Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: DOCUMENTATION-4421

This guide explains how This guide explains how to set up an API Manager cluster in an Amazon Web Services (AWS) instance.

...

Figure: Sample deployment architecture of the API Manager components

Image Added

Figure: AWS VPC architecture with product deployment diagram

...

Table of Contents
maxLevel3
minLevel3

Creating a Virtual Private Cloud

Amazon Virtual Private Cloud (VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. 

To create a VPS, go to your AWS instance and click Services -> VPC -> Your VPCs.  Then, click Create VPC  and enter the details for your new VPC. Here's an example:

 

Creating a VPC Internet gateway

A VPC Internet gateway is a VPC component that allows communication between instances in your VPC and the Internet. It is  horizontally scalable, redundant, highly available,  and reduces availability risks or bandwidth constraints in your network. 

To create a VPC Internet gateway, go to your AWS instance and click Services -> VPC -> Internet  Internet Gateways. Then, click Create Internet Gateway  and give a name for your new gateway. Here's an example:

Creating subnets

A subnet is  a range of IP addresses in your VPC. You can launch AWS resources into a subnet that you select. Use a public subnet for resources that must be connected to the Internet, and a private subnet for the ones that don'tdo not

According to the deployment pattern shared earlier, you need the following seven subnets across the three availability zones. You can use a subnet naming convention of your choice.

...

To create each subnet, go to your AWS instance and click  Services -> VPC -> Subnets.  Then, click Create Subnet, and then the details for the subnet. Here's The following is an example:

 

After creating the subnets, go to Services -> VPC -> Subnets to see the newly created subnets listed there.  

 

Creating route tables

A route table contains a set of rules, called routes, that are used to determine where network traffic is directed.

In this guide, we create two route tables- one to configure the Internet gateway to face the public network (i.e., the Internet), and another for the internal routes.

Creating the public route table

Follow the steps below to create the public route table:

  1. Go to your AWS instance and click  Services -> VPC -> Route Tables. Then, click Create Route Tables and give the details of the public route table. Here's an example:
  2. Select the public route table you just created, click the Routes tab, and add a route for the previously created Internet gateway as follows:  
  3. Go to the Subnet Associations  tab and configure the subnet associations to the route table. In this example, we associate the DMZ and DB subnets to the route table, since those subnets directly face the Internet.

Let's create the private route table next.

Creating the internal route table


Follow the steps below to create the private internal route table. 

  1. Go to your AWS instance and click click Services -> VPC -> Route Tables.  ThenThen, click Create Route Tables Tables and give the details of the internal route table. Here's an example:
  2. Configure the routes and subnets. See Creating a NAT Instance to create a NAT based gateway.
    Here's an example:
    Subnet association configuration:
  3. After configuring the route tables, go to each subnet summary  and verify that the details are correct.

    SubnetSummary
    apim-subnet-b
    Image Modified
    apim-subnet-c
    Image Modified
    apim-dmz-b
    Image Modified
    apim-dmz-d
    Image Modified
    apim-dmz-c
    Image Modified
    apim-db-subnet-c
    Image Modified
    apim-db-subnet-b
    Image Modified

Creating security groups  

A security group is as a virtual firewall that controls the traffic for one or more Linux instances.

...

  1. Go to your AWS instance and click Services -> EC2 -> Security Group. Then, click Create security Group.
  2. Create six security groups separately as follows and set their Inbound and OutBound rules.

    Tip

    Tip: You can use a different naming convention for the groups or create a security group without rules and add them later. 

    Security Group
     
    Summary
    apim
    apim-bastion-sg
     
    Image Added
    apim
    apim-nat-sg
     
    Image Added
    apim
    apim-puppetmaster-sg
     
    Image Added
    apim
    apim-dmz-sg
     

    Image AddedImage Added

    apim
    apim-cluster-sg
     
    Image Added
    apim
    apim-db-sg
     
    Image Added
  3. After creating the security groups, go to Services -> EC2 -> Security Groups and verify that the details are correct. 

Creating a key pair

A key pair is a combination of a public and private key. Amazon EC2 uses public–key cryptography to encrypt and decrypt login information. Public–key cryptography uses a public key to encrypt a piece of data, such as a password, then the recipient uses the private key to decrypt the data.

To create a new key pair, go to your AWS instance and click  Services -> EC2 -> Key pair -> Create Key Pair. Then, download the created key pair to your host machine.

Creating instances

Let's see how to create six instances as follows:  Table of ContentsmaxLevel4minLevel4

Creating a NAT instance

A network address translation (NAT) instance is used in a public subnet in your VPC to enable instances in the private subnet to initiate outbound traffic to the Internet. It also prevents the instances from receiving inbound traffic initiated by someone on the Internet.

...

  1. Find the EC2 NAT instance by clicking Services -> EC2 -> AMI in your AWS instance and giving the AMI ID (e.g., ami-ad227cc4).
  2. Select the AMI and click Launch.
  3. Choose an instance type (e.g., m1.small) and proceed to c onfigure the instance details .
  4. In the Configure Instance Details page that opens, select the network and subnet and enable the public IP. Keep the default settings for the network interfaces and advanced details and proceed to  add storage information.
    Image Removed Image Added
  5. In the Add Storage page that opens, set the optimal storage and proceed to  tag the instance .
  6. Set a tag for your instance in the Tag Instance page that opens. Then, proceed to the configure a security group.
  7. In the Configure Security Group page that opens, select apim-natsg as the security group, and then click Review and Launch .
  8. In the Review page that opens, your  instance configuration summary is listed. Verify its accuracy and click Launch .
  9. Select the key pair that you created earlier and click Launch Instances.
  10. Go to your AWS instance, click  Services -> EC2 -> Instances, select  select  apim-natbox and note the the NAT instance that you just created listed there.

You have created a NAT instance. Next, let's see how to create a bastion instance.

Creating a bastion instance

A bastion is a special-purpose server instance that is designed to be the primary access point from the Internet. It acts as a proxy to your other EC2 instances. In this guide, we use it as a base instance in our VPC and configure it to connect to other instances in our VPC via SSH.

Follow the steps below to create a bastion instance:

  1. In your AWS instance, click  Services -> EC2 -> Instances -> Launch Instance
  2. The steps involved in creating a bastion instance is the same as a NAT instance. The table below summarises the configurations you do at each stage. Follow it until you get to the last tab, which is Review.

    Tab NameConfigurations
    Choose AMI

    Choose Ubuntu Server 14.04 LTS (HVM), SSD Volume Type

    Choose Instance Typet2.medium
    Configure Instance
    • Network: Select the VPC created here
    • Subnet: apim-dmz-d
    • Auto assign public IP: Enable

    Keep default settings for the rest.

    Add StorageSet the optimal storage
    Tag Instance
    • Key: Name
    • Value: apim-bastion
    Configure Security GroupClick the Select an existing security group option and select the  apim-bastion-sg instance from the list.
  3. In the Review page, your instance configuration summary is listed. Verify its accuracy and click  Launch .
  4. Select the Choose an existing key pair option and select the key pair that you created here. Then, click Launch Instances.
  5. Go to your AWS instance, click  Services -> EC2 -> Instances,  select  select apim-bastion and note the bastion instance that you just created listed there.

You have now created a bastion instance. Next, let's see how to create an SVN instance.

Creating an SVN instance

An SVN instance in a clustered environment is used to synchronize the artifacts among the nodes of the deployment. 

Follow the steps below to create an SVN instance.

  1. In your AWS instance, click click Services -> EC2 -> Instances -> Launch Instance
  2. The steps involved in creating an SVN instance is the same as a NAT instance. The table below summarises the configurations you do at each stage. Follow it until you get to the last tab, which is Review.

    Tab NameConfigurations
    Choose AMI

    Choose Ubuntu Server 14.04 LTS (HVM), SSD Volume Type

    Choose Instance Typet2.small
    Configure Instance
    • Network: Select the VPC created here
    • Subnet: apim-subnet-c
    • Auto assign public IP: Disable

    Keep default settings for the rest.

    Add StorageSet the optimal storage
    Tag Instance
    • Key: Name
    • Value: apim-svn
    Configure Security GroupClick the Select an existing security group option and select the  apim-cluster-sg  and  apim-natsg  instance from the list.
  3. In the Review page, your instance configuration summary is listed. Verify its accuracy and click Launch.
  4. Select the Choose an existing key pair option and select the key pair that you created here. Then, click Launch Instances.
  5. Go to your AWS instance, click click Services -> EC2 -> Instances select  apim-svn and note the SVN instance that you just created listed there.

You have now created an SVN instance. Next, let's see how to create a puppet master instance.

Creating a puppet master instance

puppet is a configuration management system that allows you to define the state of your IT infrastructure, then automatically enforces the correct state.

Follow the steps below to create a puppet master instance. 

  1. In your AWS instance, click Services -> EC2 -> Instances -> Launch Instance.

  2. The steps involved in creating an puppet master instance is the same as a NAT instance. The table below summarises the configurations you do at each stage. Follow it until you get to the last tab, which is Review.

    Tab NameConfigurations
    Choose AMI

    Choose Ubuntu Server 14.04 LTS (HVM), SSD Volume Type

    Choose Instance Typet2.medium
    Configure Instance
    • Network: Select the VPC created here
    • Subnet: apim-subnet-b
    • Auto assign public IP: Disable

    Keep default settings for the rest.

    Add StorageSet the optimal storage
    Tag Instance
    • Key: Name
    • Value: apim-puppet-master
    Configure Security GroupClick the Select an existing security group option and select the apim-puppetmaster-sg  and  apim-natsg  instance from the list.
  3. In the Review page, your instance configuration summary is listed. Verify its accuracy and click Launch.
  4. Select the Choose an existing key pair option and select the key pair that you created here. Then, click Launch Instances.
  5. Go to your AWS instance, click  Services -> EC2 -> Instances, select apim-puppet-master and note the puppet master instance that you just created listed there.

You have now created a puppet master instance. Next, let's see how to create a base instance.

Creating a base instance

You create a base instance with an init script and a puppet agent and then, pack the base instance as an AMI. When you spawn a new product instance, you use that AMI along with user data. By using user data, you can identify which product (Gateway, PubStore, or Key Manager) node needs to be spawned. The init script is executed when the new instance spawns, and this script is also responsible for downloading the user data to the instance. According to the provided user data, the init script sets the hostname and then calls the puppet master for the puppet agent catalog.

...

  1. In your AWS instance, click Services -> EC2 -> Instances -> Launch Instance.

  2. The steps involved in creating a base instance is the same as a NAT instance. The table below summarises the configurations you do at each stage. Follow it until you get to the last tab, which is Review.

    Tab NameConfigurations
    Choose AMI

    Choose Ubuntu Server 14.04 LTS (HVM), SSD Volume Type

    Choose Instance Typet2.micro
    Configure Instance
    • Network: Select the VPC created here
    • Subnet: apim-subnet-c
    • Auto assign public IP: Disable

    Keep default settings for the rest.

    Add StorageSet the optimal storage
    Tag Instance
    • Key: Name
    • Value: apim-test-node
    Configure Security GroupClick the Select an existing security group option and select the apim-cluster-sg  and  apim-natsg  instance from the list.
  3. In the Review page, your instance configuration summary is listed. Verify its accuracy and click Launch.
  4. Select the Choose an existing key pair option and select the key pair that you created here. Then, click Launch Instances.
  5. Go to your AWS instance, click  Services -> EC2 -> Instances, select  select  apim-test-node and note the base instance that you just created listed there.

You have now created a base instance. Next, let's see how to create an RDS instance.

Creating an RDS instance

Amazon Relational Database Service (Amazon RDS) allows you to create and manage relational databases in the cloud. When you create an RDS instance, you need to specify a database subnet group for it.  As you already created two database subnets, apim-db-subnet-b and apim-db-subnet-c, in separate availability zones, you can group them in this guide.

...

  1. In your AWS instance, click Services -> RDS -> Subnet Groups -> Create DB Subnet Group.

  2. In the Create DB Subnet Group page that opens, fill in the details according to your environment  and click click Create.
    In this guide, we select the VPC that is created here and add the two subnets that are hosted in two availability  zones separately.

    Next, let's create the RDS instance. 

  3. In your AWS instance, click Services -> RDS -> Instance -> Launch DB Instance.

  4. Select MySQL as the database engine.

  5. In the second step, choose the options to use Multi-AZ deployment.

  6. In step 3, the the Specify DB Details page, enter the database settings.
    In this guide, the DB instance identifier is apim-db and master username is wso2.

  7. In the Configure Advanced Settings page, set the network, database options, and backup plans.
    Image Modified

  8. Go to your AWS instance and click click Services -> RDS -> Instances. Then, select the database that you created earlier (in this example, it is  apim-db) and note the details of the RDS instance that you just created.  The Endpoint specifies the server URL for connecting to the database.

You have now created an RDS instance. 

Configuring the instances

Now that you have created the six instances, let's configure them.

The NAT and bastion instances do not require any further configuration. To configure the other instances, connect first to the bastion instance using SSH and the bastion instance's public IP with your key pair. Then, connect separately from the bastion instance to the other instances and configure them:

Configuring the SVN instance

Follow the steps below:

  1. Connect to the bastion instance using SSH.

    Code Block
    root# ssh -i <security certificate file path> ubuntu@<give the public IP>
  2. Check to ensure that the apim-svn instance is running. As you are now in the private network, you can use the SVN instance's private IP. 
  3. From the bastion instance, connect to the SVN instance using SSH. 

    Code Block
    ubuntu@bastion-public:~$ ssh ubuntu@<private IP>
  4. Configure the SVN server in this instance. See https://help.ubuntu.com/community/Subversion for instructions.

    Tip

    Tip: Be sure to note down the SVN host, username/password, and the SVN repo location for the puppet master configuration that you will do next.

Configuring the puppet master instance

Follow the steps below:

  1. Connect to the bastion instance using SSH.

    Code Block
    root# ssh -i <security certificate file path> ubuntu@<give the public IP>
  2. Check to ensure that the apim-puppet-master instance is running. As you are now in the private network, you can use the puppet master instance's private IP. 
  3. From the bastion instance, connect to the puppet master instance using SSH.

    Code Block
    ubuntu@bastion-public:~$ ssh ubuntu@<private IP>
  4. Install the puppet master in this instance. See https://docs.puppetlabs.com/guides/install_puppet/install_debian_ubuntu.html for instructions.
  5. Download the the APIM-1.9 puppet modules from here, extract and copy to the /etc/puppet directory. Overwrite any existing files.

  6. Change the parameter file /etc/puppet/module/apimanager/manifest/param.pp according to the requirements of your environment.

  7. Download the following files and place them in the given locations.

    FileDownload fromCopy to
    wso2am-1.9.0.ziphttp://wso2.com/api-management/try-it/modules/apimanager/files/distribution
    jdk-7u75-linux-x64.tar.gzhttp://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html

...

  1. modules/apimanager/files
    mysql-connector-java-5.1.23-bin.jarhttp://mvnrepository.com/artifact/mysql/mysql-connector-java/5.1.23modules/apimanager/files/common/configs/repository/components/lib
    svnkit-1.3.9.wso2v2.jarClick here
    • modules/apimanager/files/gate-way-m/configs/repository/components/dropins/ 
    • modules/apimanager/files/gateway/configs/repository/components/dropins
    trilead-ssh2-1.0.0-build215.jarClick here
    • modules/apimanager/files/gate-way-m/configs/repository/components/lib
    • modules/apimanager/files/gateway/configs/repository/components/lib

     

Configuring the base instance

Follow the steps below:

  1. Connect to the bastion instance using SSH.

    Code Block
    root# ssh -i <security certificate file path> ubuntu@<give the public IP>
  2. Check to ensure that the apim-test-node instance is running. As you are now in the private network, you can use the base instance's private IP. 
  3. From the bastion instance, connect to the base instance using SSH.

