Axway Product Catalog

Axway support is provided by the following three products, all defined within the API Management product catalog

ComponentDescriptionApache Cassandra DatabaseChoosing this option will support the creation of Cassandra database instances, including multiple node clusters. Apache Cassandra support has been implemented to support API Gateway environments, however it is also possible to create standalone Cassandra DB environments.Axway API Gateway ManagerSingle administrative gateway instance in an API Manager configuration.Axway API Gateway ServerA single API Gateway instance. This product is required when using the API Gateway Manager product, and is also used to define core configuration properties for the API Gateway product as a whole.

Assumptions

The implementation of Axway support assumes the use of certificate configuration. All properties required by products within MyST Studio must be specified explicitly. It is not currently possible to establish a cassandra database without all certificate/keystore parameters defined and the related items pre-existing on the hosts.

Creating an Axway Environment

A single MyST blueprint and model can be used to create an Axway API Gateway environment including an API Manager node, multiple API Gateway nodes, and a Cassandra database cluster. For each product being used, a single compute group should be defined to control the targeting of specific products.

Note that the compute node targeted for Cassandra DB use has 2 nodes in the above image to support a 2 node cluster.

Required product configuration parameters are detailed below. Once a model has been fully configured for all required products, performing a Provision within MyST Studio will deliver everything required to create an environment across all nodes through automation.

Product Configuration Parameters

This section provides an example configuration for each supported product, listing all required properties for configuration.

Axway API Gateway Server

NameExample ValueExplanationapi-manager-hostsip-192-168-146-224.us-west-2.compute.internalComma-separated list of fully-qualified domain names for hosts where API Manager will be configuredcertificate-cer-file/u01/communal/certificates/NonProd/Internal/Servers/esidev/esidev.cerCertificate file used in LDAP configurationcertificate-folder/u01/communal/certificates/NonProd/Internal/Servers/esidevDirectory to find certificate files inlicense-path/home/oracle/Axway.licFull path to license file on each node configured for API Gateway. This property is also used by API Gateway Manager.os-groupoinstallOS group to use when creating product installationos-useroracleOS user to use when creating product installationpython-path/usr/local/bin/python2.7Full path to Python 2.7 (or above) binary on each node configured for API Gateway. This property is also used by API Gateway Manager, and in a model containing both API Gateway Server and Cassandra DB, can be used by Cassandra DB.service-pack-fileAPIGateway_7.5.3_SP6_Core_linux-x86-64_BN2018032339.tar.gzName of Axway API Gateway service pack file to install as part of patching product installation. This file will be found under the directory indicated by the install.dir MyST global variable.

Global Variables

NameExample ValueExplanationbase.log.dir/u01/app/logsRoot directory under which Axway log files are created<node-id>.group=<Group Name>InternalSee section below titled Multiple Axway Gateway Server Groups<node-id>.private=<Private Address>hostname1-privSee section below titled Private Listen or Host Addresses

Multiple Axway Gateway Server Groups

To specify the respective Gateway group for each node in a configuration with Axway Gateway Server targeted to it, specify a global variable with the following syntax:

<node-id>.group=<Group Name>

For example:

rxr.infra.Compute-1.group=Internal

Each server with an Axway Gateway requires this parameter to be set. Currently MyST Studio will also auto-generate a recommended parameter for each relevant server using the IP address of the server. This variable will not be used during configuration, but should be set to the same group name. This duplication will be removed in the next release of MyST Studio.

Private Listen or Host Addresses

An optional 'private' global variable for node indicating private address.

<node-id>.private=<Private Address>

For example:

rxr.infra.Compute-1.private=ip-192-168-146-231.us-west-2.compute.internal-priv

Axway API Gateway Manager

NameExample ValueExplanationadmin-host192.168.146.222IP address/host API Manager is configured onadmin-passwordwelcome1Password used to authenticate for administration functionsadmin-port8090Port used for administration trafficcertificate-folder/u01/communal/certificates/NonProd/Internal/Servers/esiadminDirectory to find certificate files incertificate-cer-file<full path to file>Certificate file for admin gateway to use in certificate store (.cer file)certificate-issuing-file<full path to file>Issuing authority certificate to use as part of certificate store (.cer file)certificate-root-file<full path to file>Root certificate to use as part of certificate store (.cer file)groupsInternal,ExternalComma-separated list of all defined groups in API Manager instanceldap-urlldaps://hostname.domain:636URL to locate LDAP server used by Gateway Managermanagement-address192.186.146.222IP address/host used for management trafficos-groupoinstallOS group to use when creating product installationos-useroracleOS user to use when creating product installationprocess-accountSJRB\procdev_oag_internalLDAP username used by processprocess-account-passwordwelcome1LDAP password used by process

| site-port | 8095 | Port to use for gateway traffic |

Apache Cassandra Database

Given the length of values for Cassandra Database parameters, explanations are not provided in the table below.

NameExample Valuecluster-addresses192.168.146.150,192.168.146.171cqlrshrc-cert-file/u01/share/dev.pemcqlrshrc-key-file/u01/share/dev.keydatacenter-nameGatewayDatacenter (default value)listen-port9042 (default value)python-path/usr/local/bin/python2.7rack-nameGatewayRack (default value)replication-factor2require-client-authtrue (default value)ssl-algorithmSunX509 (default value)ssl-cipher-suitesTLS_RAS_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA... (default value)ssl-enabledtrue (default value)ssl-internode-encryptionall (default value)ssl-keystore-file/u01/share/dev.jksssl-protocolTLS (default value)ssl-store-typeJKS (default value)ssl-truststore-file/u01/share/truststore.jksssl-truststore-passwordwelcome1useroracle

Troubleshooting Axway Provisioning

Provisioning Axway environments can be complicated, particularly when determining why provisioning might have failed, in a configuration that can span multiple nodes. To assist with troubleshooting, especially in the early stages of the lifecycle of Axway support within MyST, a number of log files are created capturing output from particular steps in provisioning. These files exist in the temporary workspaces created by the MyST agent, and should be captured in a generated support artifact.

FileInformationconfigure-admin.logContains output from installation, patching and configuration of an Axway Admin Gateway node. Created by the Python script configure-axway-admin-python.pyconfigure-axway.logContains output from installation, patching and configuration of an Axway Gateway node. Created by the Python script configure-axway-python.pykill-Internal.logContains output from killing any running Gateway process prior to a new installation of Axway software. Created by the Python script kill-process-matching-and-wait.pykill-Node.logContains output from killing any running node manager process prior to a new installation of Axway software. Created by the Python script kill-process-matching-and-wait.py

Axway Support Roadmap

Upcoming MyST releases will provide support for the following:

Removal of redundant cluster configuration for Cassandra

Currently when configuring a Cassandra cluster a number of actions are performed on the second node of a cluster that repeat configuration already performed on the first node of a cluster. These redundant actions will be removed in future Cassandra DB support.

Switch to optional certificate configuration

The current mandatory certificate configuration performed for an API Gateway environment will become optional in future API Gateway support, allowing for a larger range of usage scenarios.

‍