From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Â
Oracle api gateway installation as cluster and single node
1. Oracle API Gateway Installation & Configuration as Cluster/Single Node
Osama Mustafa https://www.osamaoracle.com
Introduction:-
This Article explains how to configure Oracle API Gateway as cluster on Solaris SPARC , the software can
be download from here, Before Installing API Gateway you need to consider which components you
require. Some components, for example, API Gateway Analytics, have additional requirements, such as a
database, there is different components that could be installed such as Policy Studio, there is no much
documentation that discuss how to configure the Cluster for this product so I choose to write one and
be the first. The version of the API Gateway that used in this article is Release 11.1.2.4.0 which is the
latest.
Before we start:-
In my case the Operating system was Solaris SPARC 11.3, for the same operating system user you may
have the same issue during the fresh installation when extraction the file, the solution for this contact
Oracle Support and provide them with the logs and they will send you special software not uploaded to
OTN or EDelivery, the error :-
System requirements:-
*sys-package-mgr*: pro cessing new jar, '/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-
gw-node1/apigateway/SunOS.sun4u-
32/jre/lib/ext/ucrypto.jar'
*sys-package-mgr*: proc essing new jar, '/usr/jdk/packages/javax.help-2.0/lib/jhall.jar'
error importing site
java.lang.NullPointe rException
at org.python.objectweb.asm.I tem.a(Unknown Source)
at org.python.objectweb.asm.ClassWriter.a(Unknown S ource)
at org.python.objectweb.asm.ClassWriter.a(Unknown Source)
at org.python.objectweb.asm.MethodWriter.visitMethodInsn(U nknown Source)
at org.python.compiler.Code.invokevirtual(Code.java:481)
at org.python.compiler.CodeCompiler.invokeNoKeywords(C odeCompiler.java:1778)
at org.python.compiler.CodeCompiler.visitCall(CodeCompiler.java:1800)
at org.python.antlr.ast.Call.accept(Call.java:247)
at org.python.antlr.Visitor.visit(Visitor.java:26)
at org.python.compiler.CodeCompiler.invokeNo Keywords(CodeCompiler.java:1737)
at org.python.compiler.CodeCompiler.visitCall(CodeCompiler.java:1800)
at org.python.antlr.ast.Call.accept(Call.java:247)
at org.python.antlr.Visitor.visit(Visitor.java:26)
at org.python.compiler.CodeCompiler.visitExpr( CodeCompiler.java:534)
at org.python.antlr.ast.Expr.accept(Expr.java:116)
at org.python.antlr.Visitor.visit(Visitor.java:26)
at org.python.compiler.CodeCompiler.suite(Cod eCompiler.java:1449)
at org.python.compiler.CodeCompiler.doTest(CodeCompiler.java:1097 )
2. Oracle API Gateway Installation & Configuration as Cluster/Single Node
Osama Mustafa https://www.osamaoracle.com
ï· Check the Operating system.
ï· Minimum 2 GB free disk space, 50 GB recommended.
ï· Minimum 4 GB physical memory.
API Gateway Analytics supports the following databases:
ï· MySQL Server 5.1, 5.6
ï· Microsoft SQL Server 2005, 2008, 2012
ï· Oracle 11.2.0.1.0, 12.1.0.1.0
ï· IBM DB2 9.7, 10.5
Disable IPv6 By comment the following line /etc/hosts :-
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
Installation:-
Locate and run the setup file for your operating system. For example:
ï· Windows
o OAG-11.1.2.4.0-windows-installer.exe
ï· Linux/Unix
o OAG-11.1.2.4.0-linux-installer.run
The above command is how to run the installation on different Operating system so letâs start running
the installation file on Solaris.
ï· First of all since itâs cluster we need to modify the /etc/host to include the both nodes and this
step should be done on both nodes ,like the below :-
192.168.56.11 api-gw-node1.localdomain api-gw-node1
192.168.56.12 api-gw-node2.localdomain api-gw-node2
ï· [Optional], Just to test thatâs everything is working use ping command like the below :-
ping api-gw-node1
ping api-gw-node2
The installation is proved to be correct by doing this and getting the success ping results on each
node of the configuration before starting the OAG cluster installation, include to this the
Installation should be done by Oracle user and not root as some of the mentioned Blogs on the
internet.
3. Oracle API Gateway Installation & Configuration as Cluster/Single Node
Osama Mustafa https://www.osamaoracle.com
ï· Create Oracle user, in case still fresh operating system.
groupadd -g 1000 oinstall
groupadd -g 1300 dba
groupadd -g 1301 oper
useradd -m -u 1101 -g oinstall -G dba,oper -d /export/home/oracle -s /bin/bash -c "Oracle
Software Owner" oracle
passwd oracle ï for the password
mkdir -p /u01/app/oracle
chown -R oracle:oinstall /u01/app/oracle
chmod -R 775 /u01
ï· Extract the files under /u01/app/oracle, after this the apigateway folder will be there inside it
the following directory will be exist posix/bin which is the command line for apigateway.
ï· Run the following command, for the first time it will start generate files (only for the first time)
as you see from the below:-
o ./managedomain âmenu
*sys-package-mgr*: processing new jar, '/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-
node2/apigateway/SunOS.sun4u-32/jre/lib/resources.jar'
*sys-package-mgr*: processing new jar, '/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-
node2/apigateway/SunOS.sun4u-32/jre/lib/rt.jar'
*sys-package-mgr*: processing new jar, '/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-
node2/apigateway/SunOS.sun4u-32/jre/lib/jsse.jar'
*sys-package-mgr*: processing new jar, '/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-
node2/apigateway/SunOS.sun4u-32/jre/lib/jce.jar'
*sys-package-mgr*: processing new jar, '/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-
node2/apigateway/SunOS.sun4u-32/jre/lib/charsets.jar'
*sys-package-mgr*: processing new jar, '/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-
node2/apigateway/SunOS.sun4u-32/jre/lib/jfr.jar'
*sys-package-mgr*: processing new jar, '/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-
node2/apigateway/SunOS.sun4u-32/jre/lib/ext/zipfs.jar'
*sys-package-mgr*: processing new jar, '/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-
node2/apigateway/SunOS.sun4u-32/jre/lib/ext/dnsns.jar'
*sys-package-mgr*: processing new jar, '/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-
node2/apigateway/SunOS.sun4u-32/jre/lib/ext/localedata.jar'
*sys-package-mgr*: processing new jar, '/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-
node2/apigateway/SunOS.sun4u-32/jre/lib/ext/ucrypto.jar'
*sys-package-mgr*: processing new jar, '/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-
node2/apigateway/SunOS.sun4u-32/jre/lib/ext/sunjce_provider.jar'
*sys-package-mgr*: processing new jar, '/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-
node2/apigateway/SunOS.sun4u-32/jre/lib/ext/sunpkcs11.jar'
*sys-package-mgr*: processing new jar, '/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-
node2/apigateway/SunOS.sun4u-32/jre/lib/ext/sunec.jar'
*sys-package-mgr*: processing new jar, '/usr/jdk/packages/javax.help-2.0/lib/jhall.jar'
4. Oracle API Gateway Installation & Configuration as Cluster/Single Node
Osama Mustafa https://www.osamaoracle.com
After the above extraction will complete, it will be waiting the user to insert the username & password
the below is the default:-
Username: admin
Password: changeme
ï· Now the menu will be appeared like the below :-
As from the above figure since itâs fresh without any prior configuration we need to register the host,
therefore option #1.
-------------------------------------------------------
Manage Domain Menu
-------------------------------------------------------
Admin Node Manager: https://localhost:8090
Host Management:
1) Register host
2) Edit a host
3) Delete a host
4) Change Admin Node Manager and/or credentials, currently connecting as:
user 'admin' with truststore 'None'
Gateway Server Management:
5) Create Gateway Server instance
6) Edit Gateway Server (i.e., rename, change management port)
7) Delete Gateway Server instance
8) Add a tag to Gateway Server
9) Delete a tag from Gateway Server
10) Add init.d script for existing local Gateway Server
Group Management:
11) Edit group (i.e., rename)
12) Delete a group
Topology Management:
13) Print topology
14) Check topologies are in sync
15) Check the Admin Node Manager topology against another topology
16) Sync all topologies
17) Reset the local topology
Deployment:
18) Deploy to a group
19) List deployment information
20) Create deployment archive
21) Download deployment archive
22) Update deployment archive properties
23) Change group configuration passphrase
Domain SSL certificates:
24) Regenerate SSL certificates on localhost
25) Sign Certificate Signing Request (CSR)
26) Submit externally signed certificate
q) Quit
Select option: 1
5. Oracle API Gateway Installation & Configuration as Cluster/Single Node
Osama Mustafa https://www.osamaoracle.com
ï· Once insert the number as option the configuration will start as question& answer
Is this the first host (Admin Node Manager) in the domain [y]: y
Enter details of the new host to be registered...