    Code Block
    ubuntu@bastion-public:~$ ssh ubuntu@<private IP>
  4. Install the puppet agent in this instance. See https://docs.puppetlabs.com/guides/install_puppet/install_debian_ubuntu.html for instructions.
  5. Add the puppet master host entries to your host file ( /etc/hosts ):

    Code Block
    <puppet master IP>   <puppet-master-hostname>
  6. Edit the  /etc/puppet/puppet.conf  file and add the following:   

    Code Block
    server = <puppet-master-hostname>
  7. Create a new file called  ec2_init.conf in  /etc/init and copy the following content to it.

    Code Block
    start on runlevel [2]
    
    script
    /bin/bash /root/bin/ec2_init.sh
    end script
  8. Create a new file called ec2_init.sh in root/bin and copy the script in this file to it.

...

  1.  In your AWS instance, click Services -> EC2 -> Instances.
  2. Select the apim-test-node, and then click Actions -> Image -> Create Image Note the AMI's ID. You use it to spawn new product instances later.

Configuring the RDS MySQL instance

Follow the steps below:

  1. Connect to the bastion instance using SSH.

    Code Block
    root# ssh -i <security certificate file path> ubuntu@<give the public IP>
  2. Connect to the MySQL server using the MySQL client.
  3. Create the databases described in https://docs.wso2.com/display/AM190/Setting+up+MySQL  using the MySQL server. Note that you can change the names of these databases as you like.

You have now created and configured all instances. Before you spawn them, you create the load balancers and configure the puppet master parameter file with the DNS names of the load balancers.

Creating the AWS Elastic Load Balancers

The AWS Elastic Load Balancers (ELBs) automatically distribute incoming traffic across multiple EC2 instances. The load balancer works as a single point of contact for clients and enables you to increase the availability of your application.

...

  1.  In your AWS instance, click Services -> EC2 -> Load Balancers -> Create Load Balancer.
  2. In the Define Load Balancer page that opens, give a name for the ELB (e.g., apim-elb-pubstore), specify the VPC, and map the incoming port to another port in the backend by configuring the Basic Configuration tab as shown below:
  3. On the Select Subnets tab, add the DMZ subnets as selected subnets and go to the next page.
    Image Added
  4. In the Assign Security Groups page that opens, select apim-dmz-sg as the security group and go to the next page.
    Image Added
  5. In the Configure Security Settings page that opens, configure the SSL details and proceed to the next page.
    Image Added
  6. In the Configure Health Check page that opens, set the following options and proceed to the next page.
    • Ping port: 9443

    • Ping path /services/echo?wsdl

    Image Added
  7. Leave the default settings in the Add EC2 Instances page that opens and proceed to the next page. You can edit the ELB later to add the instances that are fronted by this ELB.
  8. In the Add Tags page that opens, tag the ELB and click Create.
    Image Added
  9. Click the load balancer's name in the status message that appears confirming that the load balancer is created.
    Image Added
  10. Find the DNS name in the ELB’s description tab and make a note of it. You need this later for configuring the Puppet Master parameter file.
    Image Added
  11. Repeat the steps you used to create the apim-elb-pubstore ELB to create apim-elb-keymanager, apim-elb-gateway-mgt, and apim-elb-gateway-wkr ELBs as well.

Configuring the Puppet Master parameters

Let's configure the Puppet Master parameters in the params.pp file. Here's an example:

Code Block
$wso2_env_domain = 'amazonaws.com'
$am_subdomain = 'us-east-1.elb'
$gateway_subdomain = 'apim-elb-gateway-wrk-1181671605'
$gateway_internal_subdomain = 'apim-elb-gateway-mgt-1181671605'
$gateway_m_subdomain = 'apim-elb-gateway-mgt-1428223413'
$pubstore_subdomain = 'apim-elb-pubstore-455597847'

Spawning the product instances

To spawn a product instance, you use the base instance AMI and pass in metadata (user data). The init script processes that data, set the hostname of the spawning instance, and then call the Puppet Master.

 Let's see how to spawn each type of instance:

Spawning the PubStore instance

  1. Navigate to Services -> EC2 -> AMIs, use the AMI ID that you created previously to find the base instance AMI, and then click Launch.
    Image Added
  2. In the Choose an Instance Type page that opens, select an instance type and proceed to the next page. The instance type depends on your hardware and bandwidth requirements.
    Image Added
  3. In the Configure Instance Details page that opens, add the following configurations. Leave the other values as default.
    • Network: select the VPC that you created earlier
    • Subnetapim-subnet-b
    • Auto-assign Public IP: Disable
    • In the Advanced Details tab, give the following user data as you are spawning the PubStore node:

      Code Block
      SERVICE=pubstore
      SUBCLUSTERDOMAIN=mgt
      CLOUD=apim
      ENVIRONMENT=test
    Image Added
  4. In the Add Storage page, set the optimal storage level according to your requirements and proceed to the next page. In this example, it is 20 GiB.
    Image Added
  5. In the Tag Instance page that opens, set the tag as apim-pubstore-01 and proceed to the next page.
    Image Added
  6. In the Configure Security Group page that opens, click the Select an existing security group option, and then select apim-cluster-sg and apim-natsg as the security groups. Once done, click Review and Launch.
    Image Added
  7. Select the previously created key pair and click Launch Instances.
    Image Added
  8. Navigate to Services -> EC2 -> Instances, select apim-pubstore-01 and view the PubStore configurations. Note the private IP of the PubStore.
  9. Use the private IP of the PubStore to establish an SSH connection.

    Code Block
    root# ssh -i <security certificate file path> ubuntu@<give the private IP>
  10. Log in to the apim-pubstore-01 instance.

    Code Block
    ubuntu@bastion-public:~$ ssh ubuntu@<private IP>
  11. Note that you get a prompt in the command-line as ubuntu@<ramdon_number>-apim-mgt-pubstore, if you successfully log in. The init script has executed, changed the hostname, and called the Puppet Master.

    Tip

    Tip: To make sure that the product is running, you can inspect the wso2carbon.log file.

    Code Block
    ubuntu@67802091531-apim-mgt-pubstore:~$ tail -10000f /mnt/pubstore/wso2am-1.9.0/repository/logs/wso2carbon.log
  12. According to our sample deployment architecture, you need two PubStore instances in two availability zones- one in the apim-subnet-b subnet and another in the apim-subnet-c subnet. Therefore, repeat the above steps to spawn another instance with the following changes:
    • In Step 3, select the subnet as apim-subnet-c. Use the same user data.

    • In Step 6, tag the instance as apim-pubstore-02.

Spawning the Key Manager instance

According to our sample deployment architecture, you need two Key Manager instances in two availability zones- one in the apim-subnet-b subnet and another in apim-subnet-c subnet. 

 To spawn the Key Manager instances, follow the same steps in spawning the PubStore instance except for a the following variations in step 3 and 6:

  • In Step 3, select the subnet as apim-subnet-b in the first instance and apim-subnet-c in the second instance. Use the following user data in both Key Manager instances:

    Code Block
    SERVICE=keymanager
    SUBCLUSTERDOMAIN=mgt
    CLOUD=apim
    ENVIRONMENT=test
  • In Step 6, tag the instance as apim-keymanager-01 in the first instance and as apim-keymanager-02 in the second instance.

Spawning the Gateway Manager instance

According to our sample deployment architecture, you need only one Gateway Manager instance in a us-east-1b availability. The instance must be in the apim-subnet-b subnet.

