Skip to content

Instantly share code, notes, and snippets.

@hodrigohamalho
Forked from mayorova/README.md
Last active March 23, 2017 15:07
Show Gist options
  • Save hodrigohamalho/2195e3a6727c10d6a63c10f67680a1c5 to your computer and use it in GitHub Desktop.
Save hodrigohamalho/2195e3a6727c10d6a63c10f67680a1c5 to your computer and use it in GitHub Desktop.
Deploy 3scale AMP on OpenShift

Installing 3scale AMP ER3-2 on EC2

You will need:

  • a running instance with 8GB RAM minimum (recommended 16GB) and RHEL

  • <PUBLIC_DNS>: (e.g. ec2-54-123-456-78.compute-1.amazonaws.com)

  • <PUBLIC_IP>: (e.g. 54.123.456.78)

Set up OpenShift cluster

References

(thanks to Toni Syvänen)

Install and run Docker

sudo yum-config-manager --enable rhui-REGION-rhel-server-extras
sudo yum install docker docker-registry -y

/etc/sysconfig/docker:

INSECURE_REGISTRY='--insecure-registry 172.30.0.0/16'
sudo systemctl start docker
sudo systemctl status docker

Install OC tools

Origin: https://github.com/openshift/origin/releases/latest

or

OCP: https://access.redhat.com/downloads/content/290/ver=3.4/rhel---7/3.4.1.10/x86_64/product-software

Example:

sudo yum install wget -y
wget https://github.com/openshift/origin/releases/download/v1.4.1/openshift-origin-client-tools-v1.4.1-3f9807a-linux-64bit.tar.gz
tar xzvf openshift-origin-client-tools-v1.4.1-3f9807a-linux-64bit.tar.gz
sudo mv openshift-origin-client-tools-v1.4.1+3f9807a-linux-64bit/oc /usr/bin/
rm -rf openshift-origin-client-tools-v1.4.1*

Start the cluster

oc cluster up --public-hostname=<PUBLIC_DNS> --routing-suffix=<PUBLIC_IP>.xip.io

Check out the console: https://<PUBLIC_DNS>:8443

Deploy 3scale AMP

Create persistent volumes

The volumes will be used by: MYSQL REDIS - Backend and Frontend SYSTEM-STORAGE

NFS_PATH=/exports
sudo su

mkdir -p  $NFS_PATH/amp-{01..04}
chmod g+w $NFS_PATH/amp-{01..04}
chcon -Rt svirt_sandbox_file_t $NFS_PATH/amp-*

(pv.yml attached as a separate file)

oc login -u system:admin

oc new-app --param PV=amp-01 -f pv.yml
oc new-app --param PV=amp-02 -f pv.yml
oc new-app --param PV=amp-03 -f pv.yml
oc new-app --param PV=amp-04 -f pv.yml

oc get pv

Login as developer and start AMP with template

PUBLIC_DNS=master.rramalho.com
oc login https://$PUBLIC_DNS:8443 --insecure-skip-tls-verify

oc new-project 3scale-amp

amp.yml is attached

oc new-app --file amp.yml --param WILDCARD_DOMAIN=cloud.rramalho.com
--> Deploying template "3scale-amp/system" for "amp.yml" to project 3scale-amp

     system
     ---------
     Login on https://3scale-admin.cloud.rramalho.com as admin/gu8edykg    <===== LOGIN with these credentials

     * With parameters:
        * AMP_RELEASE=er3
        * ADMIN_PASSWORD=gu8edykg # generated
        * ADMIN_USERNAME=admin
        * APICAST_ACCESS_TOKEN=rthdeuql # generated
        * ADMIN_ACCESS_TOKEN=4o2txf0v4e3wgvtw # generated
        * WILDCARD_DOMAIN=<PUBLIC_IP>.xip.io
        * SUBDOMAIN=3scale
        * MySQL User=mysql
        * MySQL Password=qfnt75jf # generated
        * MySQL Database Name=system
   * MySQL Root password.=7dhquse7 # generated
        * SYSTEM_BACKEND_USERNAME=3scale_api_user
        * SYSTEM_BACKEND_PASSWORD=a3i3n7by # generated
        * REDIS_IMAGE=rhscl/redis-32-rhel7:3.2-5.3
        * SYSTEM_BACKEND_SHARED_SECRET=s4wpndxj # generated

Test

Log in to the portal using the credentials above, configure the API, deploy APIcast staging adn production.

Configure emails (optional)

oc env dc/system-app --overwrite SMTP_ADDRESS=smtp.gmail.com SMTP_USER_NAME=<SMTP_USERNAME> SMTP_PASSWORD=<SMTP_PASSWORD>
oc env dc/system-redis --overwrite SMTP_ADDRESS=smtp.gmail.com SMTP_USER_NAME=<SMTP_USERNAME> SMTP_PASSWORD=<SMTP_PASSWORD>
oc env dc/system-sidekiq --overwrite SMTP_ADDRESS=smtp.gmail.com SMTP_USER_NAME=<SMTP_USERNAME> SMTP_PASSWORD=<SMTP_PASSWORD>

Note: the emails will be sent from the user specified in <SMTP_USERNAME>

Set up additional APIcast on OpenShift cluster

Create Access Token

Create an access token for Account Management API (Read permission is enough) (<ACCESS_TOKEN>)

ADMIN CONSOLE > Engine Icon > Account > Personal Settings > Access Token

Deploy APIcast pointing to the AMP backend

oc login https://<PUBLIC_DNS>:8443 --insecure-skip-tls-verify

oc new-project "apicast" --display-name="new-apicast-gateway" --description="3scale apicast gateway"

oc secret new-basicauth apicast-configuration-url-secret --password=https://<ACCESS_TOKEN>@3scale-admin.<PUBLIC_IP>.xip.io

oc new-app --file apicast.yml

oc env dc/apicast --overwrite BACKEND_ENDPOINT_OVERRIDE=https://backend.<PUBLIC_IP>.xip.io

Create a route in OpenShift for the new APIcast

  • Create a new Public Base URL in the Integration page
  • Add the corresponding route to the apicast service
apiVersion: v1
kind: Template
metadata:
creationTimestamp: null
name: "system"
objects:
- apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-${PV}
spec:
accessModes:
- ReadWriteOnce
- ReadWriteMany
capacity:
storage: 1Gi
persistentVolumeReclaimPolicy: Recycle
hostPath:
path: ${PATH}/${PV}
parameters:
- name: PV
required: true
- name: PATH
value: /exports
required: true
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment