X

@OracleIMC Partner Resources & Training: Discover your Modernization options + Reach new potential through Innovation

How to provision a Node API Gateway in the new Oracle Cloud Infrastructure (OCI) - part 2

Alexandru Dinea
Oracle EMEA A&C Cloud Adoption & Implementation Consultant

Welcome back to the second part of this blog mini-series where we will focus on the remaining prerequisites that you must follow to ensure successful installation of the Node API Gateway on the VM from the new Oracle Cloud Infrastructure. Make sure that you completed every prerequisite from part 1 of this miniseries before going through the last prerequisites listed below. Only after you have fulfilled every requirement from these 2 parts you can proceed to part 3 where you will effectively install the Node API Gateway.

 

Prerequisite: Oracle API Platform Cloud Service

 

Provision a new Oracle API Platform Cloud Service Instance

It should come to no surprise that in order to install a Node API Gateway you must first provision on the Oracle Cloud Platform a new instance of Oracle API Platform Cloud Service. This is done by logging into your Oracle Cloud Account and selecting API Platform from the list of cloud services available (after clicking on the “hamburger” option on the top left part).

Here, you will have two options of provisioning a new instance: click on the Create Instance button or on the QuickStarts option available on top of the previously mentioned button. In both options, the only required parameter that you are going to be asked for is the name of the instance (in this case is going to be “DemoAPIPlatformCS”).

 

 

Create Logical Gateway in Oracle API Platform Cloud Service

After the service has been provisioned, it should appear in the list named “Instances”. Click on the hamburger menu on the right side of the screen and select Access API Platform Cloud Service Instance.

This will open API Platform Cloud – Management Portal in a new tab. In this portal, go to “Gateways” by selecting the option on the left part of the screen. Here you will create a Logical Gateway, that is going to be used to manage all of the API Gateway Nodes that you will install depending on your requirements.

In this screen, simply click the Create Gateway blue button and provide a name and an optional description for this Logical Gateway (for this example, I am going to use “Development Gateway” as the name and “Gateway used for Development Environment” as description). Finish by clicking on the Create blue button.

 

Provision the required user roles

The Logical Gateway is created almost instantaneously. Click on the name to view more options for this Gateway. By default, the “Settings” menu should appear. You will need to allocate yourself Administrator and Runtime roles to your user in order to successful install the Node API Gateway later on. Choose the “Grants” option on the immediate left – click on it.

In order to have Administrator and Runtime roles you need to allocate to your user the Manage Gateway and Node service account grants. Because you created the Logical Gateway from your current account, you have already assigned the Manage Gateway grant. Now click on the Node service grant and on the Add Grantee blue button. Go to “Users” and select your user from the list by ticking on the empty box in front of it. Finish by pressing on the Add blue button.

 

Download the Node API Gateway installer

Now, you need to download the “Gateway Installer” that you are going to use in the previously created VM to install the Node API Gateway. Go to “Nodes” option on you immediate left and select it. In the new screen, just click on the Download Gateway Installer gray button on the right part of the screen. The download process should begin immediately. Please be patient as this is a somewhat large zip file. My recommendation is to redownload the installer for each (new) instance of Oracle API Cloud Service.

 

Fill in correctly the gateway properties file

While the downloading process is underway, you need to fill in some details from your VM instance. This is very important because one if its purposes is to be used by the installer to connect to your instance of Oracle API Platform Cloud Service – more specifically the Logical Gateway you just created.

  1. Click Open Installation Wizard button to start configuring values for the gateway-props.json properties file.

The first screen is displayed with information about your gateway.

  1. Click next > to continue.
  2. In the Step 2: Node Properties Configuration screen, complete required parameters marked with an asterisk (*). The other parameters,  

Required fields:

    • Gateway Node Name
      • Leave the default value as it is. In this case, the name is “Development Gateway Node 1”
    • Listen IP Address
      • It’s the value of Private IP Address from the VM you created earlier
        • To get there you have to open the navigation menu. Under Core Infrastructure, go to Compute and click Instances. Choose the “DemoVM” Compartment and click on the name of the VM you created earlier – “APINodeGatewayVM”. Copy the value from Private IP Address.
    • Publish Address
      • It’s the value of Public IP Address from the VM you created earlier
        • To get there you have to open the navigation menu. Under Core Infrastructure, go to Compute and click Instances. Choose the “DemoVM” Compartment and click on the name of the VM you created earlier – “APINodeGatewayVM”. Copy the value from Public IP Address.
    • Node Installation Directory
      • Later on, you will define where the Node API Gateway is going to be installed. For the moment, the value of this parameter is “/home/opc/install”

  1. Step 3: Optional Additional Configuration. Just leave the defaults and click next > to continue.

 

  1. In the Step 4: Download Properties File screen, click Download File to download the file to the directory in which you extracted the Gateway Node Installer package.
  2. Also, in this step, copy the Unix command in a notepad that you will use in the installation phase. Finish by click on the Done! blue button.

For a detailed description of parameters, see gateway-props.json.

 

Obtain the security credentials of the instance

Last but not least, you need the security credentials of your Oracle API Platform Cloud Service instance. You will use them in the installation phase to connect your Node API Gateway on your VM to your instance.

Go to “Platform Settings” on the far left of the screen. You should see a new screen with “General Settings”. Select “Security Settings” on the immediate left. Thick the “Show Client Secret and Scope” option and copy the values of Client ID and Client Secret in a notepad.

 

Prerequisite: Configure the OCI VM

 

Preparation for Node API Gateway installation

@Putty

Using Putty connect via SSH to your VM instance and create your folder structure by running the following commands:

mkdir -p /home/opc/java

mkdir -p /home/opc/install

mkdir -p /home/opc/archive

 

@WinSCP

Using WinSCP connect via SSH to your VM instance and copy the necessary files to the following locations:

  1. Copy the contents of the ApicsGatewayInstaller.zip into the directory /home/opc/archive/
  2. Copy and replace the gateway-props.json file you downloaded from the Oracle API Platform Cloud Service instance into the directory /home/opc/archive

  1. In the /home/opc/archive/ directory, right click on the APIGateway file and select Properties. Thick the boxes in front of the X option – permissions for executable. You will need these permissions to run the Unix command you copied earlier from your instance.

  1. Copy the java file jdk-8u211-linux-x64.rpm into the directory /home/opc/java/

 

Java Installation

Using Putty connect via SSH to your VM instance and install java using the following commands:

  • From the directory where you downloaded the package, run the install:

sudo rpm -ivh jdk-8u211-linux-x64.rpm

The RPM installs the JDK into the /usr/java/ directory.

  • Set your system to use the Oracle JDK:

sudo alternatives --install /usr/bin/java java /usr/java/jdk1.8.0_211/bin/java 200000

  • Use the alternatives command to switch to the Oracle JDK.

sudo alternatives --config jav

Note: If you have trouble, you may need to set JAVA_HOME and PATH in your profile, such as .bash_profile.

The following examples assume that the JDK is in /usr/java and which java shows /usr/bin/java:

export JAVA_HOME=/usr/java/latest && export PATH=$JAVA_HOME/bin:$PATH

  • Make sure your system is using the correct JRE or JDK:

java -version

java version "1.8.0_211"

Java(TM) SE Runtime Environment (build 1.8.0_211-b12)

Java HotSpot(TM) 64-Bit Server VM (build 25.211-b12, mixed mode)

 

Optional Prerequisite: Create a new user only for Oracle API Platform Cloud Service

VERY IMPORTANT!

If you use your current user when you install the Node API Gateway, then this will pose a high risk to your cloud account depending on the polling interval you have configured (polling interval means the period of time the Node API Gateway asks your Oracle API Platform Cloud Service instance for updates – by default it’s 2 minutes). If you ever change your password of your account, you will be forever locked out of your account because the Node API Gateway will input your credentials for updates to your instance at the interval of time you configured (polling).

Our recommendation is to create a new user that you are going to use only for the Node API Gateway installation and NEVER CHANGE ITS PASSWORD.

 

Identity Console

You can create user accounts only if you are granted access to the identity domain administrator or user administrator role in the Administrators page of the Identity Cloud Service console.

  1. In the Identity Cloud Service console, expand the Navigation Drawer, click Users, and then click Add.
  2. In the First Name and Last Name fields of the Add User window, enter the user’s first and last name.
  3. To have the user log in to Oracle Identity Cloud Service with their email address:
    1. Leave the Use the email address as the user name check box selected.
    2. In the User Name / Email field, enter the email address for the user account.

OR

  1. To have the user log in to Oracle Identity Cloud Service with their user name:
    1. Clear the Use the email address as the user name check box.
    2. In the User Name field, enter the user name that the user is to use to log in to the Identity Cloud Service console.
  2. To assign the user account to a group, click Next. Otherwise, click Finish.
  3. In the Add User window, select the check box for each group that you want to assign to the user account. Click Finish.

 

Provision the required user roles

For this new user that you created you need to allocate Administrator and Runtime roles to it in order to successful install the Node API Gateway. Choose the “Grants” option on the immediate left – click on it. So, you need to allocate to your user the Manage Gateway and Node service account grants.

Click on the Manage Gateway grant and on the Add Grantee blue button. Go to “Users” and select your user from the list by ticking on the empty box in front of it. Finish by pressing on the Add blue button.

Click on the Node service grant and on the Add Grantee blue button. Go to “Users” and select your user from the list by ticking on the empty box in front of it. Finish by pressing on the Add blue button.

 

Now go to the last part, part 3, of this blog mini series where I list the steps for the successful installation process and testing of the Node API Gateway on your VM from OCI.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.