Merge pull request #572 from PasanT9/toml-changes-3

Update APIM configurations
wso2 · Mar 16, 2023 · e71921b · e71921b
2 parents bd5e2a5 + f68a717
commit e71921b
Show file tree

Hide file tree

Showing 14 changed files with 387 additions and 360 deletions.
diff --git a/...ttern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml b/...ttern-3/templates/am/control-plane/instance-1/wso2am-pattern-3-am-control-plane-conf.yaml
@@ -34,14 +34,14 @@ data:
     #discard_empty_caches = false
     server_role = "control-plane"
 
+    [user_store]
+    type = "database_unique_id"
+
     [super_admin]
     username = "admin"
     password = "admin"
     create_admin_account = true
 
-    [user_store]
-    type = "database_unique_id"
-
     [database.apim_db]
     type = "{{ .Values.wso2.deployment.am.cp.db.type }}"
     url = "{{ .Values.wso2.deployment.am.cp.db.apim.url }}"
@@ -63,6 +63,11 @@ data:
     alias =  "wso2carbon"
     key_password =  "wso2carbon"
 
+    [truststore]
+    file_name = "client-truststore.jks"
+    type = "JKS"
+    password = "wso2carbon"
+
     #[keystore.primary]
     #file_name =  "wso2carbon.jks"
     #type =  "JKS"
@@ -84,16 +89,55 @@ data:
     display_in_api_console = true
     description = "This is a hybrid gateway that handles both production and sandbox token traffic."
     show_as_token_endpoint_url = true
-    service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}${carbon.context}services/"
+    service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}/services/"
     username= "${admin.username}"
     password= "${admin.password}"
-    ws_endpoint = "ws://localhost:9099"
-    wss_endpoint = "wss://localhost:8099"
+    ws_endpoint = "ws://{{ .Values.wso2.deployment.am.websocket.ingress.hostname }}"
+    wss_endpoint = "wss://{{ .Values.wso2.deployment.am.websocket.ingress.hostname }}"
     http_endpoint = "http://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}"
     https_endpoint = "https://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}"
     websub_event_receiver_http_endpoint = "http://{{ .Values.wso2.deployment.am.websub.ingress.hostname }}"
     websub_event_receiver_https_endpoint = "https://{{ .Values.wso2.deployment.am.websub.ingress.hostname }}"
 
+    [apim.devportal]
+    url = "https://{{ .Values.wso2.deployment.am.cp.ingress.hostname }}/devportal"
+    #enable_application_sharing = false
+    #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl
+    #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api
+    #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl"
+    #display_multiple_versions = false
+    #display_deprecated_apis = false
+    #enable_comments = true
+    #enable_ratings = true
+    #enable_forum = true
+    #enable_anonymous_mode=true
+    #enable_cross_tenant_subscriptions = true
+    #default_reserved_username = "apim_reserved_user"
+
+    [transport.http]
+    properties.port = 9763
+    properties.proxyPort = 80
+
+    [transport.https]
+    properties.port = 9443
+    properties.proxyPort = 443
+
+    [apim.event_hub]
+    enable = true
+    username= "$ref{super_admin.username}"
+    password= "$ref{super_admin.password}"
+    service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/"
+    event_listening_endpoints = ["tcp://localhost:5672"]
+    event_duplicate_url = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:5672"]
+
+    [[apim.event_hub.publish.url_group]]
+    urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"]
+    auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"]
+
+    [[apim.event_hub.publish.url_group]]
+    urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"]
+    auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"]
+    
     #[apim.cache.gateway_token]
     #enable = true
     #expiry_time = "900s"
@@ -139,51 +183,12 @@ data:
     #enable_token_encryption = false
     #enable_token_hashing = false
 
-    [apim.devportal]
-    url = "https://{{ .Values.wso2.deployment.am.cp.ingress.hostname }}/devportal"
-    #enable_application_sharing = false
-    #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl
-    #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api
-    #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl"
-    #display_multiple_versions = false
-    #display_deprecated_apis = false
-    #enable_comments = true
-    #enable_ratings = true
-    #enable_forum = true
-    #enable_anonymous_mode=true
-    #enable_cross_tenant_subscriptions = true
-    #default_reserved_username = "apim_reserved_user"
-
     [apim.cors]
     allow_origins = "*"
     allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"]
     allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"]
     allow_credentials = false
 
-    [apim.throttling]
-    event_duplicate_url = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:5672"]
-    service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/"
-    #enable_data_publishing = true
-    #enable_policy_deploy = true
-    #enable_blacklist_condition = true
-    #enable_persistence = true
-    throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:5672"]
-
-    [[apim.throttling.url_group]]
-    traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"]
-    traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"]
-    type = "loadbalance"
-
-    [[apim.throttling.url_group]]
-    traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"]
-    traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"]
-    type = "loadbalance"
-
-    #[[apim.throttling.url_group]]
-    #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"]
-    #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"]
-    #type = "failover"
-
     #[apim.workflow]
     #enable = false
     #service_url = "https://localhost:9445/bpmn"
@@ -240,23 +245,13 @@ data:
     type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler"
     name = "org.wso2.is.notification.ApimOauthEventInterceptor"
     order = 1
+
     [event_listener.properties]
     notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify"
     username = "${admin.username}"
     password = "${admin.password}"
     'header.X-WSO2-KEY-MANAGER' = "default"
 
-    [transport.https.properties]
-    proxyPort = 443
-
-    [[apim.event_hub.publish.url_group]]
-    urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"]
-    auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"]
-
-    [[apim.event_hub.publish.url_group]]
-    urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"]
-    auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"]
-
     {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }}
     [database.local]
     url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE"

diff --git a/...ttern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml b/...ttern-3/templates/am/control-plane/instance-2/wso2am-pattern-3-am-control-plane-conf.yaml
@@ -35,14 +35,14 @@ data:
     #discard_empty_caches = false
     server_role = "control-plane"
 
+    [user_store]
+    type = "database_unique_id"
+
     [super_admin]
     username = "admin"
     password = "admin"
     create_admin_account = true
 
-    [user_store]
-    type = "database_unique_id"
-
     [database.apim_db]
     type = "{{ .Values.wso2.deployment.am.cp.db.type }}"
     url = "{{ .Values.wso2.deployment.am.cp.db.apim.url }}"
@@ -64,6 +64,11 @@ data:
     alias =  "wso2carbon"
     key_password =  "wso2carbon"
 
+    [truststore]
+    file_name = "client-truststore.jks"
+    type = "JKS"
+    password = "wso2carbon"
+
     #[keystore.primary]
     #file_name =  "wso2carbon.jks"
     #type =  "JKS"
@@ -85,16 +90,55 @@ data:
     display_in_api_console = true
     description = "This is a hybrid gateway that handles both production and sandbox token traffic."
     show_as_token_endpoint_url = true
-    service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}${carbon.context}services/"
+    service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-gateway-service:${mgt.transport.https.port}/services/"
     username= "${admin.username}"
     password= "${admin.password}"
-    ws_endpoint = "ws://localhost:9099"
-    wss_endpoint = "wss://localhost:8099"
+    ws_endpoint = "ws://{{ .Values.wso2.deployment.am.websocket.ingress.hostname }}"
+    wss_endpoint = "wss://{{ .Values.wso2.deployment.am.websocket.ingress.hostname }}"
     http_endpoint = "http://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}"
     https_endpoint = "https://{{ .Values.wso2.deployment.am.gateway.ingress.hostname }}"
     websub_event_receiver_http_endpoint = "http://{{ .Values.wso2.deployment.am.websub.ingress.hostname }}"
     websub_event_receiver_https_endpoint = "https://{{ .Values.wso2.deployment.am.websub.ingress.hostname }}"
 
