How do I configure WSO2 API Manager Gateway and Key Manager Cluster settings?

1
votes

I'm working on implementing WSO2 API Manager with the following architecture: A single publisher/store node. A 2 node cluster that both servers run the Gateway and key Manager on.

When I'm following: http://docs.wso2.org/display/CLUSTER420/Clustering+API+Manager#ClusteringAPIManager-Configuringcomponentfeatures

and I get to the step for "Configuring the connections among the components" for api-manager.xml I'm confused when configuring the gateway for:

   <APIKeyManager>
     <ServerURL>https://keymanager.apim-wso2.com:9444/services/</ServerURL>        
     <Username>admin</Username>  
     <Password>admin</Password>   
     ...
   </APIKeyManager>

Should each gateway/key manager node for API Key Manager point to itself?

Further since my Publisher and Store are on a different server when I configure their api-manager.xml for the authmanager and APIGateway do I point that to the cluster name? When configuring:

   <AuthManager>
       <ServerURL>https://keymanager.apim-wso2.com:9444/services/</ServerURL>      
       <Username>admin</Username>
       <Password>admin</Password>
   </AuthManager> 
   <APIGateway>  
     <Environments>
        <Environment type="hybrid">
          <ServerURL>https://gwmanager.apim-wso2.com:9445/services/</ServerURL>         
          <Username>admin</Username>
          <Password>admin</Password> 
          <GatewayEndpoint>http://gwmanager.apim-wso2.com:8282,https://gwmanager.apim-         
             wso2.com:8245</GatewayEndpoint>
        </Environment>
      </Environments>
    </APIGateway>
3
wso2cluster-computinggateway
According to the your previous question [1], you having store+publisher on one node and keymanager+gateway on another node. Is the same deployment you have in here?DarRay
[1] stackoverflow.com/questions/21173955/…DarRay
That is correct. the store/publisher are on one node and the keymanager and gateway on a another node (will actually have multiple other nodes for a farm of keymanager/gateway for more cpu)Gammonster
FYI, please refer docs.wso2.org/display/AM140/Distributed+Deployment to get idea about different distributed deployment patterns for WSO2 API Manager.DarRay

3 Answers

3
votes

Before answering your question let me explain the how they pointed.

  1. When configuring the gateway, you need to specify keymanager.

  2. When configuring the store, you need to specify both keymanager and gateway.

  3. When configuring the publisher, you need to specify gateway.(Before 1.4.0 publisher also needed key manager too)

First one is needed since the gateway get requests for accessing APIs, those requests must be authenticated. So gateway should know the endpoints of keymanager.

On the other hand when creating new APIs its needed to trigger gateway about them, hence publisher needed to know the endpoints of gateway as in 3rd.

Similarly Store needed to about both Keymanager and gateway.

This is also illustrated by the diagram given in "Configuring the connections among the components"

Assuming (according to [1]) the gateway+keymanager is in the same node of your deployment, yes element in gateway+keymanager node should be configured to point to itself.

For example,

<APIKeyManager> 
  <ServerURL>https://gateway-plus-keymanager.apim-wso2.com:9444/services/</ServerURL>
  <Username>admin</Username>
  <Password>admin</Password>
  ...
</APIKeyManager>

And similarly if you have store+publisher node

<APIKeyManager> 
  <ServerURL>https://gateway-plus-keymanager.apim-wso2.com:9444/services/</ServerURL>
  <Username>admin</Username>
  <Password>admin</Password>
  ...
</APIKeyManager>

<AuthManager>
    <ServerURL>https://gateway-plus-keymanager.apim-wso2.com:9444/services/</ServerURL>
    <Username>admin</Username>
    <Password>admin</Password>
</AuthManager>

<APIGateway>
  <Environments>
    <Environment type="hybrid">
        <ServerURL>https://gateway-plus-keymanager.apim-wso2.com:9444/services/</ServerURL>
        <Username>admin</Username>
        <Password>admin</Password>          
        <GatewayEndpoint>http://gateway-plus-keymanager.apim-wso2.com:8281,https://gateway-plus-keymanager.apim-wso2.com:8244</GatewayEndpoint>
    </Environment>
  </Environments>    
</APIGateway>

Here note that the node gateway+keymanager node has the host name gateway-plus-keymanager.apim-wso2.com and started the server with a port offset 1.

[1] How do I configure WSO2 API Manager Gateway and Key Manager Cluster settings?

1
votes

If you are using a DNS round robin then both the serverURL's should point to https://gateway-plus-keymanager.apim-wso2.com:9444/services/ and your DNS should be configured to have the IP's of both GW/KM servers

0
votes

Hi I believe you have a issue in the deployment architecture. There is no point in having two Gateway (GW) nodes if you are not fronting them with a load balancer (LB). So your GW/KM 2 nodes should be fronted with Load balancer. The KM URL you point in the GW nodes should actually point to the (LB) that can distribute the traffic among two KM nodes.