Question & Answer
Question
How should I configure a "v10" gateway, 10.0.1 or 10.5.0, to have a simple and ideal or typical configuration to prevent possible issues or complications?
Cause
As the api gateway peering has grown, evolved, and generally changed through multiple versions there has been an increase in combinations of configuration options.
Answer
You could review this page in the Knowledge Center: https://www.ibm.com/docs/en/datapower-gateway/10.5.x?topic=gateway-peering#gatewaypeering__sharing
Or you can simply stick with these main points:
Or you can simply stick with these main points:
1- IF you want to ensure primary takeover in the event of a gateway issue to a specific gateway use a unique priority per gateway with lowest value being next in line to take over as primary.
IF you do not care which gateway is going to take over for a peer group then simply use the same priority for all gateway nodes:
IF you do not care which gateway is going to take over for a peer group then simply use the same priority for all gateway nodes:
gateway-peering-group: tendotgroup [up]
---------------------------------------------
admin-state enabled
mode peer
peer-node 10.2.3.249 100
peer-node 10.2.3.250 110
peer-node 10.2.3.251 120
cluster-primary-count 3
cluster-auto-config on
enable-ssl off
2- Use a unique peer group PER peer instance, do not use the same peer group for all peering instances:
gateway-peering-manager: default [up]
--------------------------------
admin-state enabled
apic-gw-service gwd [up]
rate-limit rate [up]
subscription subs [up]
apiprobe probe [up]
ratelimit-module gwsrate [up]
3- IF you are going to have multiple gateways, apic-gw and apigw services in multiple domains, on the same DataPower then you need to look carefully at the port usage. Specifically the Api Connect Gateway (apic-gw) local port:
apic-gw-service: default [up]
------------------------
admin-state enabled
local-address 0.0.0.0
local-port 3007
If you look here:
https://www.ibm.com/docs/en/datapower-gateway/10.5.x?topic=commands-local-port
Specifically:
"Beyond this port, the gateway service uses four additional consecutive ports after the defined port. Therefore, you must ensure that there are no conflicts on all five consecutive ports that start from the defined port."
"Beyond this port, the gateway service uses four additional consecutive ports after the defined port. Therefore, you must ensure that there are no conflicts on all five consecutive ports that start from the defined port."
So you will see ports 3007, 3008, 3009, 3010, and 3011 Listening for the above example
4- Use the Gateway Peering Manager on the Api Connect gateway service, for a v10 gateway do not use the single "gateway-peering" object only in the Api Connect Gateway service:
apic-gw-service: default [up]
------------------------
admin-state enabled
local-address 0.0.0.0
local-port 3007
ssl-client thisclient [up]
ssl-server thissrvr [up]
api-gw-address 0.0.0.0
api-gw-port 9447
gateway-peering default-gateway-peering [down]
gateway-peering-manager default [up]
[{"Type":"MASTER","Line of Business":{"code":"LOB67","label":"IT Automation \u0026 App Modernization"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMNED","label":"IBM API Connect"},"ARM Category":[{"code":"a8m50000000L0rvAAC","label":"API Connect"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"10.0.5"}]
Was this topic helpful?
Document Information
Modified date:
20 May 2024
UID
ibm17118911