Oracle API Gateway Installation

Oracle API Gateway Installation

• 1.
  Oracle API Gateway11.12.1.0 Installation Rakesh Gujjarlapudi Gujjarlapudi, Rakesh rakesh_gujj@yahoo.com
• 2.
  System Requirements Platform Oracle Linux5 Default Ports Traffic Port 8080 Management Port 8085 Minimum 1GB diskspace, 50GB recommended Minimum 4GB physical memory Admin Node Manager Default port used by admin node manager for monitoring & management is 8090 Oracle API Gateway Analytics Default port used for reporting, monitoring & management is 8040 Policy Studio Default URL address is http://hsotname.domain.com:8090/api 1|Page
• 3.
  Server Prerequisites Create agroup(oinstall & dba) & user aoracle [root@ ~]# groupadd -g 1000 oinstall [root@ ~]# groupadd -g 2000 dba [root@ ~]# useradd -c "oracle software owner" -u 1101 -g oinstall -G dba aoracle Change the owner of the installation folder to the newly created user & group [root@ ~]# chown -R aoracle:oinstall /data Update the sysctl.conf file [root@~]# vi /etc/sysctl.conf # Setting specific for Oracle Fusion Middleware kernel.shmmni = 4096 kernel.sem = 256 32000 100 128 fs.file-max = 6815744 fs.aio-max-nr = 1048576 kernel.hostname = soahost1.mydomain.com kernel.domainname = mydomain.com net.ipv4.ip_local_port_range = 9000 65500 net.core.rmem_default = 262144 net.core.wmem_default = 262144 net.core.rmem_max = 4194304 net.core.wmem_max = 1048576 kernel.msgmax = 8192 kernel.msgmnb = 65535 kernel.msgmni = 2878 Update the limits.conf file [root@ ~]# vi /etc/security/limits.conf # Settings specific to Oracle Fusion Middleware aoracle soft nofile 4096 aoracle hard nofile 65536 aoracle soft nproc 2047 aoracle hard nproc 16384 Update the login file [root@ ~]# vi /etc/pam.d/login 2|Page
• 4.
  # Setting relatedto Oracle Fusion Middleware session required /lib/security/pam_limits.s # Setting related to oracle Fusion Middleware Update the profile file [root@ ~]# vi /etc/profile if [ $USER = "aoracle" ]; then if [ $SHELL = "/bin/ksh" ]; then ulimit -Su 16383 ulimit -Hu 16383 ulimit -Sn 63535 ulimit -Hn 63535 else ulimit -Hn 63535 -Sn 63535 -Hu 16383 -Su 16383 fi fio Update the hosts.conf file [root@ ~]# vi /etc/hosts localhost localhost.localdomain localhost4 localhost4.localdomain4 XXX.XXX.XXX.XXX apigatetway-d.domain.com apigateway-d ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 Create .bash_profile in /home/aoracle # .bash_profile # Get the aliases and functions if [ -f ~/.bashrc ]; then . ~/.bashrc fi ############################################ # Common API GATEWAY 11g environment shortcuts ############################################ export PS1="u@h:$(pwd)> " export TMPDIR=/tmp export ORACLE_BASE=/u01/app/oracle export ORACLE_SHARE=/u01/share export PATH=$JAVA_HOME/bin: $PATH:. # User specific environment and startup programs PATH=$PATH:$HOME/bin export PATH 3|Page
• 5.
  Create a placeholder for software location [aoracle@ u01]$ cd software/ [aoracle@ $ ls ofm_osr_generic_11.1.1.6.0_disk1_1of1.zip [aoracle@software]$ unzip ofm_osr_generic_11.1.1.6.0_disk1_1of1.zip Archive: ofm_osr_generic_11.1.1.6.0_disk1_1of1.zip inflating: OSR111160_generic_.jar inflating: readme.txt inflating: registry.pdf inflating: sample.sql [aoracle@ software]$ Install and start VNC Server http://www.oracle-base.com/articles/linux/configuring-vnc-server-on-linux.php [root@ ~]# yum install tigervnc-server Complete! 4|Page
• 6.
  Installation GUI Installation /u01/software/apigateway/Linux/64bit chmod a+xOAG-11.1.2.1.0-linux-x64-installer.run ./ OAG-11.1.2.1.0-linux-x64-installer.run Installation Directory Enter installation directory /u01/app/oracle/apiGatewayHome/OAG Select Components Oracle API Gateway: The main API Gateway component, which enables you to create API Gateway instances. Oracle API Gateway Analytics: The web-based tool for monitoring and analyzing API use over a specified time. Oracle Policy Studio: The policy development and configuration tool 5|Page
• 7.
  Domain Connection API GatewayConfiguration Admin Node Manager Details Select the host apigateway-d.domain.com Port - 8090 6|Page
• 8.
  API Gateway Details APIGateway Name – Gateway API Gateway Group – Group1 7|Page
• 9.
  Final step ofthe installation Installing Installation complete 8|Page
• 10.
  Installation completed Start APIGateway instance cd /data/app/oracle/apiGatewayHome/OAG/apigateway/posix/bin startinstance –n “Server1” –g “Group1” 9|Page
• 11.
  Configure a ManagedDomain This topic describes how to use the managedomain script to configure a managed API Gateway domain. It shows how to register a host in a new domain, and create a new API Gateway instance. aoracle@:/u01/app/oracle/apiGatewayHome/OAG/apigateway/posix/bin> pwd /u01/app/oracle/apiGatewayHome/OAG/apigateway/posix/bin aoracle@:/u01/app/oracle/apiGatewayHome/OAG/apigateway/posix/bin> managedomain ------------------------------------------------------Manage Domain Menu ------------------------------------------------------Admin Node Manager: https://apigateway-d.devop.vertafore.com:8090 Host Management: 1) Register host 2) Edit a host 3) Delete a host 4) Change credentials for Admin Node Manager, currently connecting as: user 'admin' with truststore 'None' Gateway Server Management: 5) Create Gateway Server instance 6) Edit Gateway Server i.e. rename, change management port 7) Delete Gateway Server instance 8) Add a tag to Gateway Server 9) Delete a tag from Gateway Server 10) Add init.d script for existing local Gateway Server Group Management: 11) Edit group i.e. rename it 12) Delete a group Topology Management: 13) Print topology 14) Check topologies are in synch 15) Check the Admin Node Manager topology against another topology 16) Synch all topologies 17) Reset the local topology Deployment: 18) Deploy to a group 19) List deployment information 20) Create deployment archive 21) Download deployment archive 22) Update deployment archive properties 23) Change group configuration passphrase q) Quit Enter the following command to start the Admin Node Manager or local Node Manager on the registered host: aoracle@:/u01/app/oracle/apiGatewayHome/OAG/apigateway/posix/bin> nodemanager INFO 07/Nov/2013:22:49:30.541 [29e07720] Attempting to connect to entity store at federated:file:////data/app/oracle/apiGatewayHome/OAG/apigateway/conf/fed/configs.xml INFO 07/Nov/2013:22:49:39.133 [29e07720] sqlite initialized 10 | P a g e
• 12.
  INFO 07/Nov/2013:22:49:45.069 [29e07720]This Admin Node Manager is registered in the topology. INFO 07/Nov/2013:22:49:45.072 [29e07720] unload 0 modules from [local]-0-[local] INFO 07/Nov/2013:22:49:46.592 [29e07720] built explicit issuer chain for CN=nodemanager-1: INFO 07/Nov/2013:22:49:46.592 [29e07720] CN=nodemanager-1 INFO 07/Nov/2013:22:49:46.592 [29e07720] CN=apigateway-d.domain.com INFO 07/Nov/2013:22:49:46.595 [29e07720] cert store configured INFO 07/Nov/2013:22:49:46.599 [29e07720] keypairs configured INFO 07/Nov/2013:22:49:47.710 [29e07720] SSL/TCP interface INFO 07/Nov/2013:22:49:47.711 [29e07720] checking invariants for interface *:8090 ERROR 07/Nov/2013:22:49:47.711 [29e07720] failed to listen on address 0.0.0.0/8090: Address already in use. can't bind socket to address FATAL 07/Nov/2013:22:49:47.711 [29e07720] cannot listen on any address for interface *:8090 INFO 07/Nov/2013:22:49:47.711 [29e07720] no EDH key exchange INFO 07/Nov/2013:22:49:47.713 [29e07720] SSL session cache size for this interface: 32 INFO 07/Nov/2013:22:49:47.713 [29e07720] interface ciphers: DEFAULT INFO 07/Nov/2013:22:49:47.715 [29e07720] SSL context certificate { subject: /CN=nodemanager-1 } INFO 07/Nov/2013:22:49:47.744 [29e07720] serving content from /u01/app/oracle/apiGatewayHome/OAG/apigateway/webapps/emc/ at URI prefix / INFO 07/Nov/2013:22:49:47.745 [29e07720] serving content from /u01/app/oracle/apiGatewayHome/OAG/apigateway/webapps/kps at URI prefix /kps INFO 07/Nov/2013:22:49:47.746 [29e07720] serving content from /u01/app/oracle/apiGatewayHome/OAG/apigateway/docs/ at URI prefix /docs INFO 07/Nov/2013:22:49:47.763 [29e07720] Initializing Configuration Servlet INFO 07/Nov/2013:22:49:47.763 [29e07720] Starting ESSOAPProvider with entitystore INFO 07/Nov/2013:22:49:47.764 [29e07720] ESSOAPProvider initialized with entitystore INFO 07/Nov/2013:22:49:47.764 [29e07720] Configuration Servlet initialized INFO 07/Nov/2013:22:49:50.433 [29e07720] Initialized admin user store. Number of users: 1 Resource temporarily unavailable. service with PID 17717 already running Create an API Gateway Instance aoracle@:/u01/app/oracle/apiGatewayHome/OAG/apigateway/posix/bin> managedomain ------------------------------------------------------Manage Domain Menu ------------------------------------------------------Admin Node Manager: https://apigateway-d.domain.com:8090 Host Management: 1) Register host 2) Edit a host 3) Delete a host 4) Change credentials for Admin Node Manager, currently connecting as: user 'admin' with truststore 'None' Gateway Server Management: 5) Create Gateway Server instance 6) Edit Gateway Server i.e. rename, change management port 7) Delete Gateway Server instance 8) Add a tag to Gateway Server 9) Delete a tag from Gateway Server 10) Add init.d script for existing local Gateway Server Group Management: 11 | P a g e
• 13.
