Microgateway 10.5 | webMethods Microgateway Help | Command Line Reference | Microgateway Command Line Reference
 
Microgateway Command Line Reference
This section describes operations you can perform such as, start and stop Microgateway, retrieve Microgateway status, view the assets provisioned, create a Microgateway instance, create an asset archive, create a docker file, and so on through Command Line Interface(CLI).
Using Microgateway CLI
The Microgateway CLI script comes in 2 flavors: Windows (.bat) and Linux (.sh). Invoking the script provides usage information:
Please renew the usage action:


start - Start a Microgateway server
stop - Stop a Microgateway server
status - Retrieve the Microgateway server status
assets - Show the provisioned assets of a running server
createInstance - Create a Microgateway instance
createAssetArchive - Create an asset archive
createDockerFile - Create a Microgateway docker file
createKubernetesFile - Create a Kubernetes file
downloadSettings - Create a custom settings file
settings - Show the settings configured in the Microgateway instance
Starting a Microgateway
Run the following command to start a Microgateway.
./microgateway.sh start options
where the options are:
-Shortcut, --Name
Description
-a, --archive <arg>
List of API Gateway archives
-adp,--admin_password <arg>
Password for administration access
-adu,--admin_user <arg>
User for administration access
-apis, --apis <arg>
List of API identifiers (name, unique identifier, name/version).
-apps, --applications <arg>
List of global applications (name, unique identifier)
-as, --apps_sync
Enable Applications sync
-asi, --apps_sync_interval
Polling interval in secs for applications sync
-ast, --apps_sync_timeout
Connection timeout in secs for applications sync
-asv, --apps_to_sync
Applications to synchronize (all, registeredApplications, comma separated ids)
-bp,--base_path <arg>
API Gateway base path
-c,--config <arg>
Configuration (YAML) file
-ds,--download_settings
Downloads the settings from API Gateway.
-gw,--api_gateway <arg>
API Gateway URL
-gwp,--api_gateway_password <arg>
API Gateway password
-gwu,--api_gateway_user <arg>
API Gateway user
-gwd,--api_gateway_dir <arg>
API Gateway install directory
-ikf,--import_keystore_file <arg>
To import one or more keystore files into Microgateway.
If there are multiple keystore files you can provide the keystore file names as comma separated items.
-ikp,--import_keystore_password <arg>
To import one or more keystore passwords corresponding to the keystore files being imported into Microgateway.
-itf, --import_truststore_file <arg>
To import one or more truststore files into Microgateway.
If there are multiple truststore files you can provide the truststore file names as comma separated items.
-itp, --import_truststore_password <arg>
To import one or more truststore passwords corresponding to the truststore files being imported into Microgateway
If there are multiple truststore passwords you can provide the password names as comma separated items.
-jvmopt,--jvm_option <arg>
JVM option.
Microgateway supports multiple JVMs.
-lv,--log_level <arg>
ERROR, WARN, INFO, DEBUG, TRACE
The default value is ERROR
-lp,--log_path <arg>
Path to log files
The default value is logs
-mpc,--max_parallel_connections <arg>
Number of parallel HTTP connections to the native API.
-p,--http_port <arg>
HTTP port number
-pols,--policies <arg>
List of global policy identifiers (name, unique identifier).
-sp,--https_port <arg>
HTTPS port number
-sr,--service_registries <arg>
List of service registry names.
-ua,--user_auth <arg>
User authentication method (internal or delegated)
-v,--verbose
Print more information to console
You will see a status message for each provisioned API. Also, the user authentication status is exposed.
Stopping a Microgateway
Run the following command to stop a Microgateway.
./microgateway.sh stop options
where the options are:
-Shortcut, --Name
Description
-c,--config <arg>
Configuration (YAML) file
-p,--http_port <arg>
HTTP port number
-sp,--https_port <arg>
HTTPS port number
-adu,--admin_user <arg>
User for administration access
-adp,--admin_password <arg>
Password for administration access
Retrieving Microgateway Status
Run the following command to retrieve the status of a Microgateway.
./microgateway.sh status
Viewing the Provisioned Assets in Microgateway
Run the following command to view the assets provisioned in Microgateway.
./microgateway.sh assets options
where the options are:
-Shortcut, --Name
Description
-c,--config <arg>
Configuration (YAML) file
-p,--http_port <arg>
HTTP port number
-sp,--https_port <arg>
HTTPS port number
-adu,--admin_user <arg>
User for administration access
-adp,--admin_password <arg>
Password for administration access
-v,--verbose
Print all details
Creating a Microgateway Instance
Run the following command to create a Microgateway instance package.
./microgateway.sh createInstance options
where the options are:
-Shortcut, --Name
Description
-gwd,--api_gateway_dir <arg>
API Gateway install directory for taking over the user credential file
-c,--config <arg>
Configuration (YAML) file that would be copied into the instance
-os,--os <arg>
Operating system (windows / linux)
-ins,--instance <arg>
Zip filename to hold the resulting Microgateway instance (mandatory)
-ikf,--import_keystore_file <arg>
To import one or more keystore files into Microgateway.
If there are multiple keystore files you can provide the keystore file names as comma separated items.
-ikp,--import_keystore_password <arg>
To import one or more keystore passwords corresponding to the keystore files being imported into Microgateway.
