This documentation is for older WSO2 products. View documentation for the latest release.
Page Comparison - Clustering API Manager in Amazon Web Services (v.71 vs v.72) - Clustering Guide 4.2.0 - WSO2 Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: DOCUMENTATION-4421

...

Creating route tables

A route table contains a set of rules, called routes, that are used to determine where network traffic is directed.

In this guide, we create two route tables- one to configure the Internet gateway to face the public network (i.e., the Internet), and another for the internal routes.

Follow the steps below to create the public route table:

  1. Go to your AWS instance and click  Services -> VPC -> Route Tables. Then, click Create Route Tables and give the details of the public route table. Here's an example:
  2. Select the public route table you just created, click the Routes tab, and add a route for the previously created Internet gateway as follows:  
  3. Go to the Subnet Associations  tab and configure the subnet associations to the route table. In this example, we associate the DMZ and DB subnets to the route table, since those subnets directly face the Internet.

Let's create the private route table next.

Follow the steps below to create the internal route table.

  1. Go to your AWS instance and click Services -> VPC -> Route Tables. Then, click Create Route Tables and give the details of the internal route table. Here's an example:
  2. Configure the routes and subnets. See Creating a NAT Instance to create a NAT based gateway.
    Here's an example:
    Subnet association configuration:
  3. After configuring the route tables, go to each subnet summary  and verify that the details are correct.

    SubnetSummary
    apim-subnet-b
    Image Modified
    apim-subnet-c
    Image Modified
    apim-dmz-b
    Image Modified
    apim-dmz-d
    Image Modified
    apim-dmz-c
    Image Modified
    apim-db-subnet-c
    Image Modified
    apim-db-subnet-b
    Image Modified

Creating security groups  

...

  1. Go to your AWS instance and click Services -> EC2 -> Security Group. Then, click Create security Group.
  2. Create six security groups separately as follows and set their Inbound and OutBound rules.

    Tip

    Tip: You can use a different naming convention for the groups or create a security group without rules and add them later. 

    Security GroupSummary
    apim-bastion-sg
    Image Modified
    apim-nat-sg
    Image Modified
    apim-puppetmaster-sg
    Image Modified
    apim-dmz-sg

    Image ModifiedImage Modified

    apim-cluster-sg
    Image Modified
    apim-db-sg
    Image Modified
  3. After creating the security groups, go to Services -> EC2 -> Security Groups and verify that the details are correct. 

...

  1. In your AWS instance, click  Services -> EC2 -> Instances -> Launch Instance
  2. The steps involved in creating a bastion instance is the same as a NAT instance. The table below summarises the configurations you do at each stage. Follow it until you get to the last tab, which is Review.

    Tab NameConfigurations
    Choose AMI

    Choose Ubuntu Server 14.04 LTS (HVM), SSD Volume Type

    Choose Instance Typet2.medium
    Configure Instance
    • Network: Select the VPC created here
    • Subnet: apim-dmz-d
    • Auto assign public IP: Enable

    Keep default settings for the rest.

    Add StorageSet the optimal storage
    Tag Instance
    • Key: Name
    • Value: apim-bastion
    Configure Security GroupClick the Select an existing security group option and select the  apim-bastion-sg instance from the list.
  3. In the Review page, your instance configuration summary is listed. Verify its accuracy and click  Launch .
  4. Select the Choose an existing key pair option and select the key pair that you created here. Then, click Launch Instances.
  5. Go to your AWS instance, click  Services -> EC2 -> Instances, select apim-bastion and note the bastion instance that you just created listed there.

...

  1. In your AWS instance, click Services -> EC2 -> Instances -> Launch Instance
  2. The steps involved in creating an SVN instance is the same as a NAT instance. The table below summarises the configurations you do at each stage. Follow it until you get to the last tab, which is Review.

    Tab NameConfigurations
    Choose AMI

    Choose Ubuntu Server 14.04 LTS (HVM), SSD Volume Type

    Choose Instance Typet2.small
    Configure Instance
    • Network: Select the VPC created here
    • Subnet: apim-subnet-c
    • Auto assign public IP: Disable

    Keep default settings for the rest.

    Add StorageSet the optimal storage
    Tag Instance
    • Key: Name
    • Value: apim-svn
    Configure Security GroupClick the Select an existing security group option and select the  apim-cluster-sg  and  apim-natsg  instance from the list.
  3. In the Review page, your instance configuration summary is listed. Verify its accuracy and click Launch.
  4. Select the Choose an existing key pair option and select the key pair that you created here. Then, click Launch Instances.
  5. Go to your AWS instance, click Services -> EC2 -> Instances select  apim-svn and note the SVN instance that you just created listed there.

