Install Stand-alone API Gateway using Docker
Why Docker?
Applications often fail to run correctly when moved from one environment to another due to differences in configurations, underlying library requirements, and other dependencies. To enable developers and IT professionals to deploy applications seamlessly across environments, software development technologies increasingly use a technique called containerization.
Containers solve this problem by providing lightweight, immutable deployment and packaging infrastructure. Docker is one such containerization framework that can be used to create and run API Gateway as containers. API Gateway container bundles together the code of the application along with the configuration files, libraries, and dependencies required for API Gateway to run. Containerized applications can be tested individually and deployed as container image instances to the host operating system. This helps developers and IT professionals to deploy API Gateway across environments with little or no modification.
You can run
API Gateway in Containers or on Virtual machines. Running
API Gateway in containers is favourable as the containers can be orchestrated with container orchestration platforms like Kubernetes. To facilitate running
API Gateway in a Docker container the
API Gateway images are provided in
Container registry,
https://containers.webmethods.io/.
This article explains how to run an API Gateway Container, apigw and start using API Gateway.
Before you begin
Ensure that you have installed the latest version of Docker.
Ensure that the docker host provides at least
4 GB of main memory. To accommodate the space for Elasticsearch, set the kernel setting to
262144 by running the following command on your Docker host:
sysctl -w vm.max_map_count=262144
Pull
API Gateway image from Container registry.
Copy the
Docker Pull command from the list of
API Gateway images that are available or use the following command to pull the
API Gateway 10.15 image:
docker pull sagcr.azurecr.io/apigateway:10.15
Paste it in your command prompt.
To install stand-alone
API Gateway using Docker:
1. Run the API Gateway container.
Start the API Gateway image using the following docker run command:
docker run -d -p 5555:5555 -p 9072:9072 \
--hostname apigw-host \
--name apigw sagcr.azurecr.io/apigateway:10.15
where:
5555 and 9072 are the HTTP port of Integration Server and API Gateway UI respectively that are configured during installation.
apigw-host is the host information of the Docker container that is set, and apigw is the name of the container that is set.
sagcr.azurecr.io/apigateway:10.15 is the name of the pulled Docker image.
The docker run is parameterized with the Integration Server and the webApp port exposed by the Docker container. If you have configured different ports for Integration Server and UI, use the corresponding ports in the command.
You can check the status of the API Gateway Docker container, apigw by running the following command:
docker ps
Wait until the status of the container turns healthy to start using API Gateway.
2. Start using API Gateway.
Open http://defaulthost:defaultport of Integration Server and API Gateway.
Integration Server:
http://localhost:5555
Port is the HTTP port of Integration Server configured during installation; by default, 5555.
API Gateway:
http://localhost:9072
Port is the HTTP port of API Gateway configured during installation; by default, 9072.
The home page of API Gateway appears after you log in using the default Username and Password (Administrator and manage).
The API Gateway container can be stopped using the docker stop command:
docker stop -t90 apigw
Note:
The docker stop is parameterized with the number of seconds required for a graceful shutdown of the API Gateway and the API Gateway container name.
Troubleshooting Tips
If the status of the container does not turn healthy, you can check the docker logs using the following command:
docker logs --follow [container_id]
For example,
docker logs --follow [a7101d3e49d5]
The container_id is generated when you run the API Gateway container.
Next Steps
Now that you started using API Gateway, you can create and manage APIs using API Gateway. For quick reference, See :
Additional Resources
Containers and Master Password
After changing the master password on an API Gateway container like Docker, the passwords are encrypted with the new master password and saved to the internal database. However, the master password is not permanently stored in the API Gateway container. As a result, when you start a new API Gateway container, it resets the master password to the default value.
To resolve this, define the master password in the environment variable SAG_IS_MASTER_PASSWORD_KEY. Set this variable to the value of the master password key before starting the API Gateway container.
Docker Security related best practices
For details about the script that can test containers and their hosts' security configurations against a set of best practices provided by the Center for Internet Security, see Docker bench,
https://github.com/docker/docker-bench-securityFor details about potential security concerns associated with the use of containers and recommendations for addressing these concerns, see SP 800 publication (Application Container Security Guide),
https://csrc.nist.gov/publications/sp800