In this presentation, Gion Sialm (Head of IAM and Application Integration, FOITT) and Nils Eckert (Integration Consultant, Yenlo) shows how the full stack of WSO2 can be automated. The full stack includes both the platform and the configuration of APIs, queues, users, etc. They also explain solutions for some common pitfalls of WSO2 components.
2. Federal Office of Information Technology,
Systems and Telecommunication (FOITT)
2
Some key figures about the Federal Office
of Information Technology, Systems and
Telecommunication:
• Approximately 1,000 staff members
• 25,000 workplace systems
• 4,645 servers
• Almost 10 petabytes (PB = 1,024 TB)
of storage space
• 30 million incoming e-mails per month
• Manages more than 40,000 enterprise
users
5. Architecture of the First Platform
5
Service Providers (Machine-Machine)Service Providers (Human-Machine)
App 2
Filenet
App 3
SAP
App x
Domtrac
Logfilemanagement
Monitoring
Identity and Access Management (IAM)
App 1
Java
WSO2
Components
Gateways/ PEPs SOAPRASWeb …REST
6. Architecture of the Second Platform
6
Oracle Weblogic
Server
Service Providers (Machine-Machine)Service Providers (Human-Machine)
API Proxy Mail Server
Logfilemanagement
Monitoring
pop3s
JMS
http
s
ftps, scp, ldaps
API Pub/Store
Identity and Access Management (IAM)
Message
Broker
App x
http
s
Application
Core
AMPQ
ESB
Gateways/PEPs Web MailSOAP (SSL-GW) …
7. WSO2 Joint Architecture for both
Platforms
7
WSO2 Message Broker
JMS
WSO2 ESB
Service Provider (SL): Routes and Transformations Database
Schema
AMPQ
WSO2 API Mgmt
SOAP/REST
External Applications
Database
Schema
Queue Engine
Buffering messages
Database
Schema
Webservice Gateway (coarse autorisation)
http(s)
Internal Applications such as SAP
SOAP/REST
Gateway Publish StoreKeymgr
Processing Engine Error-handling
Processing Engine Error-handling
12. Infrastructure Setup
12
Reference and Test
Data Center 2
VM
APIMG ESB
DSS
MB
IS
DAS
APIMP
APIMS
APIMT
Data Center 1
VM
APIMG ESB
DSS
MB
IS
DAS
APIMP
APIMS
APIMT
13. Infrastructure Setup
13
Preproduction and Production
Data Center 1
VM1 APIMG APIMP
APIMSAPIMT
VM2
ESB MB
DSS
VM 3
DAS
VM 4
IS
Data Center 2
VM1
APIMG APIMP
APIMSAPIMT
VM2
ESB MB
DSS
VM 3
DAS
VM 4
IS
15. Pitfalls and Solutions
• Pitfall
– APIs are no longer available on the API Gateway after adding a new API
Gateway or after a full update of the API Gateway, but are still shown as
published in the Publisher
• Root cause
– API data for the API Gateway is stored locally on the file system and will not
automatically be created when a new API Gateway is added
• Solution
– Publish APIs after installation
15
API Manager
16. Pitfalls and Solutions
• Pitfall
– Custom service providers disappear in Identity Server Management Console
after using Identity Server as API Key Manager
• Root cause
– Using the Identity Server as Key Manager requires to change the database for
identity related data (which contains part of the data for service providers, but
not all)
• Solution
– Delete all service providers and re-create them afterwards
16
Identity Server (IS)
17. Pitfalls and Solutions
• Pitfall
– Search index gets corrupted after full update of DAS
• Root cause
– Search index is stored in local file system
• Solution
– Force DAS to re-index data after installation
17
Data Analytics Server (DAS)
19. Automation
• Infrastructure Setup and Stages
– 3 Different Infrastructure Setups (1 VM, 2 VMs, 8 VMs)
– 12 Stages
– 6 Network Zones
• Customization
– 700 changes on XML files
– 250 changes on flat files
– 100 changes on JSON
– 100 Rest Calls (SP for SSO, Secondary User Stores, Streams, etc.)
• Configuration
– 50 APIs, 30 applications and 80 subscriptions 19
Background
20. Automation
1. Standardize installation of complex platforms
2. Ensure consistency of all stages
3. Fast disaster recovery and updating of a platform
4. Simple configuration of the necessary adaptions
5. Fast search of adaptions
6. Simple installation of options such as SSO
20
Goals