...

  1. In your AWS instance, click Services -> EC2 -> Instances -> Launch Instance.

  2. The steps involved in creating an puppet master instance is the same as a NAT instance. The table below summarises the configurations you do at each stage. Follow it until you get to the last tab, which is Review.

    Tab NameConfigurations
    Choose AMI

    Choose Ubuntu Server 14.04 LTS (HVM), SSD Volume Type

    Choose Instance Typet2.medium
    Configure Instance
    • Network: Select the VPC created here
    • Subnet: apim-subnet-b
    • Auto assign public IP: Disable

    Keep default settings for the rest.

    Add StorageSet the optimal storage
    Tag Instance
    • Key: Name
    • Value: apim-puppet-master
    Configure Security GroupClick the Select an existing security group option and select the apim-puppetmaster-sg  and  apim-natsg  instance from the list.
  3. In the Review page, your instance configuration summary is listed. Verify its accuracy and click Launch.
  4. Select the Choose an existing key pair option and select the key pair that you created here. Then, click Launch Instances.
  5. Go to your AWS instance, click  Services -> EC2 -> Instances, select apim-puppet-master and note the puppet master instance that you just created listed there.

...

  1. In your AWS instance, click Services -> EC2 -> Instances -> Launch Instance.

  2. The steps involved in creating a base instance is the same as a NAT instance. The table below summarises the configurations you do at each stage. Follow it until you get to the last tab, which is Review.

    Tab NameConfigurations
    Choose AMI

    Choose Ubuntu Server 14.04 LTS (HVM), SSD Volume Type

    Choose Instance Typet2.micro
    Configure Instance
    • Network: Select the VPC created here
    • Subnet: apim-subnet-c
    • Auto assign public IP: Disable

    Keep default settings for the rest.

    Add StorageSet the optimal storage
    Tag Instance
    • Key: Name
    • Value: apim-test-node
    Configure Security GroupClick the Select an existing security group option and select the apim-cluster-sg  and  apim-natsg  instance from the list.
  3. In the Review page, your instance configuration summary is listed. Verify its accuracy and click Launch.
  4. Select the Choose an existing key pair option and select the key pair that you created here. Then, click Launch Instances.
  5. Go to your AWS instance, click  Services -> EC2 -> Instances, select apim-test-node and note the base instance that you just created listed there.

...

  1. Connect to the bastion instance using SSH.

    Code Block
    root# ssh -i <security certificate file path> ubuntu@<give the public IP>
  2. Check to ensure that the apim-puppet-master instance is running. As you are now in the private network, you can use the puppet master instance's private IP. 
  3. From the bastion instance, connect to the puppet master instance using SSH.

    Code Block
    ubuntu@bastion-public:~$ ssh ubuntu@<private IP>
  4. Install the puppet master in this instance. See https://docs.puppetlabs.com/guides/install_puppet/install_debian_ubuntu.html for instructions.
  5. Download the APIM-1.9 puppet modules from here, extract and copy to the /etc/puppet directory. Overwrite any existing files.

  6. Change the parameter file /etc/puppet/module/apimanager/manifest/param.pp according to the requirements of your environment.

  7. Download the following files and place them in the given locations.

    FileDownload fromCopy to
    wso2am-1.9.0.ziphttp://wso2.com/api-management/try-it/modules/apimanager/files/distribution
    jdk-7u75-linux-x64.tar.gzhttp://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.htmlmodules/apimanager/files
    mysql-connector-java-5.1.23-bin.jarhttp://mvnrepository.com/artifact/mysql/mysql-connector-java/5.1.23modules/apimanager/files/common/configs/repository/components/lib
    svnkit-1.3.9.wso2v2.jarClick here
    • modules/apimanager/files/gate-way-m/configs/repository/components/dropins/ 
    • modules/apimanager/files/gateway/configs/repository/components/dropins
    trilead-ssh2-1.0.0-build215.jarClick here
    • modules/apimanager/files/gate-way-m/configs/repository/components/lib
    • modules/apimanager/files/gateway/configs/repository/components/lib

     

Configuring the base instance

...

After spawning the product instances, add them to the four ELBs as follows:

ELB NameInstances to be Added
apim-elb-pubstore
  • apim-pubstore-01
  • apim-pubstore-02
apim-elb-keymanager
  • apim-keymanager-01
  • apim-keymanager-02
apim-elb-gateway-mgt
  • apim-gateway-mgt-01
apim-elb-gateway-wkr
  • apim-gateway-wkr-01
  • apim-gateway-wkr-02
Tip

Tip: At least one instance in an ELB should have the InService status.

...