Select/enter local hostname or IP address:
1) soaapiprn2.localhost.com
2) soaapiprn2.localhost.com
3) 10.1.213.13
4) Enter hostname or IP address
Enter selection from 1-4 [1]:
Enter port [8090]:
Enter Node Manager name [Node Manager on soaapiprn1.localhost.com]:
Select option for certificate management for internal SSL communications:
1) Use system generated CA key and certificate to sign all SSL certificates
2) Use user provided CA key and certificate to sign all SSL certificates
3) All SSL certificates must be signed by an external CA
Enter selection from 1-3 [1]:
Enter passphrase for domain CA private key [none]:
Does this new Node Manager have admin capabilities, i.e. is it an Admin Node Manager ? [n]:
Enter signing algorithm for certificates [sha1]:
Enter passphrase for temporary key files stored on disk [none]:
The default subject alternative names for the Node Manager's certificate are:
DNS.1 = soaapiprn1.localhost.com
IP.1 = 10.1.213.11
Accept the default subject alternative names [y]:
Enter details of the Admin Node Manager already registered in the domain...
Enter trust store filename:
Do you want to create an init.d script for this Node Manager [n]:
Do you wish to edit metrics configuration (y or n) ? [n]:
Adding localhost to topology as 'soaapiprn1.localhost.com'...
Added 'soaapiprn1.localhost.com' host to topology successfully.
Getting Node Manager Group from topology...
Getting Gateway Server group configurations...
Getting new Node Manager topology id...
Topology id nodemanager-2, assigned to new Node Manager.
Generating private key...
Generating CSR for key...
Requesting signed certificate from Admin Node Manager...
Signed certificate received from Admin Node Manager.
New Node Manager SSL certificate details:
dname: CN=nodemanager-2,OU=group-1,DC=host-2
expires: Tue Sep 20 12:46:11 AST 2118
thumbprint: 2C:D8:F7:21:AA:33:16:C8:7C:62:23:E7:50:1D:16:22:AB:CC:98:94
issuer dname: CN=Domain
issuer thumbprint: E1:AD:D8:DE:2D:01:AB:FC:A6:F9:03:61:81:72:AE:77:66:CC:C9:86
Registering Node Manager 'Node Manager on soaapiprn1.localhost.com' for Host
'soaapiprn2.localhost.com' into topology...
Completed successfully.
You may now start the Node Manager on your newly registered host.
Configuring groups...
Completed successfully.
Completed successfully.
You may now start your newly registered Node Manager.
6. Oracle API Gateway Installation & Configuration as Cluster/Single Node
Osama Mustafa https://www.osamaoracle.com
Notes:-
ï· Donât Change the answer of the default value if you are not sure of what you are doing this will
effect on the api gateway later.
ï· Till this step you only configured the OAG for one node and if the node manager will be start using
command â./nodemanagerâ under the same directory it will be working without any issue.
ï· To check if the installation is working fine without any issue, start the nodemanager using the
above command and run the below command:-
So far this is single node configuration, to start the cluster configuration upload the OAG
software to node #2 and follow the below steps:-
ï· The installation is the same as node #1 but the only difference is that instead of answering one of
the question which is about admin node the answer should be no, I marked what I mean in bold font
with green color to allow user to understand more
-bash-3.2$ ./managedomain -p --username admin --password changeme
Topology contents:
Version: 3
Last updated: Sun Oct 14 12:46:14 AST 2018
Hosts:
|
---soaapiprn1.localhost.com [host-1]
Admin Node Managers:
|
---Node Manager on soaapiprn1.localhost.com [nodemanager-1]
(https://soaapiprn1.localhost.com:8090)
7. Oracle API Gateway Installation & Configuration as Cluster/Single Node
Osama Mustafa https://www.osamaoracle.com
Is this the first host (Admin Node Manager) in the domain [y]: n
Enter details of the new host to be registered...
Select/enter local hostname or IP address:
1) soaapiprn2.localhost.com
2) soaapiprn2.localhost.com
3) 10.1.213.13
4) Enter hostname or IP address
Enter selection from 1-4 [1]:
Enter port [8090]:
Enter Node Manager name [Node Manager on soaapiprn2.localhost.com]:
Select option for certificate management for internal SSL communications:
1) Use system generated CA key and certificate to sign all SSL certificates
2) Use user provided CA key and certificate to sign all SSL certificates
3) All SSL certificates must be signed by an external CA
Enter selection from 1-3 [1]:
Enter passphrase for domain CA private key [none]:
Does this new Node Manager have admin capabilities, i.e. is it an Admin Node Manager ? [n]:
Enter signing algorithm for certificates [sha1]:
Enter passphrase for temporary key files stored on disk [none]:
The default subject alternative names for the Node Manager's certificate are:
DNS.1 = soaapiprn2.localhost.com
IP.1 = 10.1.213.13
Accept the default subject alternative names [y]:
Enter details of the Admin Node Manager already registered in the domain...
Enter Admin Node Manager host: soaapiprn1.localhost.com
Enter Admin Node Manager port [8090]:
Enter username [admin]:
Enter password [changeme]:
Reenter password [changeme]:
Enter trust store filename:
Do you want to create an init.d script for this Node Manager [n]:
Do you wish to edit metrics configuration (y or n) ? [n]:
Adding localhost to topology as 'soaapiprn2.localhost.com'...
Added 'soaapiprn2.localhost.com' host to topology successfully.
Getting Node Manager Group from topology...
Getting Gateway Server group configurations...
Getting new Node Manager topology id...
Topology id nodemanager-2, assigned to new Node Manager.
Generating private key...
Generating CSR for key...
Requesting signed certificate from Admin Node Manager...
Signed certificate received from Admin Node Manager.
New Node Manager SSL certificate details:
dname: CN=nodemanager-2,OU=group-1,DC=host-2
expires: Tue Sep 20 12:46:11 AST 2118
thumbprint: 2C:D8:F7:21:AA:33:16:C8:7C:62:23:E7:50:1D:16:22:AB:CC:98:94
issuer dname: CN=Domain
issuer thumbprint: E1:AD:D8:DE:2D:01:AB:FC:A6:F9:03:61:81:72:AE:77:66:CC:C9:86
Registering Node Manager 'Node Manager on soaapiprn2.localhost.com' for Host
'soaapiprn2.localhost.com' into topology...
Completed successfully.
You may now start the Node Manager on your newly registered host.
Configuring groups...
Completed successfully.
Completed successfully.
You may now start your newly registered Node Manager.
8. Oracle API Gateway Installation & Configuration as Cluster/Single Node
Osama Mustafa https://www.osamaoracle.com
ï· To check the topology again now run the following command again, as from the below the
configuration contains only one admin Node which mean if node #1 is down the OAG will remain
working but I will not be able to manage from the console ( will solve this issue late ) :-
ï· From the below the OAG is run and running without any issue but the instance itâs not created yet,
the instance is responsible about gather the traffic for each node as you see from the below:-
-bash-3.2$ ./managedomain -p --username admin --password changeme
Topology contents:
Version: 3
Last updated: Sun Oct 14 12:46:14 AST 2018
Hosts:
|
---soaapiprn1.kockw.com [host-1]
---soaapiprn2.kockw.com [host-2]
Admin Node Managers:
|
---Node Manager on soaapiprn1.kockw.com [nodemanager-1]
(https://soaapiprn1.kockw.com:8090)
Node Managers:
|
---Node Manager on soaapiprn2.kockw.com [nodemanager-2]
(https://soaapiprn2.kockw.com:8090)
9. Oracle API Gateway Installation & Configuration as Cluster/Single Node
Osama Mustafa https://www.osamaoracle.com
ï· From the console https://node1:8090/ (The username and password by default are:
admin/changeme) , press on Menu ï New Group
ï· Access the manage domain again by â./managedomainâ to create the instance and connected to
The group that we created in the previous step, and note this step should be done on both node to
create instance for node #1 & node #2.
