Running Config Sync as a cronjob on VMware

Running the apic-configsync utility as a cronjob on VMware enables the utility to be run on a timed basis, such as every 10 minutes.

About this task

You can configure the apic-configsync utility to run as a cronjob in an API Connect deployment running on VMware. The apic-configsync utility should run as close to the target cluster as possible, so the cronjob should be configured to run from the management subsystem virtual machines in the target API Connect cluster.

Ensure that your virtual machines have enough resources available (CPU/Memory) for the cronjob to run the apic-configsync utility.

Procedure

  1. Download and extract the API Connect Config Sync package.
  2. Define the environment variables for the source and target catalogs.
  3. For each node in the management subsystem:
    1. In the extracted apic-configsync.tar.gz package, locate the ibm-apic-configsync-image.tar.gz file.
    2. Upload the ibm-apic-configsync-image.tar.gz file using the following command: 
      scp ibm-apic-configsync-image.tar.gz apicadm@<hostname>:~

      where <hostname> is the hostname or IP address of the node.

    3. SSH into the node and become root with sudo -i.
    4. Switch into the registry directory with the following command: 
      cd /var/lib/apiconnect-subsystem/registry/
    5. Extract the image from the tar.gz file with the following command: 
      tar xf /home/apicadm/ibm-apic-configsync-image.tar.gz
      Extracting the file creates the following directory:
      /var/lib/apiconnect-subsystem/registry/ibm-apic-configsync/ibm-apic-configsync-<version>/<tag>
      where <version> is the current version of the apic-configsync utility and <tag> is the tag of the built image.
    6. Restart the appliance-manager by running the following command: 
      systemctl restart appliance-manager
  4. Create secrets to host configuration details for the source cluster and the target cluster.
    1. SSH into one of the nodes in the management subsystem and become root with sudo -i.
    2. Create a secret to host the configuration details for the source cluster in the namespace where you intend to run the cronjob: 
      kubectl create secret generic source-catalog-details \
    --from-literal=SOURCE_MGMT_SERVER=$SOURCE_MGMT_SERVER \
    --from-literal=SOURCE_ORG=$SOURCE_ORG \
    --from-literal=SOURCE_REALM=$SOURCE_REALM \
    --from-literal=SOURCE_ADMIN_USER=$SOURCE_ADMIN_USER \
    --from-literal=SOURCE_ADMIN_PASSWORD=$SOURCE_ADMIN_PASSWORD \
    --from-literal=SOURCE_CATALOG=$SOURCE_CATALOG \
    --from-literal=SOURCE_TOOLKIT_CREDENTIALS_CLIENTID=$SOURCE_TOOLKIT_CREDENTIALS_CLIENTID \
    --from-literal=SOURCE_TOOLKIT_CREDENTIALS_CLIENTSECRET=$SOURCE_TOOLKIT_CREDENTIALS_CLIENTSECRET
    3. Create a secret to host the configuration details for the target cluster in the namespace where you intend to run the cronjob: 
      kubectl create secret generic target-catalog-details \
    --from-literal=TARGET_MGMT_SERVER=$TARGET_MGMT_SERVER \
    --from-literal=TARGET_ORG=$TARGET_ORG \
    --from-literal=TARGET_REALM=$TARGET_REALM \
    --from-literal=TARGET_ADMIN_USER=$TARGET_ADMIN_USER \
    --from-literal=TARGET_ADMIN_PASSWORD=$TARGET_ADMIN_PASSWORD \
    --from-literal=TARGET_CATALOG=$TARGET_CATALOG \
    --from-literal=TARGET_TOOLKIT_CREDENTIALS_CLIENTID=$TARGET_TOOLKIT_CREDENTIALS_CLIENTID \
    --from-literal=TARGET_TOOLKIT_CREDENTIALS_CLIENTSECRET=$TARGET_TOOLKIT_CREDENTIALS_CLIENTSECRET
  5. Create the cronjob:
    1. Open the helper_files/configsync-cronjob-ova.yaml file located in the extracted API Connect Config Sync package.
    2. Modify the schedule property to specify how frequently the job will run.

      The minimum recommended schedule period is 1 minute; however, a deployment with a large number of objects might require more time for the job to complete. Because concurrent jobs are not allowed, the total time between the start of two consecutive jobs might be longer.

    3. Set the concurrencyPolicy to Forbid.

      Config Sync operates on a single source-target catalog pair at a time. If you want to sync multiple different source-target catalog pairs, create a separate cronjob for each pair.

    4. Upload the helper_files/configsync-cronjob-ova.yaml file to one of the management nodes.

      To upload the file, run the following command:

      scp helper_files/configsync-cronjob-ova.yaml apicadm@<hostname>:~

      Replace <hostname> with the host name or IP of one of the nodes in the management subsystem.

    5. SSH into one of the nodes in the management subsystem and become root with sudo -i.
    6. Create the cronjob resource in the cluster by running the following command: 
      kubectl apply -f /home/apicadm/configsync-cronjob-ova.yaml