  11) Edit groupi.e. rename it 12) Delete a group Topology Management: 13) Print topology 14) Check topologies are in synch 15) Check the Admin Node Manager topology against another topology 16) Synch all topologies 17) Reset the local topology Deployment: 18) Deploy to a group 19) List deployment information 20) Create deployment archive 21) Download deployment archive 22) Update deployment archive properties 23) Change group configuration passphrase q) Quit Select option: 5 Enter Gateway Server name: <Name>_server Select a group: 1) Group1 2) Enter group name Enter selection from 1-2 [2]: 2 Enter group name: <Name>_group Use SSL [y]: y Select a host: 1) apigateway-d.domain.com 2) Enter host name Enter selection from 1-2 [apigateway-d.domain.com]: apigateway-d.domain.com Enter local management port for instance [8085]: 8095 Enter external traffic port for instance [8080]: 8080 Do you want to create an init.d script for this instance [n]: n The new Gateway Server '<Name>_server' in group '<Name>_group' has been successfully created and installed Start the new Gateway Server by executing the following command: /u01/app/oracle/apiGatewayHome/OAG/apigateway/posix/bin/startinstance -g "<Name>_group" -n "<Name>_server" You can alternatively add /u01/app/oracle/apiGatewayHome/OAG/apigateway/posix/bin/ to your path and use "startinstance -g "<Name>_group" -n "<Name>_server"". You can test the connection by visiting the URL: http://apigateway-d.domain.com:8080/healthcheck Hit enter to continue... Start instance aoracle@:/u01/app/oracle/apiGatewayHome/OAG/apigateway/posix/bin> startinstance -n "vertafore_server" -g "vertafore_group" INFO 07/Nov/2013:23:03:18.682 [c4725720] Attempting to connect to entity store at federated:file:////data/app/oracle/apiGatewayHome/OAG/apigateway/groups/group-3/instance- 12 | P a g e
• 14.
  2/../conf/b264ca03-7119-45e9-8b24-238e6d047f12/configs.xml INFO 07/Nov/2013:23:03:28.132 [c4725720]sqlite initialized INFO 07/Nov/2013:23:03:28.152 [c4725720] unload 0 modules from [local]-0-[local] INFO 07/Nov/2013:23:03:28.576 [c4725720] Realtime monitoring enabled INFO 07/Nov/2013:23:03:28.579 [c4725720] Storing metrics in database disabled INFO 07/Nov/2013:23:03:30.290 [c4725720] cert store configured INFO 07/Nov/2013:23:03:30.293 [c4725720] keypairs configured INFO 07/Nov/2013:23:03:31.709 [b74b8700] opened database conf/opsdb.d/data.sdb INFO 07/Nov/2013:23:03:31.709 [b74b8700] traffic monitor details: data directory: conf/opsdb.d INFO 07/Nov/2013:23:03:31.715 [b74b8700] initialising traffic monitor database INFO 07/Nov/2013:23:03:31.760 [b74b8700] conf/opsdb.d currently using 0 bytes in 0 live files (0 orphaned) INFO 07/Nov/2013:23:03:32.390 [c4725720] TCP interface INFO 07/Nov/2013:23:03:32.391 [c4725720] checking invariants for interface *:8081 INFO 07/Nov/2013:23:03:32.391 [c4725720] interface is disabled INFO 07/Nov/2013:23:03:32.869 [c4725720] TCP interface INFO 07/Nov/2013:23:03:32.870 [c4725720] checking invariants for interface *:8080 ERROR 07/Nov/2013:23:03:32.870 [c4725720] failed to listen on address 0.0.0.0/8080: Address already in use. can't bind socket to address FATAL 07/Nov/2013:23:03:32.870 [c4725720] cannot listen on any address for interface *:8080 INFO 07/Nov/2013:23:03:32.909 [c4725720] serving content from /u01/app/oracle/apiGatewayHome/OAG/apigateway/webapps/apiadmin/lib/ at URI prefix /lib INFO 07/Nov/2013:23:03:32.966 [c4725720] serving content from /u01/app/oracle/apiGatewayHome/OAG/apigateway/webapps/apiadmin/ at URI prefix / INFO 07/Nov/2013:23:03:34.821 [c4725720] SSL/TCP interface INFO 07/Nov/2013:23:03:34.821 [c4725720] checking invariants for interface *:8089 INFO 07/Nov/2013:23:03:34.821 [c4725720] interface is disabled INFO 07/Nov/2013:23:03:34.821 [c4725720] no EDH key exchange INFO 07/Nov/2013:23:03:34.823 [c4725720] SSL session cache size for this interface: 32 INFO 07/Nov/2013:23:03:34.823 [c4725720] interface ciphers: DEFAULT INFO 07/Nov/2013:23:03:34.825 [c4725720] SSL context certificate { subject: /CN=Change this for production } INFO 07/Nov/2013:23:03:34.971 [c4725720] SSL/TCP interface INFO 07/Nov/2013:23:03:34.971 [c4725720] checking invariants for interface localhost:8095 INFO 07/Nov/2013:23:03:34.971 [c4725720] listen on address: ::1:8095 INFO 07/Nov/2013:23:03:34.972 [c4725720] listen on address: 127.0.0.1:8095 INFO 07/Nov/2013:23:03:34.972 [c4725720] using supplied DH parameters of size 512 INFO 07/Nov/2013:23:03:34.973 [c4725720] SSL session cache size for this interface: 32 INFO 07/Nov/2013:23:03:34.973 [c4725720] interface ciphers: DEFAULT INFO 07/Nov/2013:23:03:34.973 [c4725720] add client CA certificate /CN=apigateway-d.domain.com INFO 07/Nov/2013:23:03:34.975 [c4725720] opened database conf/opsdb.d/data.sdb INFO 07/Nov/2013:23:03:34.975 [c4725720] traffic monitor details: data directory: conf/opsdb.d INFO 07/Nov/2013:23:03:34.976 [c4725720] operations DB responder for conf/opsdb.d waiting for requests on /ops/ INFO 07/Nov/2013:23:03:35.711 [c4725720] starting 4 idle netsvc threadpool threads. Max 1024 INFO 07/Nov/2013:23:03:35.711 [c4725720] service started (version 7.1.1-2013-01-31, pid 20946) 13 | P a g e
• 15.
  14 | Pa g e
• 16.
  Check Installation API GatewayURL https://apigateway-d.domain.com:8090/ Username / Password – admin/changeme MONITORING 15 | P a g e
• 17.
  API SERVICE MANAGER TRAFFIC LOGS 16| P a g e
• 18.
  EVENTS SETTINGS 17 | Pa g e
• 19.
  Install Policy Studio LaunchPolicy Studio from local machine Connect to remote server API Gateway instance 18 | P a g e
• 20.
  19 | Pa g e
• 21.
  Install Oracle APIGateway Analytics Create a database instance CREATE TABLESPACE DEV_apigateway DATAFILE '/data/OFMDB01/devapigateway01.dbf' SIZE 10M REUSE AUTOEXTEND ON NEXT 1M MAXSIZE UNLIMITED EXTENT MANAGEMENT LOCAL SEGMENT SPACE MANAGEMENT AUTO; Create a database user DEV_APIGATEWAY Run the following scripts /data/app/oracle/apiGatewayHome/OAG/oaganalytics/system/conf/sql/oracle db_schema.sql kps.sql oauth2_schema.sql Configure API Gateway Analytics aoracle@:/u01/app/oracle/apiGatewayHome/OAG/oaganalytics/posix/bin> ./configureserver Connecting to configuration at : federated:file:////u01/app/oracle/apiGatewayHome/OAG/oaganalytics/conf/fed/configs.xml Listening port : 1521 Configuring Database: Default Database Connection Database URL [jdbc:oracle:thin:@<SERVER_NAME>:<PORT>/<SID>]: Database user name: Database password: Enable report generation (Y, N) [Y]: y Report generation process connects as user name [admin]: Report generation process connects using password [********]: Report output directory [/data/app/oracle/apiGatewayHome/reports]: Email reports (Y, N) [Y]: y Default email recipient: Email from: Choose SMTP connection type: 0) None 1) SSL 2) TLS/SSL Choice [0]: SMTP host [localhost]: SMTP port [25]: SMTP user name [aoracle]: SMTP password [*******]: Delete report file after emailing (Y, N) [N]: Press enter to exit... aoracle@:/u01/app/oracle/apiGatewayHome/OAG/oaganalytics/posix/bin> 20 | P a g e