API Gateway 10.11 | Administering API Gateway | High Availability, Disaster Recovery, and Fault Tolerance | High Availability and Fault Tolerance | How Do I Set Up the Data Centers in Hot Standby Mode Using Basic Operation?
 
How Do I Set Up the Data Centers in Hot Standby Mode Using Basic Operation?
Before you start setting up the data centers for Cross-DC support, ensure that you have:
*Manage general administration configurations functional privilege.
*API Gateway installed in all the data centers.
This use case explains how to set up data centers in hot standby mode. When you want to set up the data centers at a unit level, you can use this method.
The data centers are set up in hot standby mode using the REST APIs. You can find the REST API in the swagger file APIGatewayDataManagement.json located at SAG_Root/IntegrationServer/instances/default/packages/WmAPIGateway/resources/apigatewayservices.
For example, assume that you have two data centers DC 1 and DC 2 in the following landscape:
Data Center Name
Host Name
Region
DC 1
uk.myhost.com
United Kingdom
DC 2
us.myhost.com
United States
*To set up the data centers in hot standby mode
1. Configuring listener.
Configure the listener in both the data centers DC 1 and DC 2 using the PUT/rest/apigateway/dataspace/listener REST API.
Request: PUT http://uk.myhost.com:5555/rest/apigateway/dataspace/listener.
Sample payload for the DC 1 is as follows:

{
"listener": {
"nodeName": "ecb1308f-22ac-4877-aba9-471a31a834e6",
"host": "uk.myhost.com",
"port": 4440
},
}
The system assigns unique node name for each data center. You must know the node name to configure the data centers as listener and to establish a ring. If you are unaware of the node names, invoke the GET/rest/apigateway/dataspace REST API on that data center whose node name you want to know. If you have multiple API Gateway instances clustered in a data center and when you use load balancer for high availability between the API Gateway instances, you have to provide the load balancer URL as host in the payload.
HTTP response appears as follows:

{
"listener": {
"nodeName": "ecb1308f-22ac-4877-aba9-471a31a834e6",
"host": "uk.myhost.com",
"port": 4440
},
}
Note:
Similarly, you can configure the listener on DC 2 by invoking the PUT/rest/apigateway/dataspace/listener REST API with the respective payload.
On successful configuration, the response status code displays as 200 and you can see the corresponding log entry in the Server Logs.
2. Establishing ring.
Establish a fully connected network, where both the data centers are inter-connected and forms a ring using the PUT/rest/apigateway/dataspace/ring REST API. You must invoke this REST API on both the data centers DC 1 and DC 2.
Request: PUT http://uk.myhost.com:5555/rest/apigateway/dataspace/ring.
Sample payload for DC 1 is as follows:

{

"ring": [
{
"nodeName": "a04609a0-ca13-44db-98e1-f988ba18fbb4",
"host": "us.myhost.com",
"port": 4440
}
]
}
Note:
When you establish the ring configuration on DC 1, you have to specify the DC 2 details in the payload. Similarly, when you establish the ring configuration on DC 2, you have to specify the DC 1 details in the payload.
HTTP response appears as follows:

{
"ring": [
{
"nodeName": "a04609a0-ca13-44db-98e1-f988ba18fbb4",
"host": "us.myhost.com",
"port": 4440
}
]
}
Note:
Similarly, you can establish the ring on DC 2 by invoking the PUT/rest/apigateway/dataspace/ring REST API with the respective payload.
On successful configuration, the response status code displays as 200 and you can see the corresponding log entry in the Server Logs.
3. Securing the Remote Procedure Call (gRPC) channel.
This is optional. You update the configuration only when you want to secure the gRPC channel . In Cross-DC support, the communication between data centers happens through gRPC channel. Securing the gRPC channel prevents data leaks and cyber attacks. You can secure the gRPC channel of all data centers by updating the configuration with keystore and truststore information. The gRPC channel is secured by configuring keystore and truststore with self-signed or CA signed certificates. Make sure that you have configured keystore and truststore in the API Gateway instance running on the data center for which you want to secure the gRPC channel. For information about configuring keystore and truststore, see Keystore and Truststore. You have to update the listener configuration using the PUT/rest/apigateway/dataspace/listener REST API with keystore and truststore details on both the data centers DC 1 and DC 2 to secure the gRPC channel.
Request: PUT http://uk.myhost.com:5555/rest/apigateway/dataspace/listener
Sample payload for DC 1 that uses SSL certificate is as follows:

{
"keyStoreAlias":"UK_Key",
"keyAlias":"Key_Alias_UK",
"trustStoreAlias":"Trustpackage"
"listener": {
"nodeName": "ecb1308f-22ac-4877-aba9-471a31a834e6",
"host": "uk.myhost.com",
"port": 4440
},
"insecureTrustManager": false
}
HTTP response appears as follows:

{
"keyStoreAlias":"UK_Key",
"keyAlias":"Key_Alias_UK",
"trustStoreAlias":"Trustpackage"
"listener":{
"nodeName": "ecb1308f-22ac-4877-aba9-471a31a834e6",
"host": "uk.myhost.com",
"port": 4440
},
"insecureTrustManager": false,
"$resourceID": "listener"
}
Note: 
*If you have configured the truststore using CA signed certificate, then in the payload, set "insecureTrustManager": false.
*Invoke the PUT/rest/apigateway/dataspace/listener REST API on DC 2 and provide a similar payload for DC 2.
On successful configuration, the response status code displays as 200 and you can see the corresponding log entry in the Server Logs.
Important:
Whenever you update the listener configuration, make sure you update the ring configuration in all the associated data centers using the PUT/rest/apigateway/dataspace/ring REST API. For example, if you update the listener configuration on DC 1, you have to update the ring configuration on DC 2.
4. Activating data centers in hot standby mode.
Data centers can be activated in two different ways. You can activate each data center separately by invoking the PUT/rest/apigateway/dataspace/activate REST API from each data center or activate all the data centers in this mode at a time by invoking the PUT/rest/apigateway/dataspace/activateAll?mode= STANDBY REST API once from any one of the data centers.
*Activating individual data centers.
Activate DC 1 and DC 2 separately using the PUT/rest/apigateway/dataspace/activate REST API.
Request: PUT http://uk.myhost.com:5555/rest/apigateway/dataspace/activate.
Sample payload for DC 1 is as follows:

{
"mode": "STANDBY"
}
HTTP response appears as follows:

{
"mode": "STANDBY"
}
Note:
Similarly, you can activate DC 2 by invoking the PUT/rest/apigateway/dataspace/activate REST API with the respective payloads.
On successful activation, the response status code displays as 200 and you can see the corresponding log entry in the Server Logs.
*Activating multiple data centers.
Activate both DC 1 and DC 2 data centers in a single step using the PUT/rest/apigateway/dataspace/activateAll?mode= STANDBY REST API from any one of the data centers.
Request: PUT http://uk.myhost.com:5555/rest/apigateway/dataspace/activateAll?mode= STANDBY.
Sample payload for DC 1 is as follows:
{
"local": {
"host": "uk.myhost.com",
"syncPort": 4440,
"keyStoreAlias":"UK_Key",
"keyAlias":"Key_Alias_UK",
"trustStoreAlias":"Trustpackage",
"insecureTrustManager": true
},
"remotes":
[
{
"host": "us.myhost.com",
"syncPort": 4440,
"userName": "Administrator",
"password": "manage",
"keyStoreAlias":"US_Key",
"keyAlias":"Key_Alias_US",
"trustStoreAlias":"Trustpackage",
"insecureTrustManager": true
}
]
}
HTTP response appears as follows:

{
"mode": "STANDBY",
"local": {
"host": "uk.myhost.com",
"syncPort": 4440,
"keyStoreAlias": "UK_Key",
"keyAlias": "Key_Alias_UK",
"trustStoreAlias": "Trustpackage",
"insecureTrustManager": true
},
"remotes": [
{
"host": "us.myhost.com",
"syncPort": 4440,
"userName": "Administrator",
"password": "manage",
"keyStoreAlias": "US_Key",
"keyAlias": "Key_Alias_US",
"trustStoreAlias": "Trustpackage",
"insecureTrustManager": true
}
],
"acknowledged": true
}
On successful activation, the response status code displays as 200 and you can see the corresponding log entry in the Server Logs.
You can validate whether the data center is activated in the respective mode by reading the current configuration of the data center using the GET/rest/apigateway/dataspace REST API. For more information, see How Do I Read the Current Configuration of the Data Center?.
Note: 
When DC 1 fails, you have to reconfigure the load balancer with DC 2 details, so that DC 2 handles the client request. When DC 1 is restored back, it gets added to the ring automatically as a standby data center. DC 2 continues to handle the client requests.
If you want to replace any one of the data centers (DC 1 or DC 2) with a new data center (for example, DC 3) in hot standby mode, you have to bring down either DC 1 or DC 2 to standalone mode. For example, if you bring down DC 2 to standalone mode, then you can reconfigure the setup with DC 1 and DC 3 in hot standby mode.