Install a Gateway Node

Install gateway nodes wherever you want, and then register them with a logical gateway on the Oracle API Platform Cloud Service Management Portal.

Prerequisites:

Ensure your machine meets the minimum requirements. See System Requirements for On-Premises Gateway Installation.
Download the gateway node installer to the machine you want to install a node on. See Download the Gateway Node Installer.
Ensure your JAVA_HOME environment variable is set to a supported JDK.
Ensure you have created Gateway Manager and Gateway Runtime users in your identity domain and assigned them appropriate roles. You will need to provide credentials for these users when you install a gateway node. See Add Users with the Infrastructure Classic Console and Assign a Role to a User or Group in the Infrastructure Classic Console.

To install a gateway node:

After extracting the gateway node installer, edit the gateway-props.json file with properties describing your API Platform Cloud Service instance and your gateway node. You must supply the following properties:
- nodeInstallDir
- logicalGateway
- gatewayNodeName
- managementServiceUrl
- listenIpAddress
- publishAddress
- idcsUrl
- requestScope
If you want to register the gateway node to a logical gateway that already exists on the management tier, the logicalGatewayId property is also required. This property is not required if you are creating a new logical gateway (running the create-join action or an action that contains it). In these cases the value of the logicalGatewayId property is determined when the action is run.

The following properties are not mandatory to install a gateway node, but may be required depending on your environment:
- managementServiceConnectionProxy : required if the gateway node needs a proxy to connect to the management service, as defined in the managementServiceUrl property.
- nodeProxy: required if the gateway node needs a proxy to pass client requests to backend services. You can also provide a value for this property in the Management Portal UI. See Configure a Proxy for a Gateway Node.
- gatewayExecutionMode: value of Production is required to enable SSL hostname verification and certificate verification. If this property is not provided, it defaults to a value of Development and SSL hostname verification and certificate verification are disabled.
Tip:

To add a property after you have installed a gateway, update gateway-props.json File and run an installer action that applies to that property. If you add a property that relates to the configure action (the runtime), you must first stop the node, run the configure action, and then start the node.

Remove any properties that you don’t need and add any others your runtime environment requires. See gateway-props.json File.
Perform one of the following installer action sequences:
- If you want to register the node to an existing logical gateway, run the install-configure-start-join installer action. This installs the gateway node, configures the domain, starts the node domain’s servers, and registers the node to the gateway you specify.
  
  Note:
  
  Before running this action, you must also configure the logicalGatewayId property in the gateway-props.json file.
  
  Sample Linux command: ./APIGateway -f gateway-props.json -a install-configure-start-join
  
  Sample Windows command: python2.7.10 APIGateway.py -f gateway-props.json -a install-configure-start-join
  
  When you run this action, you are prompted for the following user credentials:
  - weblogic user: the WebLogic administrator user of the gateway node. This user is created when you run this action. The user is stored in the gateway domain’s local LDAP. When running other actions on this node, you must supply these credentials.
  - gateway manager user: the gateway manager user that is responsible for managing this gateway. You must provide the user’s name, password, client ID, and client secret. This user must already exist in the identity domain for your instance and must be assigned the Administrator or Gateway Manager role. This user is issued the Manage Gateway grant when the gateway is created. See Find Your Client ID and Client Secret.
  - gateway runtime user: the gateway runtime user that is used to download configuration from and upload statistics to the gateway. You must provide the user’s name, password, client ID, and client secret. This user must already exist in the identity domain for your instance and must be assigned the Gateway Runtime role. This user is issued the Node Service Account grant when the gateway is created. See Find Your Client ID and Client Secret.
- If you want to create a new logical gateway and register the node to it, run the install-configure-start-create-join installer action. This installs the gateway node, configures the domain, starts the node domain’s servers, creates a logical gateway, and registers the node to that gateway.
  
  Sample Linux command: ./APIGateway -f gateway-props.json -a install-configure-start-create-join
  
  Sample Windows command: python2.7.10 APIGateway.py -f gateway-props.json -a install-configure-start-create-join
  
  When you run this action, you are prompted for the following user credentials:
  - weblogic user: the WebLogic administrator user of the gateway node. This user is created when you run this action. The user is stored in the gateway domain’s local LDAP. When running other actions on this node, you must supply these credentials.
  - gateway manager user: the gateway manager user that is responsible for managing this gateway. You must provide the user’s name, password, client ID, and client secret. This user must already exist in the identity domain for your instance and must be assigned the Administrator or Gateway Manager role. This user is issued the Manage Gateway grant when the gateway is created.
  - gateway runtime user: the gateway runtime user that is used to download configuration from and upload statistics to the gateway. You must provide the user’s name, password, client ID, and client secret. This user must already exist in the identity domain for your instance and must be assigned the Gateway Runtime role. This user is issued the Node Service Account grant when the gateway is created.
- Run the following installer actions individually in sequence:
  - install
  - configure
  - start
  - creategateway (required only if you want to create a new logical gateway on the Management Portal)
  - join
    
    Note:
    
