Configuring an Active-Active Deployment
This page walks you through how to manually configure WSO2 API Manager (WSO2 API-M) with two active nodes that each have all the components of the API-M together in one instance (all-in-one instance).Ā
Follow the instructions below to configure and deploy API-M by using an Active-Active deployment:
Step 1 - Create a SSL certificate
Create a SSL certificate on the first WSO2 API-M all-in-one active node. For more information,Ā seeĀ Creating SSL CertificatesĀ in the Administration Guide.Ā
Step 2 -Ā Configure the load balancer
For information on configuring the load balancer, seeĀ Configuring the Proxy Server and the Load Balancer.
Step 3 - Configure the databases
For information on configuring the databases, seeĀ Installing and Configuring the Databases.
Step 4 - Configure the Publisher with the Gateway
This step is required only if you are using rsync to share files.
When you use rsync the file synchronization will happen in only one direction. Therefore the following configuration, to enable synchronization in both directions between two nodes.
For more details, see the next step.
Configure the API Publisher in both nodes to be able to publish to the API-M Gateway of one of the nodes. Do this by pointing theĀ <ServerURL>
Ā to the same Gateway node.
You need to configure this in the <API-M_HOME>/repository/conf/api-manager.xml
file.
<APIGateway> <Environments> <Environment type=ā[environment-name]ā api-console="true"> <ServerURL>https://localhost:${mgt.transport.https.port}${carbon.context}services/</ServerURL> </Environment> </Environments> </APIGateway>
Step 5 -Ā Configure the content synchronization mechanismĀ
Configure a shared file system as the content synchronization mechanism.Ā You can use a common shared file system such as Network File System (NFS) or any other shared file system that is available.Ā You need to mount theĀ <API-M_HOME>/repository/deployment/server
Ā directory of the two nodes to the shared file system, in order to share all APIs and throttling policies between all the nodes.Ā
Shared file system is the first preference that WSO2 recommends to synchronize the artifacts among the nodes, because APIs and throttling decisions can be published to any of the nodes; thereby, avoiding the vulnerability of a single point of failure that is present when using remote synchronization (rsync). However, if you are unable to maintain a shared file system, you can synchronize content using rsync. For information on setting up a rsync based deployment synchronization, seeĀ Configuring rsync for Deployment Synchronization.
Using Rsync for deployment synchronization
If you are using rsync, the API artifacts will be synchronized to one direction. As explained in Configuring rsync for Deployment Synchronization section, the synchronization will happen from manager to worker. Hence, The API artifact should be created on one node only, which acts like a manager node for artifact synchronization purpose. Please follow the steps below to configure this:
Assuming node-1 is the manager node for artifact synchronization,
- Open
<API-M_HOME>/repository/conf/api-manager.xml
Ā file in node-1. Configure Gateway Server URL to point to its own (localhost):
<APIGateway> <ServerURL>https://localhost:${mgt.transport.https.port}${carbon.context}services/</ServerURL> </APIGateway>
- Open
<API-M_HOME>/repository/conf/api-manager.xml
Ā file in node-2. Configure Gateway Server URL to point to the node-1:
<APIGateway> <ServerURL>https://<node1-hostname>:<node-1-mgt-transport-port>/services/</ServerURL> </APIGateway>
Note that
<node-1-mgt-transport-port>
is the management transport port, which is by default 9443.
Step 6 - Configure Throttling
Step 7 - Configure the second WSO2 API-M node
Make a copy of the active instance configured above and use this copy as the second active instance.
When making a copy of the node, you need to also make a copy of the SSL certificate that you created for node 1 in step 1.
Step 8 - Configure your deployment with production hardening
Ensure that you have taken into account the respective security hardening factors (e.g., changing and encrypting the default passwords, configuring JVM security etc.) before deploying WSO2 API-M. For more information, see the Production Deployment Guidelines in the Administration Guide.
Step 9 - Configure API-M Analytics
If you wish to view reports, statistics, and graphs related to the APIs deployed in the Store, you need to configure API-M Analytics. Follow the standard setup to configure API-M Analytics in a production setup, and follow the quick setup to configure API-M Analytics in a development setup.
If you want to configure high availability (HA) for API-M Analytics, seeĀ Minimum High Availability Deployment for WSO2 APIM Analytics.
Step 10 - Start the WSO2 API-M servers
Before you start the servers
If you want to deploy WSO2 API-M using a hybrid active-active deployment pattern where WSO2 Identity Server is used as the Key Manager in high availability mode while the rest of the WSO2 API-M components are all in one node, configure and start the Key Manager (e.g., configure and start WSO2 Identity Server as the Key Manager) before starting the API-M servers.
Start the WSO2 API-M servers using the standard start-up script. For more information, seeĀ Starting the server.