-itf, --import_truststore_file <arg>
To import one or more truststore files into Microgateway.
If there are multiple truststore files you can provide the truststore file names as comma separated items.
-itp, --import_truststore_password <arg>
To import one or more truststore passwords corresponding to the truststore files being imported into Microgateway
If there are multiple truststore passwords you can provide the password names as comma separated items.
-v,--verbose
Print all details
Creating an Asset Archive
Run the following command to create an asset archive from a running API Gateway instance.
./microgateway.sh createAssetArchive options
where the options are:
-Shortcut, --Name
Description
-a, --archive <arg>
The resulting API Gateway archive
-apis, --apis <arg>
List of API identifiers (name, unique identifier, name/version).
-apps, --applications <arg>
List of global applications (name, unique identifier, name/version).
-gw,--api_gateway <arg>
API Gateway URL
-gwp,--api_gateway_password <arg>
API Gateway password
-gwu,--api_gateway_user <arg>
API Gateway user
-pols,--policies <arg>
List of global policy identifiers (name, unique identifier).
Creating a Microgateway Docker File
Run the following command to create a Microgateway docker file.
./microgateway.sh createDockerFile options
where the options are:
-Shortcut, --Name
Description
-a, --archive <arg>
List of API Gateway archives
-apis,--apis <arg>
List of API identifiers
-apps,--applications <arg>
List of global application identifiers
-c,--config <arg>
Configuration (YAML) file
-dod,--docker_dir
Microgateway directory to use in Docker file
-dof,--docker_file
Filename to hold Docker file
-dor,--docker_from
FROM image to use in Docker file
-exec, --exec
Command to start micro service
-gw,--api_gateway <arg>
API Gateway URL
-gwd,--api_gateway_dir <arg>
API Gateway install directory
-gwp,--api_gateway_password <arg>
API Gateway password
-gwu,--api_gateway_user <arg>
API Gateway user
-ikf,--import_keystore_file <arg>
To import one or more keystore files into Microgateway.
If there are multiple keystore files you can provide the keystore file names as comma separated items.
-ikp,--import_keystore_password <arg>
To import one or more keystore passwords corresponding to the keystore files being imported into Microgateway.
-itf, --import_truststore_file <arg>
To import one or more truststore files into Microgateway.
If there are multiple truststore files you can provide the truststore file names as comma separated items.
-itp, --import_truststore_password <arg>
To import one or more truststore passwords corresponding to the truststore files being imported into Microgateway
If there are multiple truststore passwords you can provide the password names as comma separated items.
-jre, --jre
none, linux or linux-musl
-jvmopt,--jvm_option <arg>
JVM option.
Microgateway supports multiple JVMs.
-lv,--log_level <arg>
ERROR, WARN, INFO, DEBUG, TRACE
The default value is ERROR
-msr, --msr
Indicates MSR base image
-p,--http_port <arg>
HTTP port number
-pols,--policies <arg>
List of global policy identifiers
-sp,--https_port <arg>
HTTPS port number
-ua,--user_auth <arg>
User authentication method (internal or delegated)
Creating a Microgateway Kubernetes File
You can prepare a Kubernetes deployment file (yml format) for deploying a Microgateway Docker image to Kubernetes. Sidecar deployment is possible and also health-check methods can be selected.
Run the following command to create a Microgateway Kubernetes file:
./microgateway.sh createKubernetesFile options
where the options are:
-Shortcut, --Name
Description
-pn,--pod_name <arg>
Name for the Kubernetes pod and deployment
-di,--docker_image <arg>
The Microgateway Docker image name (inside a docker registry in the shape: registry/ imagename)
-hm,--health_mode <arg>
Mode for Kubernetes health checks (all, lifeness, readiness)
The default value is all.
-p,--http_port <arg>
The exposed port of the Microgateway Docker image
-rep,--replicas <arg>
Number of pod replicas.
The default value is 1.
-sdi,--sidecar_docker_image <arg>
Optional. Docker image name for the sidecar container (inside a docker registry in the shape: registry/imagename)
-spn,--sidecar_pod_name <arg>
Optional. NAme for the sidecar Kubernetes pod.
-o,--output <arg>
Generated output file (yml format)
Creating Settings file
Run the following command to create a custom settings file.
./microgateway.sh downloadSettings options
where the options are:
-Shortcut, --Name
Description
-gw,--api_gateway <arg>
API Gateway URL
-gwp,--api_gateway_password <arg>
API Gateway password
-gwu,--api_gateway_user <arg>
API Gateway user
-c,--config <arg>
Optional: input configuration file
-o, - output <arg>
Output settings file
Viewing the Settings in Microgateway
Run the following command to view the settings configured in the Microgateway instance.
./microgateway.sh settings options
where the options are:
-Shortcut, --Name
Description
-adu,--admin_user <arg>
User for administration access
-adp,--admin_password <arg>
Password for administration access
-c,--config <arg>
Configuration (YAML) file
-p,--http_port <arg>
HTTP port number
-sp,--https_port <arg>
HTTPS port number
-v,--verbose
Print all details
system-settings.yml
The following shows a sample system-settings.yml file structure.
---
faults:
default_error_message: "API Gateway encountered an error.
Error Message: $ERROR_MESSAGE. Request Details: Service - $SERVICE,
Operation - $OPERATION, Invocation Time:$TIME, Date:$DATE,
Client IP - $CLIENT_IP, User - $USER and Application:$CONSUMER_APPLICATION"

native_provider_fault: "false"

extended_settings:
defaultEncoding: "UTF-8"
apiKeyHeader: "x-Gateway-APIKey"
apig_MENConfiguration_tickInterval: "60"
events.collectionQueue.size: "10000"
events.collectionPool.minThreads: "1"
events.collectionPool.maxThreads: "8"

gateway_destination:
sendPolicyViolationEvent: "true"

es_destination:
protocol: "http"
hostName: "localhost"
port: "9240"
indexName: "gateway_default_analytics"
userName: ""
password: ""
sendPolicyViolationEvent: "true"

key_store:
type: JKS
provider: SUN
location: config/keystore.jks
password: password

system:
version: "10.4.0.0"
---
custom-settings.yml
The following shows a sample custom-settings.yml file structure.
---
ports:
http: 7071
https: 7072
key_alias: ssos

api_gateway:
url: http://localhost:5555
user: Administrator
password: password
dir: "C:\\SoftwareAG"
download_settings: "false"

api_endpoint:
base_path: "/gateway"

admin_api:
user: admin
password: password
admin_path: "/rest/microgateway"

downloads:
apis: EmployeeService
applications:
policies:

archive:
file: "E:/archives/gateway/EmployeeService.zip

policies:
user_auth: internal | delegated

logging:
level: "ERROR"
path: "logs"

applications_sync:
enabled: true | false
applications_to_sync: "all | registeredApplications | comma separated ids"
polling_interval_secs: 10
connection_timeout_secs: 10

faults:
default_error_message: "API Gateway encountered an error.
Error Message: $ERROR_MESSAGE.\
\ Request Details: Service - $SERVICE, Operation -
$OPERATION, Invocation Time:$TIME,\
\ Date:$DATE, Client IP - $CLIENT_IP, User - $USER and
Application:$CONSUMER_APPLICATION"
native_provider_fault: "false"

extended_settings:
apiKeyHeader: "x-Gateway-APIKey"
apig_MENConfiguration_tickInterval: "60"
apig_rest_service_redirect: "false"
apig_schemaValidationPoolSize: "10"
customCertificateHeader: "X-Client-Cert"
decodeAllDelimitersInURI: "false"
defaultEncoding: "UTF-8"
defaultLanguage: "en"
events.collectionPool.maxThreads: "8"
events.collectionPool.minThreads: "1"
events.collectionQueue.size: "10000"
events.reportingPool.maxThreads: "4"
events.reportingPool.minThreads: "2"
events.reportingQueue.size: "5000"
forwardInternalAPIsRequest: "false"
pg.3pSnmpSender.sendDelay: "0"
pg.cs.snmpTarget.base64Encoded: "false"
pg.cs.snmpTarget.connTimeout: "0"
pg.cs.snmpTarget.maxRequestSize: "10485760"
pg.cs.snmpTarget.retries: "1"
pg.cs.snmpTarget.sendTimeOut: "500"
pg.endpoint.connectionTimeout: "30"
pg.endpoint.readTimeout: "30"
pg.lb.failoverOnDowntimeErrorOnly: "true"
pg.snmp.communityTarget.base64Encoded: "false"
pg.snmp.communityTarget.maxRequestSize: "65535"
pg.snmp.communityTarget.retries: "1"
pg.snmp.communityTarget.sendTimeOut: "500"
pg.snmp.customTarget.connTimeout: "0"
pg.snmp.userTarget.maxRequestSize: "65535"
pg.snmp.userTarget.retries: "1"
pg.snmp.userTarget.sendTimeOut: "500"
pg.uddiClient.publish.maxThreads: "2"
pg.uddiClient.uddiClientTimeout: "15000"
pg_Cache_autoScalerRunInterval: "120"
pg_Cache_averageObjectSize: "64"
pg_Cache_boundedCacheResizerRunInterval: "30"
pg_Cache_maxCacheSize: "1048576"
pg_Cache_minCachePercent: "20"
pg_Cache_minCacheSize: "1024"
pg_Cache_statisticsProcessorRunInterval: "15"
pg_JWT_isHTTPS: "true" pg_OpenID_isHTTPS: "true"
pg_oauth2_isHTTPS: "true"
pg_xslt_disableDoctypeDeclarations: "true"
pg_xslt_enableDOM: "false"
pg_xslt_enableSecureProcessing: "true"
pgmen.quotaSurvival.addLostIntervals: "true"
pgmen.quotaSurvival.interval: "1"
retainResponseStatus: "false"
sendClientRequestURI: "false"
setDefaultContentType: "true"
transformerPoolSize: "5"

es_destination:
metricsPublishInterval: "60"
port: "9240"
sendAuditlogAPIManagementEvent: "false"
sendAuditlogAccessProfileManagementEvent: "false"
sendAuditlogAdministrationEvent: "false"
sendAuditlogAliasManagementEvent: "false"
sendAuditlogApplicationManagementEvent: "false"
sendAuditlogApprovalManagementEvent: "false"
sendAuditlogGroupManagementEvent: "false"
sendAuditlogPackageManagementEvent: "false"
sendAuditlogPlanManagementEvent: "false"
sendAuditlogPolicyManagementEvent: "false"
sendAuditlogPromotionManagementEvent: "false"
sendAuditlogRuntimeDataManagementEvent: "false"
sendAuditlogUserManagementEvent: "false"
sendErrorEvent: "false"
sendLifecycleEvent: "false"
sendPerformanceMetrics: "false"
sendPolicyViolationEvent: "false"

