Hosting WSO2 APIM as a Distributed Setup in Azure VM - Part 1
WSO2 API Manager is a great tool for building, integrating, and exposing your digital services as managed APIs. The tool can be hosted on the cloud, on-premises, and on hybrid architectures. In this article, we will be talking about hosting the tool in an Azure VM (Virtual Machine).
The following steps need to be completed in order to have a successfully running build in the VMs.
- Getting the necessary VMs
- Setting up the database
- Configuring the VMs for traffic
- Installing necessary softwares for VMs
- Editing the Ansible script
- Running the script and testing
- Adding the load balancer
At a glance, this may seem like a tall order; but I can assure you that it’s way simpler when you tackle the steps one by one.
I highly recommend setting up a distributed system in your local environment before moving to the cloud, in order to understand what is happening and how the configs should be.
Before going further, let’s establish some ground truths of values which would be used throughout the article. You may be unfamiliar with some of them at this point, but you would understand them all as you go through the article.
You can use any values of your preference for the above variables. I am using the values mentioned here so that I can refer to the variables with ease.
1. Getting the Necessary VMs
To get started, you need to consider the architecture you are using for the distributed setup. I will be using 4 instances in this guide:
one for the DB (database), one for the LB (load balancer), one for the APIM CP (control plane) + the APIM TM (traffic manager), and one for the APIM GW (gateway).
For more architecture, you can refer the WSO2 distributed deployment document.
It is quite important to make sure you select the correct instances. In this guide, I have used:
- Standard F4s v2 (4 vCPUs, 8 GiB memory) — DB
- 3 Standard D4s v3 (4 vCPUs, 16 GiB memory) — LB,CP+TM,GW
If you are not sure what you want, use the guidance of the VM selector on Azure.
Since the VMs used in this guide are from Microsoft Azure, you can follow the quick start guide to create the instances. You will need to create an Azure account for this. Make sure your VM key files are stored in a safe place as mentioned in the quick start guide, so that you would not loose them.
2. Setting up the Database
- Let’s set up the database. You can use the terminal on your machine or the Cloud Shell given by Azure to establish a SSH (Secure Shell) connection into the VM. Before doing that, check whether the SSH port is open.
- Go to your instance in the Azure home. There, in the overview tab, you will find a drop down called connect. Select the SSH option from the drop down and follow the instructions given. You can also find the username of your VM and the public IP address from that window.
If you want to get the folder path of your keys,
cdinto the location of your key files using the terminal and use the commandpwd. Alternatively, you can simply drag and drop the key file to the terminal.
If everything goes right, you will connect to the VM via SSH.
A few possible reasons for failures are the SSH port not being open, the key file NOT being read only, or using the wrong key file.
- Following the above methods, SSH into the instance where you are planning to setup the database. Here, I am planning to setup a MySQL server. Therefore, I’m running
sudo apt-get install mysql-server. If you want to setup a different database for WSO2, refer this document on setting-up a database. - You will need to create two databases for the WSO2 APIM. The required scripts can be found in your APIM pack. If you want the latest pack, you can visit the WSO2 APIM page. You can find previous releases there as well. Once you download a pack, the two scripts can be found in:
- shared_db script- <API-M_HOME>/dbscripts/mysql.sql
- apim_db script- <API-M_HOME>/dbscripts/apimgt/mysql.sql
- You will need to upload the above two files to your VM. For that, you can use the command
scp. The commands ofscpare quite similar to those ofssh.
For uploads:
scp -i key_file_path file azureuser@azurehost:directory/target_file
ex: scp -i /home/user/cpkey.pem myfile.txt azureuser@99.999.99.999:/mnt/myfolder/myfile.txt
For downloads:
scp -i key_file_path azureuser@azurehost:directory/file target_file
For more information, check the Azure documentation on SCP.
- Next, create the two databases using the scripts. You can find further information on this document on changing to MySQL.
Congratulations! You have now set up the database.
3. Configuring the VMs for Traffic
The next big step is to create the connections between the instances. Let’s forget the LB for the time being and setup the DS first. We can add the LB afterwards. This way, it would be easier to identify the issue if something goes wrong.
- Navigate to the Networking tab in the VM. Here, you can find the currently existing inbound and outbound port rules. For the database instance, add a rule for the port (usually 3306) to communicate with CP and GW. Add the IP addresses of CP and GW instances to the source. You can find these values in the overview menu of the respective instances.
I recommend adding private IPs instead of public IPs to avoid connection interruptions.
- Next, add the necessary inbound/outbound rules for all the instances. The following diagram shows which instances need to communicate with each other. Even though I said we are going to add LB later, you can add the configurations for LB as well since it won’t affect the setup without the LB.
- For better security, you should only allow required connections to each port. But if you just want to test the setup, you can add a rule as follows to your instances. This is highly discouraged for a production environment.
Then ssh into each instance and add the IP addresses of the other instances. For that, use the command sudo nano /etc/hosts . Adding private IPs instead of public IPs will make the connections more reliable. You can find more information in this document on edit etc/hosts. An entry should look like,<ip_address> <hostname>
ex: 999.99.99.999 db.apim.com
Congratulations! You are on fire. However, try to see if the connections are working before you start celebrating. Try telnet <hostname> <port value> for that. For example, you can usetelnet db 3306 from CP instance. Here,db is the hostname I have given in the /etc/hosts file for the DB instance. Make sure all the necessary connections are working before moving into the next step.
4. Installing the Necessary Software for VMs
You will need to install a few programs to the instances where you are planning to host the APIM packs. They are,
- Java — If you have a local java setup pack, you can use it in Ansible script instead of installing to VM. If so, skip this step. Otherwise, use this link to download Java 17.
Make sure to set thejava_homevariable after installing Java. - Unzip —
sudo apt-get install unzip
I think now is a good time to take a breather. Have a coffee on me and then read the second part to finish the DS. Good luck mates!
