
title | Click here for instructions on how to configure a single node On-Prem Gateway Microgateway deployment: |
---|
|
Tip |
---|
| Let’s refer to the Microgateway download location as <MICROGATEWAY_HOME> throughout this section. |
- Navigate to
<MICROGATEWAY_HOME>/bin , and execute the following command to start configuring the Microgateway: On - On Windows: cloud-init.bat --run
On - On Linux/Mac OS: sh cloud-init.sh This allows you to configures configure the downloaded Microateway with the settings required to integrate with API Cloud. - Provide your email address, organization key, and password.
Your organization key will be displayed as shown below. The status of the Microgateway will be displayed on completion. - Navigate to
<MICROGATEWAY_HOME>/bin , and execute the following command to run the start up script: On - On Windows: wso2server.bat --run
On - On Linux/Mac OS: sh wso2server.sh The Microgateway status will be updated when it starts.
Now you have configured a single Microgateway instance. Next let's The next step is to test the deployment. |
Expand |
---|
title | Click here for instructions on how to configure a production level high availability deployment scenario: |
---|
|
Tip |
---|
In this high availability deployment you will have two Microgateway instances running on two nodes fronted by a load balancer as depicted in the following diagram: Here, we will use NGINX is used as the load balancer. |
Be sure to download and run two Microgateway instances on two different nodes. Let’s refer to each Microgateway download location as <MICROGATEWAY_HOME> throughout this section. Expand |
---|
title | Click here for detailed instructions on how to run the two On-Prem Gateway Microgateway instances: |
---|
| Follow the steps below for each Microgateway instance that you downloaded. Note |
---|
| We do not recommend running two Microgateway instances on a single node for production level high availability deployments. |
- Navigate to
<MICROGATEWAY_HOME>/bin , and execute the following command to start configuring the Microgateway: On - On Windows: cloud-init.bat --run
On - On Linux/Mac OS: sh cloud-init.sh This allows you to configure the downloaded Microgateway with the settings required to integrate with API Cloud. - Provide your email address, organization key, and password.
Your organization key will be displayed as shown below.: The status of the Microgateway will be displayed on completion. - Navigate to
<MICROGATEWAY_HOME>/bin , and execute the following command to run the start up script: On - On Windows: wso2server.bat --run
On - On Linux/Mac OS: sh wso2server.sh The Microgateway status will be updated when it starts.
|
- Install NGINX in a server configured in your cluster. For instructions on installing NGINX, see installing NGINX community version.
- Follow the steps below to create a SSL certificate for NGINX.
Create the server key. Code Block |
---|
sudo openssl genrsa -des3 -out <key_name>.key 1024 |
Submit the certificate signing request (CSR). Code Block |
---|
sudo openssl req -new -key <key_name>.key -out server.csr |
Remove the password. Code Block |
---|
sudo cp <key_name>.key <key_name>.key.org
sudo openssl rsa -in <key_name>.key.org -out <key_name>.key |
Sign your SSL certificate. Code Block |
---|
sudo openssl x509 -req -days 365 -in server.csr -signkey <key_name>.key -out <certificate_name>.crt |
Copy the key and certificate files that you generated above to the /etc/nginx/ssl/ location.
Configure NGINX to direct HTTP and HTTPS requests based on your deployment. Run the following command to identify the exact location of the <NGINX_HOME> directory. Inspect the output to identify the --prefix tag that provides the location of the <NGINX_HOME> directory. Update the ngnix.conf file with the required NGINX configuration given below. Alternatively, you can create a file with the .conf suffix and copy it to the <NGINX_HOME>/conf.d directory. Note |
---|
title | Note the following with regard to the sample configuration below: |
---|
| /etc/nginx/conf.d/hybrid_gateway_upstream.conf is the NGINX configuration file name.- Placeholders
<IP1> and <IP2> represent the IP addresses of Microgateway node 1 and node 2 respectively. gateway.foo.com is the domain of the certificate you created in step 2 above. Note that the DNS should be mapped to the NGINX public IP. If you do not do the mapping, the client will have to add an entry in /etc/hosts to resolve the domain name.- The key and the certificate for SSL is assumed to be in the
<NGINX_HOME>/ssl/ location. The placeholders <cert.pem> and <key.pem> represent the generated certificate file and key file. /etc/nginx/log/wso2_hybrid_gateway/https/ is the directory used for access logs. You need create the directory if it does not exist.
