Managing an appliance data disk

You can use apic commands to manage appliance data disks in your VMware deployment.

The API Connect deployment on VMware uses 2 partitions. The first contains the base operating system, while the second is encrypted so that any customer data that is stored on disk uses the encrypted volume. Encryption is done with Linux Unified Key Setup (LUKS) disk encryption.

During installation of each API Connect subsystem, you specify a password HD-PASSWD when configuring the host:
apicup hosts create <SUBSYS> <HOSTNAME> <HD-PASSWD>

If you want to force a restart of processes, without requiring a full restart of the virtual machine, you can use the command apic lock to stop the Kubernetes node on the virtual machine and lock the secured storage. When you are ready to restart processes, you can use apic unlock to restart the Kubernetes node. The command apic unlock uses the password to unlock the partition so that files can be read from it and written to it. The unlock command also starts the apic daemon, also known as the appliance-manager service.

You can check that status of this service with:

sudo systemctl status appliance-manager

One appliance-manager daemon runs on each node, where it manages the Kubernetes cluster, processes update and upgrade requests, and gathers logs.

apic command Description
lock Shut down appliance services and lock the secured storage
logs Retrieve logs from all nodes in the cluster
status Report on cluster status
unlock Unlock the secure storage and start the appliance
version Get the API Connect appliance base version