Kubernetes/Openshift Resources for container-based deployments of WSO2 API Manager (APIM)
In the context of this document,
KUBERNETES_HOMEwill refer to a local copy ofwso2/kubernetes-apimgit repository.
git clone https://github.com/wso2/kubernetes-apim.git
git checkout tags/v2.1.0-2
2. Pull required Docker images from WSO2 Docker Registry using docker pull:
docker login docker.wso2.com
docker pull docker.wso2.com/wso2am-analytics-kubernetes:2.1.0
docker pull docker.wso2.com/wso2am-kubernetes:2.1.0
docker pull docker.wso2.com/apim-rdbms-kubernetes:2.1.0
You can also build the docker images by following the guide in
KUBERNETES_HOME/base/README.md. Same images can be used for Openshift.
Copy the required Docker images over to the Kubernetes Nodes (ex: use docker save to create a tar file of the
required image, scp the tar file to each node, and then use docker load to load the image from the copied tar file
on the nodes). Alternatively, if a private Docker registry is used, transfer the images there.
-
Network File System (NFS) is used as the persistent volume for API Manager servers. Therefore setting up NFS is required to deploy any pattern. Complete the following.
- Update the NFS server IP in `KUBERNETES_HOME/pattern-X/artifacts/volumes/persistent-volumes.yaml'
- Create required directories in NFS server for each pattern as mentioned in
KUBERNETES_HOME/pattern-X/artifacts/volumes/persistent-volumes.yamleg: For pattern-1, create directories as '/exports/pattern-1/apim'
-
It is recommend to use a mysql or any database cluster in a production environment. Only 1 mysql container is used with host path mount in these deployments.
-
Deploy on Kubernetes
- Create a namespace called wso2.
kubectl create namespace wso2- Create a service account called wso2svcacct in wso2 namespace.
kubectl create serviceaccount wso2svcacct -n wso2- Deploy any pattern by running
deploy-kubernetes.shscript inside pattern folder (KUBERNETES_HOME/pattern-X/).
./deploy-kubernetes.sh-
Access Management Console Using the following command to list ingresses in the deployment.
kubectl get ingressAdd relevant hosts and IP addresses to /etc/hosts file.
Sample Access URLs (This will vary based on the pattern)
https://wso2apim
https://wso2apim-analytics
https://wso2apim-gw -
Undeploy any pattern by running
undeploy-kubernetes.shscript inside pattern folder (KUBERNETES_HOME/pattern-X/).
./undeploy-kubernetes.sh -
Deploy on Openshift
- Create a user called admin and assign the cluster-admin role. (Cluster-admin user is used to deploy openshift artifacts)
oc login -u system:admin oc create user admin --full-name=admin oc adm policy add-cluster-role-to-user cluster-admin admin- Create a new project called wso2.
oc new-project wso2 --description="WSO2 API Manager 2.1.0" --display-name="wso2"- Create a service account called wso2svcacct in wso2 project and assign anyuid security context constraint.
oc create serviceaccount wso2svcacct oc adm policy add-scc-to-user anyuid -z wso2svcacct -n wso2- Deploy any pattern by running
deploy-openshift.shscript inside pattern folder (KUBERNETES_HOME/pattern-X/).
./deploy-openshift.sh-
Access Management Console Using the following command to list the routes in the deployment.
oc get routesAdd relevant hosts and IP addresses to /etc/hosts file.
Sample Access URLs (This will vary based on the pattern)
https://wso2apim
https://wso2apim-analytics
https://wso2apim-gw -
Undeploy any pattern by running
undeploy-openshift.shscript inside pattern folder (KUBERNETES_HOME/pattern-X/).
./undeploy-openshift.sh
- Configurations are bind with wso2 namespace. If you are changing the hostnames or the namespace, do the following.
- Change wso2.svc to
<namespace>.svcin all the configuration files. - Update the KUBERNETES_NAMESPACE parameter with the correct namespace in all the axis2.xml files.
- Update docker base images.
- Use a CA signed certificate and update client-truststore.jks and wso2carbon.jks files
- Change wso2.svc to
Tested in OpenShift v3.6.0 and Kubernetes v1.6.1
NFS is tested in Kubernetes v1.6.1