I have followed the procedure for cluster deployment of wso2 API manager mentioned in
Referencing: http://docs.wso2.org/display/CLUSTER420/Clustering+API+Manager
But when i am running API manager with different profile wso2 API manager is started but is not accessible from the browser.However, if I change the port offset in carbon.xml to 0 and then r everything runs fine.Please tell me where is the issue.
When you change the port offset in carbon.xml, all default port values will be adjusted according to the port offset values.
If port offset is 2, the default HTTPS port 9443 will be changed 9445 in the run time. So you should access the management console via 9445 port.
Also see following wiki page about changing port offset for API Manager.
http://docs.wso2.org/display/AM160/Changing+the+Default+Ports+with+Offset
I hope this helps
Related
I don't want to expose ports to users.
therefore I want to use "https://hostname/devportal", "https://hostname/publisher" rather than "https://hostname:9443/devportal", "https://hostname:9443/publisher". what should I do?
Please help me on this.
thanks. (API manager version: 4.0)
You need to add the following two properties to the deployment.toml if you want to start WSO2 server on port 443. (Tip: Start everything on a fresh pack, if you are trying following on a pack you already started you may have to change already registered callback URLs)
[transport.https.properties]
proxyPort = 443
port = 443
Also, for an application to bind to a port <1000(In this case 443) it needs root permissions. Hence you will have to start the server with a user who has root access.
Having said that, this is not a good deployment pattern as to expose your servers directly to external access. You should probably deploy an LB fronting the WSO2 servers and expose LB to the external users.
I have started an AWS EC2 (UBUNTU 18 AMI) instance running three apps:
Web server on port 80
REST API on port 8786
DB on port X
I am able to
SSH into the instance
Reach the website via browser on port 80.
Reach the REST API from within the SSH session.
I am unable to
Reach the REST API via AJAX from the browser (tried postman as well).
I have
Configured the Security Group to receive inbound connections from all sources on 8786
verified that iptable is not loaded
Tried reaching the website from a mobile network - to no avail.
Swapped the ports between the Web Server and the REST API - which resulted in being able to access the API via the browser and postman.
Verified that the API is bound to 0.0.0.0 - not to localhost.
This smells like an EC2 issue, but I have no idea what to do.
Help would be much appreaciated.
As it turns out, 8786 is a reserved port, and should not be used. Issues were resolved when I changed to 8080, which I should have done in the very beginning.
I'm trying to understand WSO2 APIM components and deployment scenarios but the terminology is confusing/vague for me. Clustering vs distributed deployments, profiles, and Port Offsets.
Basically I'd like to deploy a minimal 5 node setup where:
Node # (Location) Purpose
(DMZ) the GW (worker=True right?) and KeyManager
(DMZ) 2nd GW node (as above) for GW & KeyManager
(non-dmz) the Management Console, MySQL master
(non-dmz) the Publisher UI,TrafficManager, MySQL slave
(DMZ) the Store
Questions:
Should I use -DportOffset=0 on all nodes?
What -Dprofile=?? do I need to use on each of the 5 nodes?
The 2 gateway nodes will be load-balanced by an F5 load balancer
for incoming api-traffic. What port is used there, 9443 or 9763?
What ports need to be accessible on the DMZ hosts for this to work?
I assume 3306,9443,9763,8280,8243,7711, and 9999,11111 if JMX reqd
Please don't point me to the documentation, that's what is confusing me.
Running the key manager nodes, Store node in the DMZ is not recommended as they need db access. If you are using multi tenancy, you cannot host gateway worker nodes in the DMZ as well due to db access. What you can do is host those nodes in LAN and have a reverse proxy in the DMZ to expose the endpoints on the Gateway and Store. If you do not use multi tenancy, then you can run gateway worker nodes in the DMZ as dbs are not used.
As you are running multiple WSO2 servers in a single server you need to use port offsets to avoid conflicts. Default port offset is 0. You can run one WSO2 server with default port offset. For the other server you need to use port offset 1 or any value other than 0. You can start the server by giving the -DportOffset=1 at the startup. Best way is to change the value offset to 1 in /repository/conf/carbon.xml so that you do not need to provide the -DportOffset value at the startup.
-Dprofile is denote the profile which API Manager should start. If you start with -Dprofile=api-publisher, it would only starts the front end/backend features relevant to the API Publisher. Running product profiles are mostly recommended as it would only load relevant features of the profile. You can use profiles in your deployment as you are running 6 profiles of API Manager.
I think you are referring gateway worker nodes which serve API traffic. If so, it will use passthrough ports that are 8280(http) and 8243(https). Requests can serve using both. 9443 and 9763 are servlet ports are those will not used in gateway worker nodes and only in gateway manager node for service calls.
My recommendation is you should revise this setup as you are running nodes in DMZ which have db access.
Should I use -DportOffset=0 on all nodes?
It depends on how do you set up those nodes. If all of these servers in the same node (machine), you must use different port offset as all the API Manager servers use those port, so, there will be port conflicts.
What -Dprofile=?? do I need to use on each of the 5 nodes?
It will adjust the ports used by API Manager so that, there won't be any port conflicts between them if you are running on same node.
The 2 gateway nodes will be load-balanced by an F5 load balancer for
incoming api-traffic. What port is used there, 9443 or 9763?
For API requests/responses handling, you need 9763.
What ports need to be accessible on the DMZ hosts for this to work? I
assume 3306,9443,9763,8280,8243,7711, and 9999,11111 if JMX reqd
Yes, it's correct.
Further, you can use WSO2 support any issues you encountered.
I'm trying to install a WSO2 EMM server on Amazon EC2 Instance, but have a problem with it. EC2 instance have 2 IP addresses - one of them is internal Amazon address like 172.32.x.x, another is external real IP.
If I try to setup carbon.xml file with real IP (or domain), I have a problem with thrift server, which can't open port 10500 at a real IP. If I use internal IP running of server is fine, but in application I can't reach identity server (because it's a gray IP, of course).
I tried some tricks with using /etc/hosts file, for example, setup 0.0.0.0 as my domain. In this case server is running without errors, and a can see that port 10500 is open using netstat, but web application is not redirect to identity server.
May be there are any solutions of this problem?
I have to update EMM server to version 1.1.0 and all is working now.
Thanks all!
In the carbon.xml, change the HostName and MgtHostName to the real IP and start the server.
For example if the real IP is 172.32.x.x then HostName and MgtHostName in the carbon.xml should change to:
<HostName>172.32.x.x</HostName>
<MgtHostName>172.32.x.x</MgtHostName>
I have to expose an API with the port other than 8280. i modified that in axis2.xml to port :8286 for HTTP Transportreceiver . Even after restarting the apigateway service , it is Refusing the connection on the particualar port.
Whats the process for modifying the ports.
You just have to change the Port offset of the API Manager Server. For that change offset configuration in <PRODUCT_HOME>/repository/conf/carbon.xml
<Offset>1</Offset>
This will change the NIO port which is 8280 by default to 8281 (8280 + 1).
After that make sure to edit all the hardcoded endpoints of default APIs available by following[1]
[1]http://docs.wso2.org/wiki/display/AM140/Configuring+Port+Offset