Pushing provider organization data
Use the AMU to push the provider organization data to the Management server.
About this task
Pushing the provider organization data uploads the ported OAuth Providers, draft APIs, draft products, configured gateway services, and published products to the Management server.
Procedure
-
Log in to the API Manager user interface as an Owner or Administrator of the provider
organization that you want to
migrate.
If you want to login using an OIDC user registry, see Logging in to a management server with an OIDC registry.
Important: You cannot migrate a provider organization while you are logged in with the Cloud Manager admin organization. You must be logged in as the Owner or Administrator of the provider organization whose data you will push.Syntax:./apicm login --server <api-manager-ui-endpoint> --realm provider/<identity_provider> --username <org_username> --password <org_password>
Example for a standalone deployment:./apicm login --server api-manager-ui.dev.apic10-stack.example.test --realm provider/default-idp-2 --username org_username@example.com --password myorgpassword
Example for Cloud Pak for Integration:./apicm login --server cpd-e2e.apps.test1.cp.example.com/integration/apis/e2e/prod --realm provider/default-idp-2 --username org_username@ex
Table 1. login
parameters for Provider organizationsParameters Description <api-manager-ui-endpoint>
Required. The API Manager URL endpoint on the Management server for communication with the API Manager user interface. - Standalone deployment
-
Example:
api-manager-ui.dev.apic10-stack.example.test
The endpoint was specified when the Management subsystem was installed. To verify your endpoint setting, do one of the following:- View the
apiconnect-apim-ui
definition in theapiconnect-up.yml
file in the API Connect installation project directory. - In the Cloud Manager UI, select Settings > Endpoints and view API Manager URL.
- View the
- Cloud Pak for Integration
- Syntax:
cpd-<APIC_namespace>.<your-company.domain.com>/integration/apis/<APIC_namespace>/<APIC_instance>
Example:
cpd-e2e.apps.test1.cp.example.com/integration/apis/e2e/prod
where
e2e
is<APIC_namespace>
andprod
is<APIC_instance>
.Note: How to obtain the server URL on Cloud Pak for IntegrationUse the Platform Navigator UI to determine the parameter. Note that you cannot get the endpoint by using
oc get routes
because Zen modifies the route internally.- Locate the Platform UI panel with entries for the deployment. Identify the row that has a
Type
column entry with the descriptionAPI management
- To display the endpoint, hover over the corresponding prod entry in the
Name
column for that row. The URL displays at the bottom of the panel.Name Type prod API management administration prod API management cpd-e2e.apps.test1.cp.example.com/integration/apis/e2e/prod/manage
- Remove the trailing
/manage
from the endpoint:cpd-e2e.apps.test1.cp.example.com/integration/apis/e2e/prod
- Locate the Platform UI panel with entries for the deployment. Identify the row that has a
--realm provider/identity_provider
Required. The default.identity_provider
isdefault-idp-2
.You can determine which identity provider to use in the--realm
parameter by entering the following command to see a list of all available identity providers (you do not need to be logged in to use this command):
For example,apic identity-providers:list --scope provider --server mgmt_endpoint_url --fields title,realm
Theapic identity-providers:list --scope provider --server myserver.com --fields title,realm total_results: 2 results: - title: Cloud Manager User Registry realm: provider/default-idp-2 - title: Corporate LDAP user registry realm: provider/corporate-ldap
title
value indicates which identity provider to use; copy the corresponding--realm
parameter directly from the displayedrealm
value. For any identity providers that were created by your administrator after API Connect was installed, the names will have been determined at creation time. The default API Manager Local User Registry for login as a member of a provider organization isdefault-idp-2
--username <org_username>
Required. A user with permissions to modify the provider organization; typically this is the owner or administrator of the organization. --password <org_password>
Required. The organization owner or administrator password. -
Push the data for the provider organization.
In the same directory where you ran the
archive:unpack-v10
command, run the following command to push the ported data to your API Manager. See the parameters in Table 2 as well as the usage notes that follow the table.Syntax:./apicm archive:push-v10 <api-manager-ui-endpoint> cloud-v10/provider-orgs/<pOrg_name> [optional flags]
Example for standalone deployment (optional flags are omitted):./apicm archive:push-v10 api-manager-ui.mgmt.dev.apic10-stack.example.test cloud-v10/provider-orgs/production_Org
Example for Cloud Pak for Integration (optional flags are omitted):./apicm archive:push-v10 cpd-e2e.apps.test1.cp.example.com/integration/apis/e2e/prod cloud-v10/provider-orgs/production_Org
Table 2. archive:push-v10
parameters for provider organizationsParameters Description <api-manager-ui-endpoint>
Required. The API Manager URL endpoint on the Management server for communication with the API Manager user interface. - Standalone deployment
-
Example:
api-manager-ui.dev.apic10-stack.example.test
The endpoint was specified when the Management subsystem was installed. To verify your endpoint setting, do one of the following:- View the
apiconnect-apim-ui
definition in theapiconnect-up.yml
file in the API Connect installation project directory. - In the Cloud Manager UI, select Settings > Endpoints and view API Manager URL.
- View the
- Cloud Pak for Integration
- Syntax:
cpd-<APIC_namespace>.<your-company.domain.com>/integration/apis/<APIC_namespace>/<APIC_instance>
Example:
cpd-e2e.apps.test1.cp.example.com/integration/apis/e2e/prod
where
e2e
is<APIC_namespace>
andprod
is<APIC_instance>
.Note: How to obtain the server URL on Cloud Pak for IntegrationUse the Platform Navigator UI to determine the parameter. Note that you cannot get the endpoint by using
oc get routes
because Zen modifies the route internally.- Locate the Platform UI panel with entries for the deployment. Identify the row that has a
Type
column entry with the descriptionAPI management
- To display the endpoint, hover over the corresponding prod entry in the
Name
column for that row. The URL displays at the bottom of the panel.Name Type prod API management administration prod API management cpd-e2e.apps.test1.cp.example.com/integration/apis/e2e/prod/manage
- Remove the trailing
/manage
from the endpoint:cpd-e2e.apps.test1.cp.example.com/integration/apis/e2e/prod
- Locate the Platform UI panel with entries for the deployment. Identify the row that has a
cloud-v10/provider-orgs/<pOrg_name>
Required. The location of your provider org within the /cloud-v10
file hierarchy you created when you ran unpacked the data archive; for example:cloud-v10/provider-orgs/production_Org
--catalogs=<list_of_names>
Optional. Push data for only the specified catalogs if you don't want to push the entire provider organization. Use this parameter to specify the names of the catalogs you want to push (to specify multiple catalogs, use a comma-separated list): ./apicm archive:push-v10 <api-manager-ui-endpoint> cloud-v10/provider-orgs/<pOrg_name> --catalogs=<catalog_name1,catalog_name2,catalog_name3>
--spaces=<list_of_names>
Optional. Push data for only the specified spaces if you don't want to push the entire provider organization. The --catalogs
parameter must also be specified, and exactly one catalog must be specified. Use this parameter to specify the names of the spaces you want to push (to specify multiple spaces, use a comma-separated list). For example:./apicm archive:push-v10 <api-manager-ui-endpoint> cloud-v10/provider-orgs/<pOrg_name> --catalogs=<catalog_name> --spaces=<space_name1>,<space_name2>,<space_name3>
--products=<list_of_name:version_pairs>
Optional. Push data for only the specified products if you don't want to push the entire provider organization. The --catalogs
parameter must also be specified, and exactly one catalog must be specified. If spaces are enabled on the catalog, then the--spaces
parameter must also be specified, and exactly one space must be specified. Use this parameter to specify the names and versions of the products that you want to push (to specify multiple products, use a comma-separated list of name:version pairs as shown in the following examples.Example: catalog with spaces
./apicm archive:push-v10 <api-manager-ui-endpoint> cloud-v10/provider-orgs/<pOrg_name> --catalogs=<catalog_name> --spaces=<space_name> --products=<prod_name1>:<prod_version1>,<prod_name2>:<prod_version2>,<prod_name3>:<prod_version3>
