Installing a two data center deployment on Kubernetes
Additional installation instructions for a two data center disaster recovery (2DCDR) deployment on Kubernetes.
Before you begin
Ensure that you understand the concepts of 2DCDR in API Connect. For more information, see Two data center warm-standby deployment on Kubernetes and OpenShift.
Download the operator files and custom resource definitions for use during installation onto both of your data centers. Ensure that you complete the instructions for Deploying operators and cert-manager, and set the same ingress-ca certificate in both data centers: Installing cert-manager and certificates in a two data center deployment.
Familiarize yourself with the instructions in Installing the API Connect subsystems. Follow these instructions along with the 2DCDR specific steps in this topic.
- API Connect is not supported on a FIPS-enabled environment.
- It is not possible to use the Automated API behavior testing application (Installing the Automated API behavior testing application) in a 2DCDR configuration (Two data center warm-standby deployment on Kubernetes and OpenShift).
- Management subsystem endpoints
-
cloudManagerEndpoint
apiManagerEndpoint
platformAPIEndpoint
consumerAPIEndpoint
consumerCatalogEndpoint
- Portal subsystem endpoints
-
portalAdminEndpoint
portalUIEndpoint
About this task
A 2DCDR
deployment differs from a standard API Connect deployment in
that the custom resources (CRs) for both the management and portal in each data center include a
multiSiteHA
configuration section. The multiSiteHA
section is used
to define which data center is the active and which is the warm-standby.
The following examples show multiSiteHA
sections in the
PortalCluster
CRs for the active and warm-standby data centers.
|
|
Configuration property | Description |
---|---|
mode |
The state of the data center in the context of the 2DCDR deployment. Valid values
are:
|
|
Contains details of the external ingress name for the subsystem in the current data center in
the 2DCDR deployment.
The hosts |
replicationPeerFQDN |
The ingress hostname for the other data center in the 2DCDR deployment. This information is required so that the two data centers can communicate with each other. |
|
The TLS client secret for the subsystem. |
siteName
property is a unique descriptive name for the portal
and management subsystems, in each data center. For example, dallas
in data center
1 (DC1), and raleigh
in data center 2 (DC2). - Set a different
siteName
on the active to the one set on the warm-standby data center. siteName
is used in the hostnames, and so can contain onlya-z
and0-9
characters.- You can set a
siteName
in theManagementCluster
orPortalCluster
CRs only on installation. You cannot change the name after deployment. If you don't set asiteName
at first deployment, an automatedsiteName
is created for you.
- Set the placeholder properties in the CR file for management and portal subsystems as detailed
in Installing the API Connect subsystems, but do not run the final
kubectl apply
operation. Complete the additional 2DCDR configuration steps before you runkubectl apply
. - Set the properties in the
multiSiteHA
section, and synchronize encryption secrets between the data centers as described in the procedure below: