Axway Product Catalog
Axway support is provided by the following three products, all defined within the API Management product catalog
| Component | Description |
|---|---|
| Apache Cassandra Database | Choosing this option will support the creation of Cassandra database instances, including multiple node clusters. Apache Cassandra support has been implemented to support API Gateway environments, however it is also possible to create standalone Cassandra DB environments. |
| Axway API Gateway Manager | Single administrative gateway instance in an API Manager configuration. |
| Axway API Gateway Server | A single API Gateway instance. This product is required when using the API Gateway Manager product, and is also used to define core configuration properties for the API Gateway product as a whole. |
Assumptions
The implementation of Axway support assumes the use of certificate configuration. All properties required by products within MyST Studio must be specified explicitly. It is not currently possible to establish a cassandra database without all certificate/keystore parameters defined and the related items pre-existing on the hosts.
Creating an Axway Environment
A single MyST blueprint and model can be used to create an Axway API Gateway environment including an API Manager node, multiple API Gateway nodes, and a Cassandra database cluster. For each product being used, a single compute group should be defined to control the targeting of specific products.
Note that the compute node targeted for Cassandra DB use has 2 nodes in the above image to support a 2 node cluster.
Required product configuration parameters are detailed below. Once a model has been fully configured for all required products, performing a Provision within MyST Studio will deliver everything required to create an environment across all nodes through automation.
Product Configuration Parameters
This section provides an example configuration for each supported product, listing all required properties for configuration.
Axway API Gateway Server
| Name | Example Value | Explanation |
|---|---|---|
api-manager-hosts |
ip-192-168-146-224.us-west-2.compute.internal |
Comma-separated list of fully-qualified domain names for hosts where API Manager will be configured |
certificate-cer-file |
/u01/communal/certificates/NonProd/Internal/Servers/esidev/esidev.cer |
Certificate file used in LDAP configuration |
certificate-folder |
/u01/communal/certificates/NonProd/Internal/Servers/esidev |
Directory to find certificate files in |
license-path |
/home/oracle/Axway.lic |
Full path to license file on each node configured for API Gateway. This property is also used by API Gateway Manager. |
os-group |
oinstall |
OS group to use when creating product installation |
os-user |
oracle |
OS user to use when creating product installation |
python-path |
/usr/local/bin/python2.7 |
Full path to Python 2.7 (or above) binary on each node configured for API Gateway. This property is also used by API Gateway Manager, and in a model containing both API Gateway Server and Cassandra DB, can be used by Cassandra DB. |
service-pack-file |
APIGateway_7.5.3_SP6_Core_linux-x86-64_BN2018032339.tar.gz |
Name of Axway API Gateway service pack file to install as part of patching product installation. This file will be found under the directory indicated by the install.dir MyST global variable. |
Global Variables
| Name | Example Value | Explanation |
|---|---|---|
base.log.dir |
/u01/app/logs |
Root directory under which Axway log files are created |
<node-id>.group=<Group Name> |
Internal |
See section below titled Multiple Axway Gateway Server Groups |
<node-id>.private=<Private Address> |
hostname1-priv |
See section below titled Private Listen or Host Addresses |
Multiple Axway Gateway Server Groups
To specify the respective Gateway group for each node in a configuration with Axway Gateway Server targeted to it, specify a global variable with the following syntax:
<node-id>.group=<Group Name>
For example:
rxr.infra.Compute-1.group=Internal
Each server with an Axway Gateway requires this parameter to be set. Currently MyST Studio will also auto-generate a recommended parameter for each relevant server using the IP address of the server. This variable will not be used during configuration, but should be set to the same group name. This duplication will be removed in the next release of MyST Studio.
Private Listen or Host Addresses
An optional 'private' global variable for node indicating private address.
<node-id>.private=<Private Address>
For example:
rxr.infra.Compute-1.private=ip-192-168-146-231.us-west-2.compute.internal-priv
Axway API Gateway Manager
| Name | Example Value | Explanation |
|---|---|---|
admin-host |
192.168.146.222 |
IP address/host API Manager is configured on |
admin-password |
welcome1 |
Password used to authenticate for administration functions |
admin-port |
8090 |
Port used for administration traffic |
certificate-folder |
/u01/communal/certificates/NonProd/Internal/Servers/esiadmin |
Directory to find certificate files in |
certificate-cer-file |
<full path to file> |
Certificate file for admin gateway to use in certificate store (.cer file) |
certificate-issuing-file |
<full path to file> |
Issuing authority certificate to use as part of certificate store (.cer file) |
certificate-root-file |
<full path to file> |
Root certificate to use as part of certificate store (.cer file) |
groups |
Internal,External |
Comma-separated list of all defined groups in API Manager instance |
ldap-url |
ldaps://hostname.domain:636 |
URL to locate LDAP server used by Gateway Manager |
management-address |
192.186.146.222 |
IP address/host used for management traffic |
os-group |
oinstall |
OS group to use when creating product installation |
os-user |
oracle |
OS user to use when creating product installation |
process-account |
SJRB\procdev_oag_internal |
LDAP username used by process |
process-account-password |
welcome1 |
LDAP password used by process |
| site-port | 8095 | Port to use for gateway traffic |
Apache Cassandra Database
Given the length of values for Cassandra Database parameters, explanations are not provided in the table below.
| Name | Example Value |
|---|---|
cluster-addresses |
192.168.146.150,192.168.146.171 |
cqlrshrc-cert-file |
/u01/share/dev.pem |
cqlrshrc-key-file |
/u01/share/dev.key |
datacenter-name |
GatewayDatacenter (default value) |
listen-port |
9042 (default value) |
python-path |
/usr/local/bin/python2.7 |
rack-name |
GatewayRack (default value) |
replication-factor |
2 |
require-client-auth |
true (default value) |
ssl-algorithm |
SunX509 (default value) |
ssl-cipher-suites |
TLS_RAS_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA... (default value) |
ssl-enabled |
true (default value) |
ssl-internode-encryption |
all (default value) |
ssl-keystore-file |
/u01/share/dev.jks |
ssl-protocol |
TLS (default value) |
ssl-store-type |
JKS (default value) |
ssl-truststore-file |
/u01/share/truststore.jks |
ssl-truststore-password |
welcome1 |
user |
oracle |
Troubleshooting Axway Provisioning
Provisioning Axway environments can be complicated, particularly when determining why provisioning might have failed, in a configuration that can span multiple nodes. To assist with troubleshooting, especially in the early stages of the lifecycle of Axway support within MyST, a number of log files are created capturing output from particular steps in provisioning. These files exist in the temporary workspaces created by the MyST agent, and should be captured in a generated support artifact.
| File | Information |
|---|---|
configure-admin.log |
Contains output from installation, patching and configuration of an Axway Admin Gateway node. Created by the Python script configure-axway-admin-python.py |
configure-axway.log |
Contains output from installation, patching and configuration of an Axway Gateway node. Created by the Python script configure-axway-python.py |
kill-Internal.log |
Contains output from killing any running Gateway process prior to a new installation of Axway software. Created by the Python script kill-process-matching-and-wait.py |
kill-Node.log |
Contains output from killing any running node manager process prior to a new installation of Axway software. Created by the Python script kill-process-matching-and-wait.py |
Axway Support Roadmap
Upcoming MyST releases will provide support for the following:
Removal of redundant cluster configuration for Cassandra
Currently when configuring a Cassandra cluster a number of actions are performed on the second node of a cluster that repeat configuration already performed on the first node of a cluster. These redundant actions will be removed in future Cassandra DB support.
Switch to optional certificate configuration
The current mandatory certificate configuration performed for an API Gateway environment will become optional in future API Gateway support, allowing for a larger range of usage scenarios.