Example: catalog without spaces:
./apicm archive:push-v10 <api-manager-ui-endpoint> cloud-v10/provider-orgs/<pOrg_name> --catalogs=<catalog_name> --products=<prod_name1>:<prod_version1>,<prod_name2>:<prod_version2>,<prod_name3>:<prod_version3>
--dry-run
Optional. Perform a dry run to test the Admin org migration output. This option creates a project directory similar to
cloud-v10
, but titled.workdir-<api-manager-ui-endpoint>
where you can view how the data will be loaded into your new system. The option also displays the objects that will fail due to existing already or missing dependencies. Use this option to view the resolved URLs for where the data will be loaded, without creating resources on the new system. See Migration troubleshooting../apicm archive:push-v10 <api-manager-ui-endpoint> cloud-v10/provider-orgs/<pOrg_name> --dry-run
--no-drafts
Optional. Do not push any draft APIs or products (draft objects are objects that have not been published). ./apicm archive:push-v10 <api-manager-ui-endpoint> <path_to_provider_org> --no-drafts
This option can be used with or without the
--catalogs
parameter.--drafts-only
Optional. Only push ported draft APIs and products, and do not push any published APIs or products (draft objects are objects that have not been published). ./apicm archive:push-v10 <api-manager-ui-endpoint> <path_to_provider_org> --drafts-only
This option cannot be used with the
--catalogs
or--no-drafts
parameters.--overwrite
Optional. Overwrite any existing draft products, draft APIs, published products and their APIs, and OAuth Providers that are already on the deployment. If you set this parameter to false, these artifacts will be left intact. --move-subscriptions
Optional. When this option is used, the subscriptions associated with v5-compatible-API-based products that were ported to API DataPower Gateway-based products and successfully pushed to the API Connect deployment will have their subscriptions moved to the new products, and the original v5-compatible-API-based products will be retired. This option can also be used on subsequent archive:push-v10
commands to move the subscriptions even after the migrated products are published. Using the--catalogs
,--spaces
, and--products
parameters with the--move-subscriptions
parameters lets you narrow the set of products to have their subscriptions moved.Usage notes:- On Windows: open a command window with Administrator privileges, and omit the "./" from the command.
- Run the
archive:push-v10
command in the same directory where you ran thearchive:unpack-v10
command, and always push the ported data back to the same deployment where you extracted the data. - The
login
command obtains a token that expires after 8 hours.If the token expires while the
archive:push-v10
command is running, the AMU generates errors. In this case, log in again and re-run thepush
command. The token is refreshed every time you log in. For more information, see migration_troubleshooting.html#migration_troubleshooting__token_expire. - The
archive:push-v10
command only pushes only the following ported objects: OAuth Providers, draft APIs, draft products, configured gateway services, and published products. - An alternative method of viewing endpoints is to run the
kubectl get ingress
and get the values from the output. For example, see the values in bold in the following sample output:r7c221d8a33-apic-portal-director api.portal.dev.apic10-stack.example.test 80, 443 21h r7c221d8a33-apic-portal-web portal.dev.apic10-stack.example.test 80, 443 21h re314d70920-apiconnect-api platform.mgmt.dev.apic10-stack.example.test 80, 443 22h re314d70920-apiconnect-apim-ui apim.mgmt.dev.apic10-stack.example.test 80, 443 22h re314d70920-apiconnect-cm-ui cloud.mgmt.dev.apic10-stack.example.test 80, 443 22h re314d70920-apiconnect-consumer-api consumer.mgmt.dev.apic10-stack.example.test 80, 443 22h rfe867a858b-dynamic-gateway-service service.gw.dev.apic10-stack.example.test 80, 443 21h rfe867a858b-dynamic-gateway-service-gw api.gw.dev.apic10-stack.example.test 80, 443 21h rfff5043330-analytics-client ac.dev.apic10-stack.example.test 80, 443 21h rfff5043330-analytics-ingestion ai.dev.apic10-stack.example.test
-
Test your newly ported products and APIs to make sure they are working as expected.
If necessary make changes and push the updates to your API Connect deployment.