Deployment guidelines
Review the following guidelines and requirements before installing IBM® API Connect for GraphQL Software.
Installation requirements
- Node requirements:
- A standard node for API Connect for GraphQL requires 2 cores and 8 GB RAM.
- Minimum three nodes for GraphQL worker nodes.
- One node each for subscription and introspection services.
- Request handling: Each GraphQL node supports up to 50 requests per second at peak load.
- Cluster deployment:
- Must be deployed in a Kubernetes cluster.
- Avoid single-node clusters; follow Kubernetes vendor recommendations.
- Database:
- Postgres is used as a configuration database.
- Customers must select database size based on recovery and backup objectives.
- Supported platforms: Red Hat OpenShift Container Platform (OCP) 4.16, or Kubernetes v1.29.
- Cert-manager must be installed on the cluster, or (for OpenShift only) you must configure TLS support.
- You need an IBM entitlement key for accessing IBM Container Software Library.
- A running PostgreSQL DB (version 15 or newer) must be accessible from the cluster.
- If you deploy the on-premises Introspection service, install it on the same cluster, and in the
same
stepzen
namespace, where you install API Connect for GraphQL.
User accounts
- API Connect for GraphQL deploys with a
default user account called
graphql
; the cluster administrator can add more user accounts. You can choose to have users share a small number of accounts, or create an account for each user. If you want to create multiple accounts, note the following considerations:- Accounts must be added individually by running a script from the command line.
- Each user account's API endpoint URL starts with the account name. If you want to add multiple accounts, either set up a wildcard route/ingress for your domain or define route/ingress mappings for each account.
- Instead of a password, each user account is assigned two keys:
- Admin key: Grants access to upload, modify, configure, and deploy APIs. Users log in with the account name and the associated admin key.
- API key: Grants access to consume GraphQL APIs and query the endpoints. The API key must be specified in the authorization header when calling an API.