

Deploying Choreo Connect on Kubernetes With WSO2 API Manager as a Control Plane¶

Let's deploy an API on Choreo Connect, which running on Kubernetes, with WSO2 API Manager as the Control Plane.

Before you begin

Install kubectl.
Set up a Kubernetes cluster v1.20 or above.
- Minimum CPU : 4vCPU
- Minimum Memory : 3GB
Deploy an ingress controller - NGINX Ingress Controller for this sample.

Note

If you are using Rancher Desktop, disable the default Traefik ingress controller in order to deploy the Nginx ingress controller. Refer Rancher Docs for more information

Step 1 - Setup Choreo Connect in Kubernetes¶

Download and extract the Choreo Connect distribution .zip

The latest Choreo Connect distribution can be downloaded from https://wso2.com/choreo/choreo-connect/. Extract the Choreo Connect distribution .zip file. The extracted folder will be called as CHOREO-CONNECT_HOME hereafter.

Add the Kubernetes configurations for Choreo Connect and API Manager using the kubectl tool.

Click here if you are using an ARM64 based machine (e.g., Apple M1)

If you are trying out in ARM64 based machine (e.g., Apple M1) update the Docker image names with the following.

Kubernetes deployment.yaml files
- <CHOREO-CONNECT_HOME>/k8s-artifacts/choreo-connect/adapter-deployment.yaml
- <CHOREO-CONNECT_HOME>/k8s-artifacts/choreo-connect/choreo-connect-deployment.yaml
- <CHOREO-CONNECT_HOME>/k8s-artifacts/choreo-connect-with-apim/apim/apim-deployment.yaml
- <CHOREO-CONNECT_HOME>/k8s-artifacts/choreo-connect-with-apim/choreo-connect/adapter-deployment.yaml
- <CHOREO-CONNECT_HOME>/k8s-artifacts/choreo-connect-with-apim/choreo-connect/choreo-connect-deployment.yaml

Existing (Default) image name	Image name for tryout in ARM64 (e.g.: Apple M1)
`wso2/choreo-connect-adapter:1.1.0`	`wso2/choreo-connect-adapter:1.1.0-ubuntu`
`wso2/choreo-connect-enforcer:1.1.0`	`wso2/choreo-connect-enforcer:1.1.0-ubuntu`
`wso2/choreo-connect-router:1.1.0`	`wso2/choreo-connect-router:1.1.0-ubuntu`
`wso2/wso2am:4.0.0-alpine`	`wso2/wso2am:4.1.0-multiarch`

Note:
Note that the above Ubuntu based (*-ubuntu) images are for tryout purpose only and are not recommended for a production deployment.

kubectl apply -f <CHOREO-CONNECT_HOME>/k8s-artifacts/choreo-connect-with-apim/apim

Apply the Kubernetes configurations for Choreo Connect after starting the API Manager instance.

kubectl apply -f <CHOREO-CONNECT_HOME>/k8s-artifacts/choreo-connect-with-apim/choreo-connect

Add the host entry to the /etc/hosts file.

Add the following entry to /etc/hosts file in order to access the Choreo Connect Router, API Manager publisher and Developer Portal.
```
<ingress_address>    gw.wso2.com    apim.wso2.com
```

Step 2 - Update the JWKS Endpoint¶

The JWKS endpoint of the API Manager has the external facing hostname by default, and it is not always routable via Choreo Connect Enforcer. As a result, you can alter the JWKS endpoint in the API Manager to use the API Manager's internal service name in Kubernetes.

Log into Admin portal - https://apim.wso2.com/admin/
Navigate to Key Managers section and select the Resident Key Manager.
Change the JWKS URL in the Certificates section to https://wso2apim:9443/oauth2/jwks.

Step 3 - Deploy Sample API from API Manager¶

Publisher Portal: https://apim.wso2.com/publisher/
Developer Portal: https://apim.wso2.com/devportal/

Follow the instructions in create and publish an API from API Manager using the above URLs to access each of the portals.

Top