+    [apim.devportal]
+    url = "https://{{ .Values.wso2.deployment.am.cp.ingress.hostname }}/devportal"
+    #enable_application_sharing = false
+    #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl
+    #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api
+    #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl"
+    #display_multiple_versions = false
+    #display_deprecated_apis = false
+    #enable_comments = true
+    #enable_ratings = true
+    #enable_forum = true
+    #enable_anonymous_mode=true
+    #enable_cross_tenant_subscriptions = true
+    #default_reserved_username = "apim_reserved_user"
+
+    [transport.http]
+    properties.port = 9763
+    properties.proxyPort = 80
+
+    [transport.https]
+    properties.port = 9443
+    properties.proxyPort = 443
+
+    [apim.event_hub]
+    enable = true
+    username= "$ref{super_admin.username}"
+    password= "$ref{super_admin.password}"
+    service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/"
+    event_listening_endpoints = ["tcp://localhost:5672"]
+    event_duplicate_url = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:5672"]
+    
+    [[apim.event_hub.publish.url_group]]
+    urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"]
+    auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"]
+    
+    [[apim.event_hub.publish.url_group]]
+    urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"]
+    auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"]
+
     #[apim.cache.gateway_token]
     #enable = true
     #expiry_time = "900s"
@@ -140,51 +184,12 @@ data:
     #enable_token_encryption = false
     #enable_token_hashing = false
 
-    [apim.devportal]
-    url = "https://{{ .Values.wso2.deployment.am.cp.ingress.hostname }}/devportal"
-    #enable_application_sharing = false
-    #if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl
-    #application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api
-    #application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl"
-    #display_multiple_versions = false
-    #display_deprecated_apis = false
-    #enable_comments = true
-    #enable_ratings = true
-    #enable_forum = true
-    #enable_anonymous_mode=true
-    #enable_cross_tenant_subscriptions = true
-    #default_reserved_username = "apim_reserved_user"
-
     [apim.cors]
     allow_origins = "*"
     allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"]
     allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"]
     allow_credentials = false
 
-    [apim.throttling]
-    event_duplicate_url = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:5672"]
-    service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/"
-    #enable_data_publishing = true
-    #enable_policy_deploy = true
-    #enable_blacklist_condition = true
-    #enable_persistence = true
-    throttle_decision_endpoints = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:5672","tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:5672"]
-
-    [[apim.throttling.url_group]]
-    traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"]
-    traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"]
-    type = "loadbalance"
-
-    [[apim.throttling.url_group]]
-    traffic_manager_urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"]
-    traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"]
-    type = "loadbalance"
-
-    #[[apim.throttling.url_group]]
-    #traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"]
-    #traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"]
-    #type = "failover"
-
     #[apim.workflow]
     #enable = false
     #service_url = "https://localhost:9445/bpmn"
@@ -241,23 +246,13 @@ data:
     type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler"
     name = "org.wso2.is.notification.ApimOauthEventInterceptor"
     order = 1
+
     [event_listener.properties]
     notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify"
     username = "${admin.username}"
     password = "${admin.password}"
     'header.X-WSO2-KEY-MANAGER' = "default"
 
-    [transport.https.properties]
-    proxyPort = 443
-
-    [[apim.event_hub.publish.url_group]]
-    urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9611"]
-    auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-1-service:9711"]
-
-    [[apim.event_hub.publish.url_group]]
-    urls = ["tcp://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9611"]
-    auth_urls = ["ssl://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-2-service:9711"]
-
     {{ if .Values.wso2.deployment.persistentRuntimeArtifacts.apacheSolrIndexing.enabled }}
     [database.local]
     url = "jdbc:h2:/home/wso2carbon/solr/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE"

diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-conf.yaml
@@ -58,6 +58,14 @@ data:
     type = "JKS"
     password = "wso2carbon"
 
+    [transport.http]
+    properties.port = 9763
+    properties.proxyPort = 80
+
+    [transport.https]
+    properties.port = 9443
+    properties.proxyPort = 443
+
     # key manager implementation
     [apim.key_manager]
     service_url = "https://{{ template "am-pattern-3.resource.prefix" . }}-am-cp-service:${mgt.transport.https.port}/services/"
@@ -133,10 +141,6 @@ data:
     allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction"]
     allow_credentials = false
 
-    [transport.https.properties]
-    port = 9443
-    proxyPort = 443
-
     [transport.passthru_https.sender.parameters]
     HostnameVerifier = "AllowAll"
 

diff --git a/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-service.yaml b/advanced/am-pattern-3/templates/am/gateway/wso2am-pattern-3-am-gateway-service.yaml
@@ -41,3 +41,9 @@ spec:
     - name: websub-https
       protocol: TCP
       port: 8021
+    - name: websocket-http
+      protocol: TCP
+      port: 9099
+    - name: websocket-https
+      protocol: TCP
+      port: 8099