Deployment guidelines

Review the following guidelines and requirements before installing IBM® API Connect for GraphQL Software.

Installation requirements

  • Node requirements:
    • A standard node for API Connect for GraphQL requires 2 cores and 8 GB RAM.
    • Minimum three nodes for GraphQL worker nodes.
    • One node each for subscription and introspection services.
  • Request handling: Each GraphQL node supports up to 50 requests per second at peak load.
  • Cluster deployment:
    • Must be deployed in a Kubernetes cluster.
    • Avoid single-node clusters; follow Kubernetes vendor recommendations.
  • Database:
    • Postgres is used as a configuration database.
    • Customers must select database size based on recovery and backup objectives.
  • Supported platforms: Red Hat OpenShift Container Platform (OCP) 4.16, or Kubernetes v1.29.
  • Cert-manager must be installed on the cluster, or (for OpenShift only) you must configure TLS support.
  • You need an IBM entitlement key for accessing IBM Container Software Library.
  • A running PostgreSQL DB (version 15 or newer) must be accessible from the cluster.
  • If you deploy the on-premises Introspection service, install it on the same cluster, and in the same stepzen namespace, where you install API Connect for GraphQL.

User accounts

  • API Connect for GraphQL deploys with a default user account called graphql; the cluster administrator can add more user accounts. You can choose to have users share a small number of accounts, or create an account for each user. If you want to create multiple accounts, note the following considerations:
    • Accounts must be added individually by running a script from the command line.
    • Each user account's API endpoint URL starts with the account name. If you want to add multiple accounts, either set up a wildcard route/ingress for your domain or define route/ingress mappings for each account.
  • Instead of a password, each user account is assigned two keys:
    • Admin key: Grants access to upload, modify, configure, and deploy APIs. Users log in with the account name and the associated admin key.
    • API key: Grants access to consume GraphQL APIs and query the endpoints. The API key must be specified in the authorization header when calling an API.