Follow the instructions below to use Kubernetes (K8s) or OpenShift resources for container-based deployments of WSO2 API Manager (API-M).
In the context of this document, < KUBERNETES_HOME>
refers to a local copy of the wso2/kubernetes-apim
Git repository that includes common resources that can be used for Kubernetes and OpenShift.
Checkout the WSO2
kubernetes-apim
repository usinggit clone
:git clone https://github.com/wso2/kubernetes-apim.git git checkout tags/v2.1.0-2
Either pull the WSO2 Docker images or build your own Docker images.
Building your own Docker images.
If you wish to work with a customized setup, you can build the Docker images.Note that the same images can be used for OpenShift.
- Pulling the WSO2 Docker images.
Log in to the
WSO2 Docker Registry
.
Enter your WSO2 subscription credentials to log in to the WSO2 Docker Registry.As the Docker image contains WUM updates, you need to either have a subscription for WSO2 API Manager or a free trial subscription to be able to pull the required Docker images from the registry.
docker login docker.wso2.com
Pull required Docker images from the
WSO2 Docker Registry
usingdocker pull
:docker pull docker.wso2.com/wso2am-analytics-kubernetes:2.1.0 docker pull docker.wso2.com/wso2am-kubernetes:2.1.0 docker pull docker.wso2.com/apim-rdbms-kubernetes:2.1.0
Copy the Images into Kubernetes/OpenShift nodes or to a Registry.
Copy the required Docker images over to the Kubernetes Nodes.
For example:Use
docker save
to create a TAR file of the required image.scp
the TAR file to each node.Use
docker load
to load the image from the copied TAR file on the nodes.
Alternatively, if a private Docker registry is used, transfer the images there.
Deploy Kubernetes/OpenShift Resources.
Before you begin the deployment, make sure that you have the following prerequisites.
Set up Network File System (NFS) to deploy any pattern.
NFS is used as the persistent volume for API Manager servers. As a result, setting up NFS is required to deploy any pattern. Therefore, you need to complete the following:- Update the NFS server IP in
<KUBERNETES_HOME>/pattern-X/artifacts/volumes/persistent-volumes.yaml
- Create the required directories in the NFS server for each pattern as mentioned in the <
KUBERNETES_HOME>/pattern-X/artifacts/volumes/persistent-volumes.yaml
For example, forpattern-1
, create the directories as/exports/pattern-1/apim
- Update the NFS server IP in
It is recommended to use a MySQL or any database cluster in a production environment.
Only one MySQL container is used with host path mount in these deployments.
Deploy Kubernetes/OpenShift Resources:
The following instructions have been tested on OpenShift v3.6.0 and Kubernetes v1.6.1 and NFS is tested in Kubernetes v1.6.1.
Deploy a pattern on Kubernetes
Create a namespace named
wso2
.kubectl create namespace wso2
Create a service account named
wso2svcacct
in thewso2
namespace.kubectl create serviceaccount wso2svcacct -n wso2
Deploy any pattern by running the
deploy-kubernetes.sh
script that is inside the pattern folder (<KUBERNETES_HOME>/pattern-X/artifacts
directory)../deploy-kubernetes.sh
Access the management console using the following command to list ingresses in the deployment.
kubectl get ingress
Add relevant hosts and IP addresses to the
/etc/hosts
file.
The following are sample access URLs. However, note that this will vary based on the pattern that you are using.
If required, undeploy a pattern on Kubernetes
You can undeploy any pattern by running the
undeploy-kubernetes.sh
script that is inside the pattern folder (<KUBERNETES_HOME>/pattern-X/
directory)../undeploy-kubernetes.sh
Deploy a pattern on OpenShift
Step 1 - Configure OpenShift
Create a user named
admin
and assign the user to thecluster-admin
role.This user with the
cluster-admin
role is used to deploy the OpenShift artifacts.oc login -u system:admin oc create user admin --full-name=admin oc adm policy add-cluster-role-to-user cluster-admin admin
Create a new project named
wso2
.oc new-project wso2 --description="WSO2 API Manager 2.1.0" --display-name="wso2"
Create a service account named
wso2svcacct
in thewso2
project.oc create serviceaccount wso2svcacct
Assign the service account named
wso2svcacct
to theanyuid
security context constraintoc adm policy add-scc-to-user anyuid -z wso2svcacct -n wso2
Define the service account in the deployment artifact YAML file.
For example, see thewso2apim-manager-worker-deployment.yaml
file.serviceAccountName: "wso2svcacct"
Step 2 - Deploy the pattern
Deploy any pattern by running the
deploy-openshift.sh
script inside the pattern folder (<KUBERNETES_HOME>/pattern-X/
directory)../deploy-openshift.sh
Access the Management Console using the following command to list the routes in the deployment.
oc get routes
Add relevant hosts and IP addresses to the
/etc/hosts
file.The following are sample access URLs. Note that this varies based on the pattern that you are using.
If required, undeploy a pattern on OpenShift
You can undeploy any pattern by running theundeploy-openshift.sh
script that is inside the pattern folder (<KUBERNETES_HOME>/pattern-X/
directory)../undeploy-openshift.sh
Customize the deployment (If required).
Configurations are bound with the
wso2
namespace. Therefore, if you are changing the hostnames or the namespace, do the following:- Change
wso2.svc
to<namespace>.svc
in all the configuration files. - Update the
KUBERNETES_NAMESPACE
parameter with the correct namespace in all the<API-M_HOME>/
repository/conf/axis2/
axis2.xml
files. - Update Docker base images.
Use a CA signed certificate and update theclient-truststore.jks
andwso2carbon.jks
files which are in the following location.
https://github.com/wso2/kubernetes-apim/tree/2.1.0-nfs/base/apim/files.
- Change