Skip to content

Instantly share code, notes, and snippets.

@mayorova

mayorova/README.md

Last active June 14, 2018 10:59
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 4 You must be signed in to fork a gist
  • Save mayorova/6fb9733416870986b775dff225248fef to your computer and use it in GitHub Desktop.
Save mayorova/6fb9733416870986b775dff225248fef to your computer and use it in GitHub Desktop.
Download ZIP
Deploy 3scale AMP on Amazon EC2
Raw
README.md

Deploy 3scale AMP on Amazon EC2

This is an easy way to deploy a simple 3scale AMP setup using oc cluster up. Note: This should only be used for development and testing, do not ever use it in production environments.

You will need:

  • a running instance with 8GB RAM minimum (recommended 16GB) and RHEL

  • <PUBLIC_DNS>: (e.g. ec2-54-123-456-78.compute-1.amazonaws.com)

  • <PUBLIC_IP>: (e.g. 54.123.456.78)

Set up OpenShift cluster

References

(thanks to Toni Syvänen)

Install and run Docker

sudo yum-config-manager --enable rhui-REGION-rhel-server-extras
sudo yum install docker docker-registry -y

/etc/sysconfig/docker:

INSECURE_REGISTRY='--insecure-registry 172.30.0.0/16'

sudo systemctl start docker
sudo systemctl status docker

Install OC tools

Origin: https://github.com/openshift/origin/releases/latest

or

OCP: https://access.redhat.com/downloads/content/290/

Example:

sudo yum install wget -y
wget https://github.com/openshift/origin/releases/download/v1.4.1/openshift-origin-client-tools-v1.4.1-3f9807a-linux-64bit.tar.gz
tar xzvf openshift-origin-client-tools-v1.4.1-3f9807a-linux-64bit.tar.gz
sudo mv openshift-origin-client-tools-v1.4.1+3f9807a-linux-64bit/oc /usr/bin/
rm -rf openshift-origin-client-tools-v1.4.1*

Start the cluster

sudo oc cluster up --public-hostname=<PUBLIC_DNS> --routing-suffix=<PUBLIC_IP>.xip.io

Check out the console: https://<PUBLIC_DNS>:8443

Deploy 3scale AMP

Since OpenShift v3.6 oc cluster up creates persistent volumes that can be used by 3scale AMP. If using a previous OpenShift version, or for some other reason the PVs are not there, see the steps to add PVs locally below.

Login as developer and start AMP with template

Note: The steps above insall 3scale AMP 2.1. Change the location of the amp.yml template to deploy a different version.

oc login https://<PUBLIC_DNS>:8443 --insecure-skip-tls-verify

oc new-project 3scale-amp

oc new-app --file https://raw.githubusercontent.com/3scale/3scale-amp-openshift-templates/2.1.0-GA/amp/amp.yml --param WILDCARD_DOMAIN=<PUBLIC_IP>.xip.io

For 2.2:

oc new-app --file https://raw.githubusercontent.com/3scale/3scale-amp-openshift-templates/2.2.0.GA/amp/amp.yml --param WILDCARD_DOMAIN=<PUBLIC_IP>.xip.io

--> Deploying template "3scale-amp/system" for "amp.yml" to project 3scale-amp

     system
     ---------
     Login on https://3scale-admin.<PUBLIC_IP>.xip.io as admin/gu8edykg    <===== LOGIN with these credentials

     * With parameters:
        * AMP_RELEASE=er3
        * ADMIN_PASSWORD=gu8edykg # generated
        * ADMIN_USERNAME=admin
        * APICAST_ACCESS_TOKEN=rthdeuql # generated
        * ADMIN_ACCESS_TOKEN=4o2txf0v4e3wgvtw # generated
        * WILDCARD_DOMAIN=<PUBLIC_IP>.xip.io
        * SUBDOMAIN=3scale
        * MySQL User=mysql
        * MySQL Password=qfnt75jf # generated
        * MySQL Database Name=system
        * MySQL Root password.=7dhquse7 # generated
        * SYSTEM_BACKEND_USERNAME=3scale_api_user
        * SYSTEM_BACKEND_PASSWORD=a3i3n7by # generated
        * REDIS_IMAGE=rhscl/redis-32-rhel7:3.2-5.3
        * SYSTEM_BACKEND_SHARED_SECRET=s4wpndxj # generated

Test

Log in to the portal using the credentials above, configure the API, deploy APIcast staging adn production.

Configure emails (optional)

oc env dc/system-app --overwrite SMTP_ADDRESS=smtp.gmail.com SMTP_USER_NAME=<SMTP_USERNAME> SMTP_PASSWORD=<SMTP_PASSWORD>
oc env dc/system-redis --overwrite SMTP_ADDRESS=smtp.gmail.com SMTP_USER_NAME=<SMTP_USERNAME> SMTP_PASSWORD=<SMTP_PASSWORD>
oc env dc/system-sidekiq --overwrite SMTP_ADDRESS=smtp.gmail.com SMTP_USER_NAME=<SMTP_USERNAME> SMTP_PASSWORD=<SMTP_PASSWORD>

Note: the emails will be sent from the user specified in <SMTP_USERNAME>

Create persistent volumes (optional)

This step is only needed when you are using OpenShift cluster deployed with oc cluster up with version below v3.6.

sudo su

mkdir -p  /var/lib/docker/pv/{01..04}
chmod g+w /var/lib/docker/pv/{01..04}
chcon -Rt svirt_sandbox_file_t /var/lib/docker/pv/

(pv.yml attached as a separate file)

oc login -u system:admin

oc new-app --param PV=01 -f pv.yml
oc new-app --param PV=02 -f pv.yml
oc new-app --param PV=03 -f pv.yml
oc new-app --param PV=04 -f pv.yml

oc get pv

Set up additional APIcast on OpenShift cluster

Create Access Token

Create an access token for Account Management API (Read permission is enough) (<ACCESS_TOKEN>)

Deploy APIcast pointing to the AMP backend

oc login https://<PUBLIC_DNS>:8443 --insecure-skip-tls-verify

oc new-project "apicast" --display-name="new-apicast-gateway" --description="3scale apicast gateway"

oc secret new-basicauth apicast-configuration-url-secret --password=https://<ACCESS_TOKEN>@3scale-admin.<PUBLIC_IP>.xip.io

oc new-app --file apicast.yml

oc env dc/apicast --overwrite BACKEND_ENDPOINT_OVERRIDE=https://backend.<PUBLIC_IP>.xip.io

Create a route in OpenShift for the new APIcast

  • Create a new Public Base URL in the Integration page
  • Add the corresponding route to the apicast service
Raw
pv.yml
apiVersion: v1
kind: Template
metadata:
creationTimestamp: null
name: "system"
objects:
- apiVersion: v1
kind: PersistentVolume
metadata:
name: pv${PV}
spec:
accessModes:
- ReadWriteOnce
- ReadWriteMany
capacity:
storage: 1Gi
persistentVolumeReclaimPolicy: Recycle
hostPath:
path: ${PATH}/${PV}
parameters:
- name: PV
required: true
- name: PATH
value: /var/lib/docker/pv
required: true
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment