Tutorial: Configuring the Cloud

This tutorial shows you how to create a basic cloud configuration, with DataPower gateway, event gateway, analytics, and developer portal services.

Before You Begin

One of the following roles is required to register and manage services in Cloud Manager:

  • Administrator
  • Topology Administrator
  • Owner
  • A custom role with the Topology:Manage permission
You will need the following information to complete this tutorial.
  • The IP address or FQDN of the DataPower gateway, and the port assigned to accept API requests from clients.
  • The IP address or FQDN of the DataPower gateway, and the port assigned to communicate with the management server. This cannot be the same as the port for API requests.
  • The FQDN of the management endpoint on the event gateway to communicate with the API Connect management server.
  • The FQDN of the client endpoint on the event gateway, and the port (443) assigned to accept API requests from clients.
  • The FQDN of the developer portal service to accept requests from clients.
  • The FQDN of the developer portal to communicate with the management server.
  • The FQDN of the analytics service to accept requests from clients.
  • The address, port, and optional login credentials for an SMTP email server.
Note: The port for the portal-www, portal-admin, and analytics-ingestion services is 443, and is not configurable.

About this tutorial

In this tutorial, you will complete the following lessons:

Initial Cloud Manager Console login

Take the following steps to log in to the Cloud Manager user interface for the first time.

  1. In a web browser, enter the management service URL. For example, https://ManagementService.domain/admin where ManagementService.domain is the fully qualified host name or IP address of the Management service.

    Cloud Manager login

  2. Enter the Cloud Administrator user name and password. The default values are admin for the user name and 7iron-hide for the password.

    OpenShift top-level CR install

    If you installed API Connect on OpenShift using the top-level "API Connect Cluster" CR, the default user name is admin. If you are logging in for the first time, run the following commands to retrieve the initial password, which is generated automatically during deployment:

    oc get secret -n <namespace> | grep mgmt-admin-pass
    oc get secret -n <namespace> <secret_name_from_previous command> -o jsonpath="{.data.password}" | base64 -d && echo ""
  3. You are immediately required to change the admin password, as well as provide an email address for the cloud administrator. Enter the necessary information.
    Note: If you forget your password and request a password reset, the notification email is sent to this email address. This action will use the email server set in the Notifications section of the cloud Settings. This tutorial shows you how to set this configuration.

    Cloud Manager login

  4. Click Save.
  5. Log in using the new password.

Configure an Email Server

Take the following steps to configure an email server. This configuration allows you to recover the admin password or receive other important notifications.
  1. Click Resources icon Resources icon or the Manage Resources tile.

    CMC Home page

  2. Click Notifications.

    Resources page

  3. Click Create.

    Notifications page

  4. Enter the appropriate values in the fields These values vary depending on your site.
  5. Click Save.

    Configure email server

  6. Click the Settings icon Settings icon, then click Notifications > Edit.
  7. Ensure your email server is selected, then click Save.
  8. Click the Resources icon Home icon.

Register a DataPower Gateway Service

Take the following steps to register a gateway service.
  1. Click the Configure Topology tile.

    CMC Home page

  2. Click Register Service.

    Topology page

  3. Click DataPower API Gateway.

    Service types

  4. Take the following steps.
    1. Enter gateway_service in the Title field.
    2. In the Management Endpoint section, enter the URL of the address and port assigned to the management endpoint in the Endpoint field. This is the port used by the API Management server to connect to the gateway.
    3. Leave the remaining values as given to set TLS profiles.

      Gateway config

    4. In the API Invocation Endpoint section, enter the URL of the gateway address and port assigned to accept API requests from clients in the API Endpoint Base field.
    5. Do not change the defaults in the Server Name Indication (SNI) fields unless your topology requires different values.
    6. Optionally enter a hex value in the OAuth Shared Secret field. This must be a 64-bit hex value that begins with "0x". Providing a shared secret value here enables gateways in a cluster to read the OAuth tokens generated by any member of the cluster using the same secret.
    7. Click Save.
    Configure gateway service

Register an Event Gateway Service

Take the following steps to register an event gateway service.
  1. Click the Configure Topology tile.

    CMC Home page

  2. Click Register Service.

    Topology page

  3. Click Event Gateway Service.
  4. Take the following steps.
    1. Enter event_gateway_service in the Title field.
    2. In the Management endpoint on the gateway service field, enter the URL of the event gateway management endpoint.

      To retrieve the URL, complete the following steps:

      1. Log in to your Kubernetes cluster as a cluster administrator by setting your kubectl context.
      2. Set the context to the namespace where your Event Endpoint Management instance is installed:
        kubectl config set-context --current --namespace=<namespace>
      3. List the ingress resources and locate the API Connect ingress for your instance; unless overridden, the name ends in -apic:
         kubectl get ingress
      4. Copy the URL for the ingress resource from the Host column.
    3. In the API endpoint base field, enter the URL and port of the event gateway client endpoint.

      To retrieve the URL and port, complete the following steps:

      1. Log in to your Kubernetes cluster as a cluster administrator by setting your kubectl context.
      2. Set the context to the namespace where your Event Endpoint Management instance is installed:
        kubectl config set-context --current --namespace=<namespace>
      3. List the ingress resources and locate the API Connect ingress for your instance; unless overridden, the name ends in -ibm-egw-rt:
         kubectl get ingress
      4. Copy the URL for the ingress resource from the Host column and append the port :443.
    4. Leave the remaining values as given to set TLS profiles.
    5. Do not change the defaults in the Server Name Indication (SNI) fields. unless your topology requires different values.
    6. Click Save.

Register a Portal Service

Take the following steps to register a portal service.
  1. Click Register Service.
  2. Click Portal.
  3. Take the following steps.
    1. Enter portal_service in the Title field.
    2. In the Management Endpoint section, enter the URL of the portal address and port assigned to communicate with the management server in the Endpoint field.
    3. Enter the URL of the portal address and port assigned to accept requests from clients in the Portal Website URL field.
    4. Use the reconfigured profile in the TLS Client Profile field.
    5. Click Save.
    Configure portal service

Register an Analytics Service

Take the following steps to register an analytics service.
  1. Click Register Service
  2. Click Analytics.
  3. Take the following steps.
    1. Enter analytics_service in the Title field.
    2. In the Management Endpoint section, enter the URL of the analytics server address and port assigned to accept requests from clients in the Endpoint field.
    3. Select Analytics ingestion TLS client profile in the TLS Client Profile field.
    4. Click Save.
    Configure analytics service
  4. Click Associate Analytics Service corresponding to the gateway service listing. Associate analytics service
  5. Select analytics_service. Click Associate.

    Associate analytics service

Configure a Default DataPower Gateway Service

Take the following steps to configure a default DataPower gateway service for every catalog in the cloud.
  1. Click Settings icon Settings icon .
  2. Click Catalog Defaults.

    Catalog settings page

  3. Click Edit.

    Catalog defaults

  4. Select an available gateway service.
  5. Click Save.

    Set gateway

What you did in this tutorial

  • Set new Cloud Manager Console login password
  • Configured a DataPower Gateway Service
  • Configured an Event Gateway Service
  • Configured a Developer Portal Service
  • Configured an Analytics Service
  • Configured a Notifications Email Server
  • Configured a Catalog Default DataPower Gateway Service