    Before running this action, you must also configure the logicalGatewayId property in the gateway-props.json file.
  When you run this these, you are prompted for the following user credentials:
  - weblogic user: the WebLogic administrator user of the gateway node. This user is created when you run this action. The user is stored in the gateway domain’s local LDAP. When running other actions on this node, you must supply these credentials.
  - gateway manager user: the gateway manager user that is responsible for managing this gateway. You must provide the user’s name, password, client ID, and client secret. This user must already exist in the identity domain for your instance and must be assigned the Administrator or Gateway Manager role. This user is issued the Manage Gateway grant when the gateway is created.
  - gateway runtime user: the gateway runtime user that is used to download configuration from and upload statistics to the gateway. You must provide the user’s name, password, client ID, and client secret. This user must already exist in the identity domain for your instance and must be assigned the Gateway Runtime role. This user is issued the Node Service Account grant when the gateway is created.

You can view the log files for the installer actions here:

<nodeInstallDir>/logs: contains log files for the installer actions
<nodeInstallDir>/GATEWAY_HOME/logs/wlst_<timestamp>.log: contains WLST log files for the configure action

Where <nodeInstallDir> is the directory you installed the gateway into, specified by the nodeInstallDir property.

After the actions complete, approve the node’s registration to the logical gateway. See Approve a Gateway Node Registration.

Prerequisites to Install a Gateway Node

Make sure that the machine on which you are going to install a gateway node meets requirements.

Ensure your machine meets the minimum requirements. See System Requirements for On-Premises Gateway Installation.
More than 10GB should be allocated for tmp files.
The tmp directory should not be set up with noexec, nosuid, and nodev.
Download the gateway node installer to the machine you want to install a node on. See Download the Gateway Node Installer.
Ensure your JAVA_HOME environment variable is set to a supported JDK.
Set JAVA_HOME to root and exclude the bin folder. For example, if the JAVA_HOME to be used is /usr/java/ and the java binary is in /usr/java/bin, set JAVA_HOME environment variable to /usr/java.
Ensure you have created Gateway Manager and Gateway Runtime users in your identity domain and assigned them appropriate roles. You will need to provide credentials for these users when you install a gateway node. See Add Users with the Infrastructure Classic Console.

Note:

Installing more than one node on a single machine is not supported. Install any additional nodes on separate machines.

Note:

Gateway nodes should not be installed on the same server as the management tier.

Install the First Gateway Node for a Logical Gateway

You can generate the gateway node settings file gateway-props.json and install a gateway node to an existing logical gateway from the Management Portal.

Check that your machine meets requirements. See Prerequisites to Install a Gateway Node.

To install a gateway node to an existing logical gateway:

Click Gateways in the navigation menu sidebar. If the navigation menu sidebar is hidden, click Show/Hide Navigation Menu to show it. If the navigation menu is collapsed, click Expand Sidebar.
From the :Gateways list page, click the gateway in which you want to install the gateway node.
Click the (Nodes) tab.
Configure the node properties file gateway-props.json.
1. Click Open Installation Wizard to start configuring values for the gateway-props.json properties file.
  The first screen is displayed with information about your gateway.
2. Click next > to continue.
3. In the Step 2: Node Properties Configuration screen, complete required parameters marked with an asterisk (*). Complete optional parameters according to your environment. For a detailed description of all parameters, see gateway-props.json File.
  Required fields:
  - Gateway Node Name
  - Listen IP Address
  - Publish Address
  - Node Installation Directory
4. In the Step 3: Optional Additional Configuration screen, complete any additional parameters that you would like to customize. For a detailed description of parameters, see gateway-props.json File.
5. In the Step 4: Download Properties File screen, click Download File to download the file to the directory in which you extracted the Gateway Node Installer package.
Register the node to the logical gateway by running the install-configure-start-join installer action.
This installs the gateway node, configures the domain, starts the node domain’s servers, and registers the node to the gateway.
Sample Linux command:
```
./APIGateway -f gateway-props.json -a install-configure-start-join
```
When you run this action, you are prompted for the following user credentials:
- weblogic user: the WebLogic administrator user of the gateway node. This user is created when you run this action. The user is stored in the gateway domain’s local LDAP. When running other actions on this node, you must supply these credentials.
- gateway manager user: the gateway manager user that is responsible for managing this gateway. You must provide the user’s name and password. This user must already exist and must be assigned the Administrator or Gateway Manager role. This user is issued the Manage Gateway grant when the gateway is created.
- gateway runtime user: the gateway runtime user that is used to download configuration from and upload statistics to the gateway. You must provide the user’s name and password. This user must already exist and must be assigned the Gateway Runtime role. This user is issued the Node Service Account grant when the gateway is created.

You can view the log files for the installer actions here:

<nodeInstallDir>/logs: contains log files for the installer actions
<nodeInstallDir>/GATEWAY_HOME/logs/wlst_<timestamp>.log: contains WLST log files for the configure action

Where <nodeInstallDir> is the directory you installed the gateway into, specified by the nodeInstallDir property.

After the node is installed, approve the node’s registration to the logical gateway. See Approve a Gateway Node Registration.

Install Additional Gateway Nodes for a Logical Gateway

When you installed the first gateway node in the logical gateway, you generated the gateway node settings file gateway-props.json and downloaded the file to the directory in which you extracted the Gateway Node Installer package. Use the same gateway-props.json file to install additional gateway nodes.

Prerequisites

Check that the node that you want to add to the logical gateway meets requirements. See Prerequisites to Install a Gateway Node
Install the first gateway node in your logical gateway. See Install the First Gateway Node for a Logical Gateway

To install additional gateway nodes in an existing logical gateway:

Register the node to the logical gateway by running the install-configure-start-join installer action and specifying the same gateway-props.json file that you used to install the first gateway node in the logical gateway.

This installs the gateway node, configures the domain, starts the node domain’s servers, and registers the node to the gateway.
Sample Linux command:
```
./APIGateway -f gateway-props.json -a install-configure-start-join
```
When you run this action, you are prompted for the following user credentials:
- weblogic user: the WebLogic administrator user of the gateway node. This user is created when you run this action. The user is stored in the gateway domain’s local LDAP. When running other actions on this node, you must supply these credentials.
- gateway manager user: the gateway manager user that is responsible for managing this gateway. You must provide the user’s name and password. This user must already exist and must be assigned the Administrator or Gateway Manager role. This user is issued the Manage Gateway grant when the gateway is created.
- gateway runtime user: the gateway runtime user that is used to download configuration from and upload statistics to the gateway. You must provide the user’s name and password. This user must already exist and must be assigned the Gateway Runtime role. This user is issued the Node Service Account grant when the gateway is created.

You can view the log files for the installer actions here:

<nodeInstallDir>/logs: contains log files for the installer actions
<nodeInstallDir>/GATEWAY_HOME/logs/wlst_<timestamp>.log: contains WLST log files for the configure action

Where <nodeInstallDir> is the directory you installed the gateway into, specified by the nodeInstallDir property.

After the node is installed, approve the node’s registration to the logical gateway. See Approve a Gateway Node Registration.

Create a New Logical Gateway while Installing a Gateway Node

If you do not have a logical gateway created, you can install a gateway node and create a logical gateway at the same time.

Check that your machine meets requirements. See Prerequisites to Install a Gateway Node.

To create a new logical gateway and install a gateway node at the same time:

In the directory in which you extracted the Gateway Node Installer package, edit the gateway-props.json file with properties describing your API Platform Cloud Service instance and your gateway node.
You must supply the following properties:
- nodeInstallDir
- logicalGateway
- gatewayNodeName
- managementServiceURL
- listenIpAddress
- publishAddress
The following properties are not mandatory to install a gateway node, but may be required depending on your environment:
- managementServiceConnectionProxy: required if the gateway node needs a proxy to connect to the management service, as defined in the managementServerHost or managementServerPort properties.
- nodeProxy: required if the gateway node needs a proxy to pass client requests to backend services. You can also provide a value for this property in the Management Portal UI. See Configure a Proxy for a Gateway Node.
- gatewayExecutionMode: value of Production is required to enable SSL host name verification and certificate verification. If this property is not provided, it defaults to a value of Development and SSL host name verification and certificate verification are disabled.
Remove any properties that you don’t need and add any others your runtime environment requires. See gateway-props.json File.
Install the gateway node and create a logical gateway at the same time by running the install-configure-start-create-join installer action.

This installs the gateway node, configures the domain, starts the node domain’s servers, creates a logical gateway, and registers the node to that gateway.
Sample Linux command:
```
./APIGateway -f gateway-props.json -a install-configure-start-create-join
```
When you run this action, you are prompted for the following user credentials:
- weblogic user: the WebLogic administrator user of the gateway node. This user is created when you run this action. The user is stored in the gateway domain’s local LDAP. When running other actions on this node, you must supply these credentials.
- gateway manager user: the Gateway Manager user that is responsible for managing this gateway. You must provide the user’s name and password. This user must already exist on the Management Portal. This user is issued the Manage Gateway grant when the gateway is created.
- gateway runtime user: the Gateway Runtime user that is used to download configuration from and upload statistics to the gateway. You must provide the user’s name and password. This user must already exist on the Management Portal. This user is issued the Node Service Account grant when the gateway is created.

You can view the log files for the installer actions here:

<nodeInstallDir>/logs: contains log files for the installer actions
<nodeInstallDir>/GATEWAY_HOME/logs/wlst_<timestamp>.log: contains WLST log files for the configure action

Where <nodeInstallDir> is the directory you installed the gateway into, specified by the nodeInstallDir property.

After the node is installed, approve the node’s registration to the logical gateway. See Approve a Gateway Node Registration.

gateway-props.json File

The gateway installer zip includes a gateway-props.json file. Gateway installer actions use the values defined in this file. Edit the file to provide the values required for the installer actions you want to run.

Note:

The sample gateway-props.json file contains properties you may not need. Remove properties you don’t need and their placeholder values. If the properties are still present in the file with placeholder values you may experience issues running actions.

See Gateway Node Installer Actions.

gateway-props.json Values

Property	Display Name in Wizard	Description	Example	Mandatory/Optional
gatewayMServerPort	Managed Server Port	The HTTP Managed Server port of the gateway node. Provide this property when a port on the machine you are installing the node on to conflicts with the default value of `8011`.	`8011`	Optional
gatewayAdminServerPort	Administration Server Port	The HTTP Administration Server port of the gateway node. Provide this property when a port on the machine you are installing the node on to conflicts with the default value of `8001`.	`8001`	Optional
nodeInstallDir	Node Installation Directory	The directory where the gateway is installed or will be installed. Note: This directory must be different than the directory you unzipped the gateway installer into.	`/path/to/install`	Mandatory for all actions
prevInstallCleanupAction	-	This property indicates what should be done with a previous installation that may exist in the directory referred by `gatewayInstallDir` when any of the `install` actions are run. The currently supported options are `clean` (remove the contents of the `nodeInstallDir` before installing the gateway in that directory) and `archive` (move the contents of the `nodeInstallDir` to the location specified by the `installationArchiveLocation` property before installing the gateway). The default option is `clean`.	`clean`	Optional This property applies for only the following actions: `install` `install-configure` `install-configure-start-create-join` `install-configure-start-join` This property is not applicable for other actions.
installationArchiveLocation	Installation Archive Location	The directory where the archive of the current installation will be stored before a fresh install is initiated, or when the `archive` action is run. Note: This directory must be different than the directory you unzipped the gateway installer into.	`/path/to/archiveLocation`	Mandatory only if the `archive` option is specified in the `prevInstallCleanupAction` property. This property applies for only the following actions: `install` `install-configure` `install-configure-start-create-join` `install-configure-start-join` This property is not applicable for other actions.
logicalGateway	-	The name of the logical gateway created on the management service when running `create` actions.	`Production Gateway`	Mandatory for the following actions: `create-join` `creategateway` `install-configure-start-create-join` This property is not applicable for other actions.
logicalGatewayId	Logical Gateway Id	The ID of the logical gateway the node registers to. This property must be supplied when registering to a logical gateway that already exists in the management tier.	`101`	Mandatory for the following actions: `join` `install-configure-start-join` This property is not applicable for other actions.
gatewayNodeName	Gateway Node Name	The name of the node gateway domain.	`gateway1`	Mandatory for the following actions: `create-join` `install-configure-start-create-join` `install-configure-start-join` `join` This property is not applicable for other actions.
gatewayAdminServerSSLPort	Administration Server SSL Port	The HTTPS Administration Server port of the gateway node. Provide this property when a port on the machine you are installing the node on to conflicts with the default value of `9027`.	`9027`	Optional
gatewayMServerSSLPort	Managed Server SSL Port	The HTTPS Managed Server port of the gateway node. Provide this property when a port on the machine you are installing the node on to conflicts with the default value of `9029`.	`9029`	Optional
managementServiceUrl Note: this property replaces the `managementServerHost` and `managementServerPort` properties from earlier releases.	Management Service URL	The URL of the management service instance you’re registering the node to, in the following format: `https://<hostname or IP>:<port>`. If you have configured a hostname for API Platform Cloud Service, you should always use the hostname for this property. Note: To specify an HTTPS connection to the management service, you must prefix this property with `https` and use port `443`. This should always be the case for provisioned service instances.	`https://example.com:443`	Mandatory for the following actions: `create-join` `creategateway` `install-configure-start-create-join` `install-configure-start-join` `join` `lockdown` `reset` `unregister` `updatecredentials` `updateoauthprofile` While not required to run the action, this property is used by the `status` action to determine the status of the connection to the management service. This property is not applicable for other actions.
oauthProfileLocation	OAuth 2.0 Profile Location	This property refers to the local OAuth profile name used in context with the `updateoauthprofile` action.	`/path/to/OAuth2TokenLocalEnforcerConfig.xml`	Mandatory for the `updateoauthprofile` action. This property is not applicable for other actions.
listenIpAddress	Listen IP Address	The internal IP used for configuration of the gateway node domain. The value of this property should be a private IP address of the machine the node is installed to; this IP corresponds to the ethernet interface (eth0, eth1, etc.) over which client requests are received. Setting this property to `localhost`, `127.0.0.1`, or loopback IPs are not correct and may result in errors.	`192.0.2.0`	Mandatory for the following actions: `configure` `install` `install-configure` `install-configure-start-create-join` `install-configure-start-join` `lockdown` This property is not applicable for other actions.
publishAddress	Publish Address	The public IP address/hostname that is displayed in the management service for the node's URL. The node URLs in the UI are set to this address (suffixed by appropriate ports).	`gateway1.example.com`	Mandatory for the following actions: `configure` `install` `install-configure` `install-configure-start-create-join` `install-configure-start-join` `lockdown` This property is not applicable for other actions.
managementServiceConnectionProxy	Management Service Connection Proxy	A JSON array defining the HTTP/HTTPS proxies used by the gateway controller to pull down updates and deployments, provide acknowledgements, and send analytcs data. Note: HTTP or HTTPS in a proxy’s URL refers to the URL the proxy uses; this doesn’t necessarily indicate if a proxy is secured or not secured by SSL. If you don’t need to use a proxy to reach the management service, make sure you: remove this line from the properties file, or set this property’s value to an empty JSON array (like `[]`).	`[“http://proxy.example.com:80”,”https://proxy.example.com:443”]`	Optional Note: this property is required at runtime if the gateway node needs a proxy to connect to the management service, as defined in the `managementServiceUrl` property.
nodeProxy	Gateway Node Proxy	A JSON array defining the HTTP/HTTPS proxies used for outbound backend service calls. Note: HTTP or HTTPS in a proxy’s URL refers to the URL the proxy uses; this doesn’t necessarily indicate if a proxy is secured or not secured by SSL. If you don’t need to use a proxy to reach your backend services, make sure you: remove this line from the properties file, or set this property’s value to an empty JSON array (like `[]`). You can also provide a value for this property in the Management Portal UI. See Configure a Proxy for a Gateway Node.	`[“http://proxy.example.com:80”,”https://proxy.example.com:443”]`	Optional Note: this property is required at runtime if the gateway node needs a proxy to pass client requests to backend services.
coherencePort	Coherence Port	The Coherence port the gateway node domain uses. Provide this property when a port on the machine you are installing the node on to conflicts with the default value of `8088`.	`8088`	Optional
gatewayDBPort	Gateway Database Port	The Java DB port used by the gateway. Provide this property when a port on the machine you are installing the node on to conflicts with the default value of `1527`.	`1527`	Optional
dbHostName	-	The hostname by which the Java DB installed with the gateway is accessible. When the installer is run, this property is updated to use the value provided for the `listenIpAddress` property. Note: The only instance in which you should provide a value for this property is if the value of the `listenIpAddress` property has changed or the proper value was not provided when the installer was run initially.	`192.0.2.0`	Optional
nodeManagerPort	Node Manager Port	The node manager listen port. Provide this property when a port on the machine you are installing the node on to conflicts with the default value of `5556`.	`5556`	Optional
heapSizeGb	Heap Size (Gb)	The memory size (in GB) to be used for admin and managed servers. This value must be an integer. The default value is `2`.	`2`	Optional
maximumHeapSizeGb	Maximum Heap Size (Gb)	Maximum memory size (in GB) allowed that can be used for admin and managed servers. This value must be an integer. The default value is `4`.	`4`	Optional
gatewayExecutionMode	Gateway Execution Mode	Specifies the execution mode of the gateway node. Supported values are `Development` (default) and `Production`. When this property is set to `Development`, SSL hostname verification and certificate validation are turned off. These are enabled when this property is set to `Production`. If set to Production mode, ensure that the OTD public certificate is CA signed. See Obtaining a CA-Signed Certificate and Installing a Certificate in Oracle Traffic Director Administrator's Guide to import the certificate chain. In addition, ensure that the intermediate and root certificate of the CA-signed certificate installed on OTD is trusted by the trust store configured on the gateway. It is also recommended that the gateway should be configured with custom identity and custom trust or custom identity and Java standard trust. See Configure Keystores for WebLogic Server.	`Development` or `Production`	Optional
opatchesFolder	-	Specifies the location that contains patches you want to apply to the gateway node.	`/path/to/patches/folder`	Mandatory for the `applyPatches` action. This property is not applicable for other actions.

Example 3-1 Sample gateway-props.json File

{
   "nodeInstallDir" : "/path/to/install",
   "logicalGateway"       : "gateway1",
   "gatewayNodeName"   : "testGatewayNode",
   "managementServiceUrl"    : "https://example.com:443",
   "oauthProfileLocation"    : "/path/to/OAuth2TokenLocalEnforcerConfig.xml"
   "listenIpAddress"              : "192.0.2.0",
   "publishAddress"      :  "gateway1.example.com",
   "managementServiceConnectionProxy" : ["http://proxy.example.com:80”,”https://proxy.example.com:443"],
   "nodeProxy"      : , "[http://proxy.example.com:80”,”https://proxy.example.com:443]"
   "gatewayExecutionMode": "Development",
}

Gateway Node Installer Actions

The gateway node installer supports multiple actions that you can perform on a gateway node.

Each action is executed by running the APIGateway gateway node installer and passing the action name in the -a or --action property. When executing an action, its mandatory and optional properties can be passed by adding them to the gateway-props.json File, passed with the -f or --file property, or passing them as key-value pairs using the --keyvalue or -kv properties (separate each pair with a space, like –kv nodeInstallDir=<value> logicalGateway=<value>).

Actions containing multiple hyphen-separated actions, like install-configure-start-create-join, perform all listed actions in sequence. Required properties for all actions must be provided by either including them in the gateway-props.json File passed with the -f or --file property, or passing them as key-value pairs.

Tip:

Run this command to view a full list of installer actions and options: ./APIGateway -h

Topics

applypatches

Patches an installed gateway node.

When you run this action, you are prompted for the weblogic user credentials. These credentials belong to the WebLogic administrator user of the gateway node. These credentials are created when you run any of the install actions.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir
opatchesFolder

Example 3-2 Example patch Action

./APIGateway -f gateway-props.json -a applypatches

configure

Configures a gateway node domain.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir
listenIpAddress
publishAddress

Optional Properties

This action also supports these optional properties:

heapSizeGb
maximumHeapSizeGb

Example 3-3 Example configure Action

./APIGateway -f gateway-props.json -a configure

create-join

Creates a new logical gateway with the management service and registers the gateway node to it.

When you run this action, you are prompted for the following user credentials:

weblogic user: the WebLogic administrator user of the gateway node. These credentials are created when you run any of the install actions.
gateway manager user: the Gateway Manager user that is responsible for managing this gateway. You must provide the user’s name and password. This user must already exist on the Management Portal. This user is issued the Manage Gateway grant when the gateway is created.
gateway runtime user: the Gateway Runtime user that is used to download configuration from and upload statistics to the gateway. You must provide the user’s name and password. This user must already exist on the Management Portal. This user is issued the Node Service Account grant when the gateway is created.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir
logicalGateway
gatewayNodeName
managementServerHost
managementServerPort

Optional Properties

The following properties are not mandatory to run this action, but may be required (if you have not already defined them) depending on your environment:

managementServiceConnectionProxy: required if the gateway node needs a proxy to connect to the management service, as defined in the managementServerHost or managementServerPort.
nodeProxy: required if the gateway node needs a proxy to pass client requests to backend services. You can also provide a value for this property in the Management Portal UI. See Configure a Proxy for a Gateway Node.

Example 3-4 Example create-join Action

./APIGateway -f gateway-props.json -a create-join

creategateway

Creates a new logical gateway with the management service.

When you run this action, you are prompted for the following user credentials:

weblogic user: the WebLogic administrator user of the gateway node. These credentials are created when you run any of the install actions.
gateway manager user: the Gateway Manager user that is responsible for managing this gateway. You must provide the user’s name and password. This user must already exist on the Management Portal. This user is issued the Manage Gateway grant when the gateway is created.
gateway runtime user: the Gateway Runtime user that is used to download configuration from and upload statistics to the gateway. You must provide the user’s name and password. This user must already exist on the Management Portal. This user is issued the Node Service Account grant when the gateway is created.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir
logicalGateway
gatewayNodeName
managementServerHost
managementServerPort

Optional Properties

The following properties are not mandatory to run this action, but may be required (if you have not already defined them) depending on your environment:

managementServiceConnectionProxy: required if the gateway node needs a proxy to connect to the management service, as defined in the managementServerHost or managementServerPort properties.

Example 3-5 Example creategateway Action

./APIGateway -f gateway-props.json -a creategateway

destroyNode

Unregisters the gateway node (which undeploys all APIs, applications, policies, and artifacts) and undeploys the gateway controller.

When you run this action, you are prompted for the following user credentials:

weblogic user: the WebLogic administrator user of the gateway node. These credentials are created when you run any of the install actions.
gateway manager user: the Gateway Manager user that is responsible for managing this gateway. You must provide the user’s name and password. This user must already exist on the Management Portal. This user must be issued the Manage Gateway grant for the logical gateway the node is registered to.

The authentication type is OAuth, so you will also be prompted for the following credentials:

client ID: The gateway manager client ID.
client secret: The gateway manager client secret.

Note:

To restore the node after running this action:

Run the stop action to stop the node’s servers
Run the configure, start, and join actions in sequence to configure the node domain, start its servers, and then reregister it to a logical gateway on the management tier.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir

Example 3-6 Example destroyNode Action

./APIGateway -f gateway-props.json -a destroyNode

install

Installs a gateway node domain. You must also run the configure action to configure the domain and the start action to start the servers. Then you can either create and join a new logical gateway using the create-join action, or join an existing logical gateway.

When you run this action, you are prompted for the weblogic user credentials. These credentials belong to the WebLogic administrator user of the gateway node. This user is created when you run this action. The user is stored in the gateway domain’s local LDAP. When running other actions on this node, you must supply these credentials.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir
listenIpAddress
publishAddress

Example 3-7 Example install Action

./APIGateway -f gateway-props.json -a install

install-configure

Installs a gateway node and configures the domain.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir
listenIpAddress
publishAddress

Optional Properties

This action also supports these optional properties:

heapSizeGb
maximumHeapSizeGb

Example 3-8 Example install-configure Action

./APIGateway -f gateway-props.json -a install-configure

install-configure-start-create-join

Installs and configures a gateway node domain, starts the domain’s admin and managed server(s), creates a new logical gateway with the management service, and registers the node to it.

When you run this action, you are prompted for the following user credentials:

weblogic user: the WebLogic administrator user of the gateway node. This user is created when you run this action. The user is stored in the gateway domain’s local LDAP. When running other actions on this node, you must supply these credentials.
gateway manager user: the Gateway Manager user that is responsible for managing this gateway. This user must already exist on the Management Portal. This user is issued the Manage Gateway grant when the gateway is created.
gateway runtime user: the Gateway Runtime user that is used to download configuration from and upload statistics to the gateway. This user must already exist on the Management Portal. This user is issued the Node Service Account grant when the gateway is created.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir
logicalGateway
gatewayNodeName
managementServerHost
managementServerPort
listenIpAddress
publishAddress

Optional Properties

The following properties are not mandatory to run this action, but may be required (if you have not already defined them) depending on your environment:

managementServiceConnectionProxy: required if the gateway node needs a proxy to connect to the management service, as defined in the managementServerHost or managementServerPort properties.
nodeProxy: required if the gateway node needs a proxy to pass client requests to backend services. You can also provide a value for this property in the Management Portal UI. See Configure a Proxy for a Gateway Node.
gatewayExecutionMode: value of Production is required to enable SSL hostname verification and certificate verification. If this property is not provided, it defaults to a value of Development and SSL hostname verification and certificate verification are disabled.

This action also supports these optional properties:

heapSizeGb
maximumHeapSizeGb

Example 3-9 Example install-configure-start-create-join Action

./APIGateway -f gateway-props.json -a install-configure-start-create-join

./APIGateway -a install-configure-start-create-join –kv nodeInstallDir=<value> logicalGateway=<value> ...

install-configure-start-join

Installs and configures a gateway node domain, starts the domain’s admin and managed server(s), and registers the node to an existing logical gateway with the management service.

When you run this action, you are prompted for the following user credentials:

weblogic user: the WebLogic administrator user of the gateway node. This user is created when you run this action. The user is stored in the gateway domain’s local LDAP. When running other actions on this node, you must supply these credentials.
gateway manager user: the Gateway Manager user that is responsible for managing this gateway. This user must already exist on the Management Portal. This user is issued the Manage Gateway grant when the gateway is created.
gateway runtime user: the Gateway Runtime user that is used to download configuration from and upload statistics to the gateway. This user must already exist on the Management Portal. This user is issued the Node Service Account grant when the gateway is created.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir
logicalGateway
gatewayNodeName
managementServerHost
managementServerPort
listenIpAddress
publishAddress
logicalGatewayId

Optional Properties

The following properties are not mandatory to run this action, but may be required (if you have not already defined them) depending on your environment:

managementServiceConnectionProxy: required if the gateway node needs a proxy to connect to the management service, as defined in the managementServerHost or managementServerPort properties.
nodeProxy: required if the gateway node needs a proxy to pass client requests to backend services. You can also provide a value for this property in the Management Portal UI. See Configure a Proxy for a Gateway Node.
gatewayExecutionMode: value of Production is required to enable SSL hostname verification and certificate verification. If this property is not provided, it defaults to a value of Development and SSL hostname verification and certificate verification are disabled.

This action also supports these optional properties:

heapSizeGb
maximumHeapSizeGb

Example 3-10 Example install-configure-start-join Action

./APIGateway -f gateway-props.json -a install-configure-start-join

join

Registers the gateway node to an existing logical gateway on the management service.

When you run this action, you are prompted for the following user credentials:

weblogic user: the WebLogic administrator user of the gateway node. These credentials are created when you run any of the install actions.
gateway manager user: the Gateway Manager user that is responsible for managing this gateway. You must provide the user’s name and password. This user must already exist on the Management Portal. This user must be issued the Manage Gateway grant for the logical gateway the node is registering to.
gateway runtime user: the Gateway Runtime user that is used to download configuration from and upload statistics to the gateway. This user must already exist on the Management Portal. This user must be issued the Node Service Account grant for the logical gateway the node is registering to.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir
logicalGateway
gatewayNodeName
managementServerHost
managementServerPort
logicalGatewayId

Optional Properties

The following properties are not mandatory to run this action, but may be required (if you have not already defined them) depending on your environment:

managementServiceConnectionProxy: required if the gateway node needs a proxy to connect to the management service, as defined in the managementServerHost or managementServerPort properties.
nodeProxy: required if the gateway node needs a proxy to pass client requests to backend services. You can also provide a value for this property in the Management Portal UI. See Configure a Proxy for a Gateway Node.

Example 3-11 Example join Action

./APIGateway -f gateway-props.json -a join

lockdown

Locks down the gateway node domain. See Gateway Node Lockdown.

username - The Gateway kernel system config user.
password - RuntimeGatewayUser password.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir
managementServerHost
managementServerPort
listenIpAddress
publishAddress

Optional Properties

If you need to use a proxy to reach the URLs defined in the managementServerHost or managementServerPort properties from the gateway node you must also provide values for the managementServiceConnectionProxy and nodeProxy properties.

Example 3-12 Example lockdown Action

./APIGateway -f gateway-props.json -a lockdown

reset

Resets the gateway node by fetching and redeploying all entities, like APIs, applications, policies, artifacts, and configurations deployed to the gateway node.

When you run this action, you are prompted for the following user credentials:

weblogic user: the WebLogic administrator user of the gateway node. These credentials are created when you run any of the install actions.
gateway manager user: the Gateway Manager user that is responsible for managing this gateway. You must provide the user’s name and password. This user must already exist on the Management Portal. This user must be issued the Manage Gateway grant for the logical gateway the node is registered to.

The authentication type is OAuth, so you will also be prompted for the following credentials:

client ID: The gateway manager client ID.
client secret: The gateway manager client secret.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir
managementServerHost
managementServerPort

Optional Properties

The following properties are not mandatory to run this action, but may be required (if you have not already defined them) depending on your environment:

managementServiceConnectionProxy: required if the gateway node needs a proxy to connect to the management service, as defined in the managementServerHost or managementServerPort properties.

Example 3-13 Example reset Action

./APIGateway -f gateway-props.json -a reset

start

Starts the gateway node domain’s servers. This action takes several minutes to complete.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir

This action assumes that the install and configure actions (or a compound action that performs all of these actions) have been completed successfully. The start action uses metadata generated from these actions and the nodeInstallDir property to identify the node to start.

Example 3-14 Example start Action

./APIGateway -f gateway-props.json -a start

status

Returns the results of all installer actions performed by a user, the status of the Management Tier and gateway node servers, and details about the gateway node domain environment.

See View Gateway Node Status.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir

While the status action doesn’t require any properties other than nodeInstallDir, it reuses properties that are required to be defined for actions that are run before status. For example, the status action does not require the managementServerHost and managementServerPort properties to run, it uses these to determine the status of the Management Service that a node is registered to.

Example 3-15 Example status Action

./APIGateway -f gateway-props.json -a status

stop

Stops the gateway node domain’s servers. This executes asynchronously; it takes several minutes for the database and the servers to shut down completely.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir

This action assumes that the install, configure, and start actions (or a compound action that performs all of these actions) have been completed successfully. The stop action uses metadata generated from these actions and the nodeInstallDir property to identify the node to stop.

Example 3-16 Example stop Action

./APIGateway -f gateway-props.json -a stop

unregister

Unregisters the gateway node from the specified logical gateway with the management service.

When you run this action, you are prompted for the following user credentials:

weblogic user: the WebLogic administrator user of the gateway node. These credentials are created when you run any of the install actions.
gateway manager user: the Gateway Manager user that is responsible for managing this gateway. You must provide the user’s name and password. This user must already exist on the Management Portal. This user must be issued the Manage Gateway grant for the logical gateway the node is registered to.

The authentication type is OAuth, so you will also be prompted for the following credentials:

client ID: The gateway manager client ID.
client secret: The gateway manager client secret.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir
managementServerHost
managementServerPort
logicalGatewayId

Optional Properties

The following properties are not mandatory to run this action, but may be required (if you have not already defined them) depending on your environment:

managementServiceConnectionProxy: required if the gateway node needs a proxy to connect to the management service, as defined in the managementServerHost or managementServerPort properties.

Example 3-17 Example unregister Action

./APIGateway -f gateway-props.json -a unregister

updatecredentials

Updates the Gateway Runtime user credentials used by the node. The Gateway Runtime user is used communicate with the management tier to poll for updates to the logical gateway node definition and to send analytics data. If the password for the Gateway Runtime user is changed in IDCS, the gateway node will no longer be able to communicate with the management tier correctly. Perform this operation to update the credentials stored in the gateway so the gateway can continue to communicate with the management tier.

When you run this action, you are prompted for the following user credentials:

weblogic user: the WebLogic administrator user of the gateway node. These credentials are created when you run any of the install actions.
gateway manager user: the Gateway Manager user that is responsible for managing this gateway. You must provide the user’s name and password. This user must already exist on the Management Portal. This user must be issued the Manage Gateway grant for the logical gateway the node is registering to.
gateway runtime user: the Gateway Runtime user that is used to download configuration from and upload statistics to the gateway. This user must already exist on the Management Portal. This user must be issued the Node Service Account grant for the logical gateway the node is registering to.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir
managementServerHost
managementServerPort

Optional Properties

The following properties are not mandatory to run this action, but may be required (if you have not already defined them) depending on your environment:

managementServiceConnectionProxy: required if the gateway node needs a proxy to connect to the management service, as defined in the managementServerHost or managementServerPort properties.

Example 3-18 Example updatecredentials Action

./APIGateway -f gateway-props.json -a updatecredentials

updateoauthprofile

Updates the OAuth profile of the gateway node. The action reads the file specified by the oauthProfileLocation property and updates the gateway node OAuth profile accordingly.

When you run this action, you are prompted for the following user credentials:

weblogic user: the WebLogic administrator user of the gateway node. These credentials are created when you run any of the install actions.
gateway manager user: the Gateway Manager user that is responsible for managing this gateway. You must provide the user’s name and password. This user must already exist on the Management Portal. This user must be issued the Manage Gateway grant for the logical gateway the node is registered to.

Required Properties

This action requires that the following properties are defined in gateway-props.json File or passed when the action is run as key/value pairs:

nodeInstallDir
managementServerHost
managementServerPort
oauthProfileLocation

Example 3-19 Example updateoauthprofile Action

./APIGateway -f gateway-props.json -a updateoauthprofile