10. Oracle API Gateway Installation & Configuration as Cluster/Single Node
Osama Mustafa https://www.osamaoracle.com
-------------------------------------------------------
Manage Domain Menu
-------------------------------------------------------
Admin Node Manager: https://soaapiprn1.localhost.com:8090
Host Management:
1) Register host
2) Edit a host
3) Delete a host
4) Change Admin Node Manager and/or credentials, currently connecting as:
user 'admin' with truststore 'None'
Gateway Server Management:
5) Create Gateway Server instance
6) Edit Gateway Server (i.e., rename, change management port)
7) Delete Gateway Server instance
8) Add a tag to Gateway Server
9) Delete a tag from Gateway Server
10) Add init.d script for existing local Gateway Server
Group Management:
11) Edit group (i.e., rename)
12) Delete a group
Topology Management:
13) Print topology
14) Check topologies are in sync
15) Check the Admin Node Manager topology against another topology
16) Sync all topologies
17) Reset the local topology
Deployment:
18) Deploy to a group
19) List deployment information
20) Create deployment archive
21) Download deployment archive
22) Update deployment archive properties
23) Change group configuration passphrase
Domain SSL certificates:
24) Regenerate SSL certificates on localhost
25) Sign Certificate Signing Request (CSR)
26) Submit externally signed certificate
q) Quit
Select option: 5
Enter Gateway Server name: soaapiprn2
Select a group:
1) ServiceGroup
2) Enter group name
Enter selection from 1-2 [2]: 1
Select a host:
1) soaapiprn1.localhost.com
2) soaapiprn2.localhost.com
3) Enter host name
Enter selection from 1-3 [soaapiprn1.localhost.com]:
Enter local management port for instance [8085]:
Enter external traffic port for instance [8080]:
Do you want to create an init.d script for this instance [n]:
11. Oracle API Gateway Installation & Configuration as Cluster/Single Node
Osama Mustafa https://www.osamaoracle.com
ï· After creation and completed successfully for instance on both node back to console and start the
both instance by press on it and start.
Select option for certificate management for internal SSL communications:
1) Use system generated CA key and certificate to sign all SSL certificates
2) Use user provided CA key and certificate to sign all SSL certificates
3) All SSL certificates must be signed by an external CA
Enter selection from 1-3 [1]:
Enter passphrase for domain CA private key [none]:
Enter signing algorithm for certificates [sha1]:
Enter passphrase for temporary key files stored on disk [none]:
Requesting CSR from Admin Node Manager...
CSR received from Admin Node Manager.
Requesting signed certificate from Admin Node Manager...
Signed certificate received from Admin Node Manager.
Requesting Admin Node Manager to create new Gateway Server...
New Gateway Server SSL certificate details:
dname: CN=instance-2,OU=group-2,DC=host-2
expires: Wed Sep 21 11:00:33 AST 2118
thumbprint: 24:D9:A0:B0:98:3B:8E:4C:E1:48:D1:2D:81:00:4E:C7:07:FA:06:84
issuer dname: CN=Domain
issuer thumbprint: 09:D9:85:CE:DE:76:5B:45:4D:F4:61:44:69:A5:19:11:2A:25:A0:23
The new Gateway Server 'soaapiprn1' in group 'ServiceGroup' has been successfully created and installed
Start the new Gateway Server by executing the following command:
/u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-node2/apigateway/posix/bin/startinstance -g "ServiceGroup" -
n "soaapiprn2"
You can alternatively add /u01/app/oracle/product/fmw/oag.11.1.2.2.0/api-gw-node2/apigateway/posix/bin/ to
your path and use "startinstance -g "ServiceGroup" -n "soaapiprn1"".
You can test the connection by visiting the URL:
http://soaapiprn1.localhost.com:8080/healthcheck
Completed successfully.
12. Oracle API Gateway Installation & Configuration as Cluster/Single Node
Osama Mustafa https://www.osamaoracle.com
ï· Policy Studio(Required) and other tools(which is optional and depends on your requirement) you
can either install on Service Provider Node as mentioned in above document or you can install in
Admin Node manager nodemanager-1.
ï·
ï· We talked about that Admin domain is only working on one node, in that case if something
happened to node #1 it will not be able to access & monitor the whole dashboard to solve this issue
from Node #2 run the below command :-
o ./managedomain --edit_host --host soaapiprn2.localhost.com --is_admin
ï· Check the topology again
-bash-3.2$ ./managedomain -p --username admin --password changeme
Topology contents:
Version: 9
Last updated: Tue Oct 23 11:35:27 AST 2018
Hosts:
|
---soaapiprn1.localhost.com [host-1]
---soaapiprn2.localhost.com [host-2]
Admin Node Managers:
|
---Node Manager on soaapiprn1.localhost.com [nodemanager-1]
(https://soaapiprn1.localhost.com:8090)
---Node Manager on soaapiprn2.localhost.com [nodemanager-2]
(https://soaapiprn2.localhost.com:8090)
Groups:
|
---ServiceGroup [group-2]
|
---soaapiprn1 [instance-1] (https://soaapiprn1.localhost.com:8085)
---soaapiprn2 [instance-2] (https://soaapiprn2.localhost.com:8085)