WSO2 API-M Puppet module - wso2

I would like to implement a distributed architecture using API-Manager. There are several patterns to use according to WSO2 deployment guide (https://docs.wso2.com/display/AM210/Deployment+Patterns). I'm interested in pattern 4.
I would like to know if there is any puppet module already available for these new patterns or when they are planned to be released.
Thank you very much

WSO2 hasn't released puppet modules for latest patterns. You can refer the latest (https://github.com/wso2/puppet-apim/releases/tag/v2.1.0.1).

Related

Vulnerability fix for Apache Commons Text with wso2 carbon libraries

I am looking out for suggestions on the recent vulnerability(https://blogs.apache.org/security/entry/cve-2022-42889) which is also coming from the wso2 IS 5.11 binary downloaded from(https://github.com/wso2/product-is/releases/tag/v5.11.0) and the carbon libraries we are using in custom plugins like:
<groupId>org.wso2.carbon.identity.framework</groupId><artifactId>org.wso2.carbon.identity.mgt</artifactId>
<version>5.18.187</version>
<groupId>org.wso2.carbon.identity.framework</groupId>
<artifactId>org.wso2.carbon.identity.application.authentication.framework</artifactId>
<version>5.18.187</version>
<groupId>org.wso2.carbon.identity.framework</groupId>
<artifactId>org.wso2.carbon.identity.provisioning</artifactId>
<version>5.18.187</version>
As there any upgrades to these which is compatible with wso2 IS v5.11?
From wso2 advisories, it is mentioned that the vulnerability has no impact on the products [1] since the preconditions are not met and the team promises of fixing the vulnerable versions and (paid) customers will be able to obtain it through their security update once it is available. Along with this effort, the public fix will be done for the current public branch and will be available if you build the product-is from the repository. The timeline for the public fix is yet to be known.
And the suggested upgrade would be to 1.10.0 of Apache Commons Text library for 5.11.0.
This library comes to Identity server 5.11 pack mainly through Forget me tool. And in the latest release (wso2is-6.0.0), forget me tool has been externalized[2] which could be used in the product on demand.
Refer:
[1] https://docs.wso2.com/display/Security/CVE-2022-42889
[2] https://is.docs.wso2.com/en/latest/deploy/remove-references-to-deleted-user-identities/#building-the-identity-anonymization-tool

WSO2 BPS Tooling Link Could Not Be Found When Installing the BPS Tooling Plugin

I'm currently following the WSO2 documentation on installing the BPS tooling plugin and the link given for the BPS tooling is not working(Step 4).
https://docs.wso2.com/display/BPS360/Installing+the+BPS+Tooling+Plug-In
Any resolution or an alternative method to install the same is highly appreciated.
Thanks in advance.
You should not be referring to these documents. These are for the old BPS server, which was later merged with EI and now it's discontinued. BPMN and BPEL extensions are already there in Integration Studio, hence you don't have to install any additional plugins. You can simply create a new project with the relevant type and start building your workflows. Here are tutorials you can refer to.

WSO2 APIM: Configuration variables

(I know that this sounds as a newbie questions, but, you know, really, I don't finde the answer in docs)
In WSO2 products, and specifically in API Manager (2.1.0), we have to modify a lot of configuration files just to start.
We have seen that some configuration files (api-manager.xml, carbon.xml) use configurations variables. E.g., ${admin.username} to substitute by admin user.
We have found an old post (2016) explaining the use of configuration variables in WSO2 products
https://medium.com/#shan1024/overriding-configurations-in-wso2-products-using-deployment-properties-file-f096e96f782d
But we are not able to find the deployment.properties files referenced in that post, neither and official documentation.
Do you know if this works in APIM? Where have I to install this file?
As far as I know, deployment.yaml was introduced in Carbon kernel 5.2 onwards. But WSO2 APIM 2.x is based on Carbon kernel 4.4.X. Therefore APIM 2.x doesn't support that.
WSO2 APIM 3.X will support this feature.

Wso2 with jrockit JVM

We are looking to run WSO2 with JRockit 1.6 JVM, are there any known issues or we need to use Hotspot JVM?
I could not find documentation if JRockit is supported, but wanted to check as we use JRockit in our Production for high performance.
WSO2 products only support Oracle and IBM JVMs. See http://docs.wso2.org/display/Carbon420/Installation+Prerequisites
This means that we cannot guarantee that WSO2 products will support JRockit. However you are welcome to try it out.
I hope you have a pre-production environment to test this.
I hope this helps.

WSO2 Carbon Feature Stack - UES and Data Services Server

I would like to create a carbon server composed of multiple features; namely the User Engagement Server (UES) and the Data Services Server (DSS). UES is only carbon 4.1.0 based and DSS is 4.2.0 or 3.0.1 based. Is this possible? If so, how? If not, what are my alternatives for utilizing the functionality of both features set?
I have looked over wso2.org and other resources for help; however, I'm failing to find best practices for deploying a custom carbon solution and upgrading to future version. In another post I found a compatibility matrix, but the answer indicates that there is neither forward or backward compatibility.
WSO2 products will have API level changes between two different platform releases (as in 4.1.0 vs 4.2.0 [Turing]). So installing features from different platform versions will not work in most cases.
However, UES does have features based on a carbon 4.2.0 kernel (UES 1.0.1) and you can install the required features from the latest p2 feature repository here. It includes UES 1.0.1 feature which is based on Carbon 4.2.0 kernel. You might want to wait till DSS 3.1.1 is officially released (due to be released in about a week) which has some important bug fixes and improved stability.
To get features of both products, it would be easier to install UES features on top of a DSS product or vice versa, rather than installing both feature sets on a bare bones carbon server, since you may have to additionally install some kernel patches, configuration files, which are not installed during a feature installation.
HTH,