To spawn the Gateway Manager instance, follow the same steps in spawning the PubStore instance except for a the following variations in step 3 and 6:

  • In Step 3, select the subnet as apim-subnet-b and use the following user data:

    Code Block
    SERVICE=gate-way-m
    SUBCLUSTERDOMAIN=mgt
    CLOUD=apim
    ENVIRONMENT=test 
  • In Step 6, tag the instance as apim-gateway-mgt-01.

Spawning the Gateway Worker instance

According to our sample deployment architecture, you need two Gateway Worker instances in two availability zones- one in the apim-subnet-b subnet and the other in apim-subnet-c subnet.

To spawn the Gateway Manager instance, follow the same steps in spawning the PubStore instance except for a the following variations in step 3 and 6:

  • In Step 3, select the subnet as apim-subnet-b in the first instance and apim-subnet-c in the second instanceUse the following user data in both instances:

    Code Block
    SERVICE=gateway
    SUBCLUSTERDOMAIN=wkr
    CLOUD=apim
    ENVIRONMENT=test
  • In Step 6, tag the first instance as apim-gateway-wkr-01 and the second instance as apim-gateway-wkr-02.

Adding instances to the ELBs

After spawning the product instances, add them to the four ELBs as follows:

ELB NameInstances to be Added
apim-elb-pubstore
  • apim-pubstore-01
  • apim-pubstore-02
apim-elb-keymanager
  • apim-keymanager-01
  • apim-keymanager-02
apim-elb-gateway-mgt
  • apim-gateway-mgt-01
apim-elb-gateway-wkr
  • apim-gateway-wkr-01
  • apim-gateway-wkr-02
Tip

Tip: At least one instance in an ELB should have the InService status.

Configuring auto scaling

Auto scaling helps you to automatically adjusts the resource utilization of your Cloud instance, according to conditions you define. It helps you maintain the optimal capacity required for the current request load. For example, when more tenants log in, more resources are automatically spawned. Auto scaling helps increase the availability of your Cloud to users.

Follow the sections below to configure auto scaling:

Creating launch configurations

launch configuration is a template that an auto scaling group uses to launch EC2 instances.

Follow the steps below to create launch configurations.

  1. In your AWS instance, click Services -> EC2 -> Launch Configurations -> Create Launch Configuration

  2. In the Choose AMI page that opens, select the AMI you created earlier and proceed to the next tab.
    Image Added

  3. Proceed through the rest of the configurations by giving the values according to your requirements. Select apim-puppetmaster-sg and apim-natsg as the security groups in the Configure Security Groups tab.

  4. In the Review page, review the configuration summary and click Launch.

  5. Select the previously created key pair.

Now that you have created the launch configurations for your auto scaling groups, let's proceed to create the auto scaling groups.

Creating auto scaling groups

You create an auto scaling group by specifying the minimum, maximum and the desired number of EC2 instances for the group. When you create an auto scaling group using an EC2 instance, a launch configuration for the group is automatically created for you. This launch configuration has the same name as the auto scaling group, and it derives its attributes, such as AMI ID, instance type, and Availability Zone, from the EC2 instance.

Follow the steps below to create an auto scaling group.

  1. In your AWS instance, click Services -> EC2 -> Auto Scaling Groups -> Create Auto Scaling Group

  2. Select the launch configuration that you created in the previous section and proceed to the next page.
    Image Added

  3. In the Configure Auto Scaling Group Details page that opens, configure the details as follows and proceed to the next page.
    • Group name: apim-gateway-autoscaling-gp
    • Group size: 1 instance
    • Network: The VPC that you created earlier in this guide
    • Subnet: apim-subnet-c and apim-subnet-b
    • Load balancing: apim-elb-gateway-wkr
    • Health check type: EC2
    Image Added
  4. In the Configure scaling policies page that opens, choose to use scaling policies to adjust the capacity of your group and configure the policy according to your requirements. Once done, proceed to the next page.
    In this example, we use the following settings:
    Image Added

  5. Complete the rest of the configuration and review and create the auto scaling group.

You can inspect the instance spawning and termination history using the Activity History tab of the auto scaling group and the auto scaled instances using the Gateway Worker ELB’s Instances tab.