gateway_destination:
metricsPublishInterval: "60"
sendAuditlogAPIManagementEvent: "true"
sendAuditlogAccessProfileManagementEvent: "true"
sendAuditlogAdministrationEvent: "true"
sendAuditlogAliasManagementEvent: "true"
sendAuditlogApplicationManagementEvent: "true"
sendAuditlogApprovalManagementEvent: "true"
sendAuditlogGroupManagementEvent: "true"
sendAuditlogPackageManagementEvent: "true"
sendAuditlogPlanManagementEvent: "true"
sendAuditlogPolicyManagementEvent: "true"
sendAuditlogPromotionManagementEvent: "true"
sendAuditlogRuntimeDataManagementEvent: "true"
sendAuditlogUserManagementEvent: "true"
sendErrorEvent: "true"
sendLifecycleEvent: "true"
sendPerformanceMetrics: "true"
sendPolicyViolationEvent: "true"

security_settings:
providers:
- !<clientMetadataMapping>
id: "PingFederate"
name: "PingFederate"
type: "clientMetadataMapping"
owner: "Administrator"
providerName: "PingFederate"
implNames:
grant_types: "grantTypes"
logo_uri: "logoUrl"
scope: "restrictedScopes"
client_secret: "secret"
redirect_uris: "redirectUris"
client_name: "name"
client_id: "clientId"
extendedValues: {}
extendedValuesV2:
- endpointType: "CLIENT_REGISTRATION"
key: "restrictScopes"
value: "true"
- endpointType: "CLIENT_UPDATE"
key: "restrictScopes"
value: "true"
- !<clientMetadataMapping>
id: "OKTA"
name: "OKTA"
type: "clientMetadataMapping"
owner: "Administrator"
providerName: "OKTA"
implNames: {}
extendedValues: {}
extendedValuesV2: []
auth_servers:
- !<authServerAlias>
id: "local"
name: "local"
description: "API Gateway as an Authorization server."
type: "authServerAlias"
owner: "Administrator"
tokenGeneratorConfig:
expiry: 0
accessTokenExpInterval: 3600
authCodeExpInterval: 600
authServerScopes: []
supportedGrantTypes:
- "authorization_code"
- "password"
- "client_credentials"
- "refresh_token"
- "implicit"
oauthTokens: []
authServerType: "LOCAL_IS"

service_registries:
- !<serviceRegistryAlias>
id: "ServiceConsulDefault"
name: "ServiceConsulDefault"
description: "Service Consul is a tool for discovering and configuring services\
\ in IT infrastructure."
type: "serviceRegistryAlias"
owner: "Administrator"
endpointURI: "http://localhost:8500/v1"
heartBeatInterval: 0 password: ""
customHeaders: {}
discoveryInfo:
path: "/catalog/service/{serviceName}"
httpMethod: "GET"
registrationInfo:
path: "/agent/service/register"
httpMethod: "PUT"
deRegistrationInfo:
path: "/agent/service/deregister/{serviceId}"
httpMethod: "PUT"
serviceRegistryType: "SERVICE_CONSUL"
connectionTimeout: 30
readTimeout: 30
- !<serviceRegistryAlias>
id: "EurekaDefault"
name: "EurekaDefault"
description: "Eureka is a REST based service that is primarily used in the AWS
cloud\
\ for locating services for the purpose of load balancing and failover of
middle-tier servers"
type: "serviceRegistryAlias"
owner: "Administrator"
endpointURI: "http://localhost:8761"
heartBeatInterval: 0
password: ""
customHeaders: {}
discoveryInfo:
path: "/eureka/apps/{app}"
httpMethod: "GET"
registrationInfo:
path: "/eureka/apps/{app}"
httpMethod: "POST"
deRegistrationInfo:
path: "/eureka/apps/{app}/{instanceId}"
httpMethod: "DELETE"
serviceRegistryType: "EUREKA"
connectionTimeout: 30
readTimeout: 30
---