|
Code Block |
---|
/etc/nginx/conf.d/hybrid_gateway_upstream.conf
upstream gateway_https {
server <IP1>:8243;
server <IP2>:8243;
}
server {
listen 80;
server_name gateway.foo.com;
rewrite ^/(.*) https://gateway_https/$1 permanent;
}
server {
listen 443;
server_name gateway.foo.com;
proxy_set_header X-Forwarded-Port 443;
ssl on;
ssl_certificate /etc/nginx/ssl/<cert.pem>;
ssl_certificate_key /etc/nginx/ssl/<key.pem>;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_read_timeout 5m;
proxy_send_timeout 5m;
proxy_pass https://gateway_https;
}
access_log /etc/nginx/log/wso2_hybrid_gateway/https/access.log;
error_log /etc/nginx/log/wso2_hybrid_gateway/https/error.log;
} |
Execute the following command to restart the NGINX server: Tip |
---|
You do not need to restart the server if you are simply making a modification to the VHost file. The following command is sufficient in such cases. Code Block |
---|
sudo service nginx reload |
|
Code Block |
---|
sudo service nginx restart |
Now you have configured the high availability deployment. Next let's The next step is to test the deployment. |
Test the deployment
Follow the steps below to test your Microgateway deployment:
- Log Sign in to WSO2 API Cloud and create an API.
- Subscribe to and invoke the API.
Invoke the API using curl .
The curl command to invoke the GET method of the API should be similar to the following:
Code Block |
---|
curl -k -X GET --header 'Accept: text/xml' --header 'Authorization: Bearer dXNlckBvcmcuY29tQHRlc3RPcmcxMjM6UGFzc3dvcmQ=’
'https://gateway.api.cloud.wso2.com:443/t/ccc2222/phoneverify/1.0.0/CheckPhoneNumber?PhoneNumber=18006785432&LicenseKey=0' |
Replace https://gateway.api.cloud.wso2.com:443
in the above curl command with your Microgateway URL as indicated below, and then run it. The response to this curl should be identical to that received in the previous step.
Code Block |
---|
curl -k -X GET --header 'Accept: text/xml' --header 'Authorization: Bearer dXNlckBvcmcuY29tQHRlc3RPcmcxMjM6UGFzc3dvcmQ=’
'https://on-premise-gateway-ip:8243/t/ccc2222/phoneverify/1.0.0/CheckPhoneNumber?PhoneNumber=18006785432&LicenseKey=0' |
Info |
---|
Note that you can also use the HTTP port for API invocations. The HTTP port number would be 8280 by default. An example is given below. Code Block |
---|
curl -X GET --header 'Accept: text/xml' --header 'Authorization: Bearer dXNlckBvcmcuY29tQHRlc3RPcmcxMjM6UGFzc3dvcmQ=’
'http://on-premise-gateway-ip:8280/t/ccc2222/phoneverify/1.0.0/CheckPhoneNumber?PhoneNumber=18006785432&LicenseKey=0' |
|
If your request is successful, your response will be similar to the following.
Code Block |
---|
<?xml version="1.0" encoding="utf-8"?>
<PhoneReturn xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://ws.cdyne.com/PhoneVerify/query">
<Company>Toll Free</Company>
<Valid>true</Valid>
<Use>Assigned to a code holder for normal use.</Use>
<State>TF</State>
<RC />
<OCN />
<OriginalNumber>18006785432</OriginalNumber>
<CleanNumber>8006785432</CleanNumber>
<SwitchName />
<SwitchType />
<Country>United States</Country>
<CLLI />
<PrefixType>Landline</PrefixType>
<LATA />
<sms>Landline</sms>
<Email />
<AssignDate>Unknown</AssignDate>
<TelecomCity />
<TelecomCounty />
<TelecomState>TF</TelecomState>
<TelecomZip />
<TimeZone />
<Lat />
<Long />
<Wireless>false</Wireless>
<LRN />
</PhoneReturn> |
...