Understanding the Distributed Deployment of WSO2 API-M

Before understanding how to deploy WSO2 API Manager (WSO2 API-M), let's understand the WSO2 API-M distributed deployment better.

Understanding the WSO2 API-M architecture

WSO2 API Manager uses the following main components:

Publisher Enables API providers to easily publish their APIs, share documentation, provision API keys, and gather feedback on API features, quality, and usage.
Developer Portal Enables consumers to self-register, discover API functionality, subscribe to APIs, evaluate them, and interact with API publishers.
Key Manager Responsible for all security and key-related operations.
Gateway Responsible for securing, protecting, managing, and scaling API calls.
Traffic Manager Used to make a decision on throttling.

For more information on the above, see the main components of a distributed system.

Additionally, API Manager uses the following databases, which are shared among the server nodes.

  • User Manager database - Stores information related to users and user roles. This information is shared among the Key Manager Server, Developer Portal, and Publisher. Users can access the Publisher for API creation and the Developer Portal for consuming the APIs. The User Manager database is also referred to as WSO2UM_DB and userdb.
  • API Manager database - Stores information related to the APIs along with the API subscription details. The Key Manager Server uses this database to store user access tokens that are used for verification of API calls. The API Manager database is also referred to as WSO2_AM_DB and apimgtdb.
  • Registry database - Shares information between the Publisher and Developer Portal. When an API is published through the Publisher, it is made available in the Developer Portal via the shared registry database. Although you would normally share information between the Publisher and Developer Portal components only, if you are planning to create this setup for a multi-tenanted environment (create and work with tenants), it is required to share the information in this database between the Gateway and Key Manager components as well. The Registry database is also referred to as WSO2REG_DB and regdb.
  • Message Broker database - Traffic Manager uses this database as the message store for broker when advanced throttling is used. The Message Broker DB is also referred to as WSO2_MB_STORE_DB and mbstoredb.

WSO2 API Manager components use the databases as follows:


API Manager
database

apimgtdb

WSO2_AM_DB

User Manager
Database

userdb

WSO2UM_DB

Registry Database

regdb

WSO2REG_DB

Message Broker
Database

mbstoredb

WSO2_MB_STORE_DB

Publisher

Used

Used

Used

Not used

Developer Portal

Used

Used

Used

Not used

Key Manager

Used

Used

Used (in multi-tenancy mode)

Not used

Gateway

Not used

Used (in multi-tenancy mode)

Used (in multi-tenancy mode/ in multiple gateway mode when Google Analytics is used)

Not used
Traffic Manager Not used Not used Not used Used

Note

  • Although the Gateway does not use the WSO2 API Manager database, this connection is required; therefore, do not remove the default configuration in the <API-M_HOME>/repository/conf/datasources/master-datasources.xml file. This connection should be your default database.
  • The Gateway node creates a connection at the startup with the WSO2 API Manager database, but this connection will not be used later on.
  • If you have more than one Traffic Manager node, each Traffic Manager node must have its own Message Broker database (WSO2_MB_STORE_DB).

When we consider a distributed deployment of WSO2 API Manager, we have the option of separating the five components and clustering each component as needed. Let's look more closely at how the API Manager components are deployed separately.

Understanding the distributed deployment

In the following diagram, the five components are set up in a distributed deployment, and the five databases are connected to the relevant components respectively. The entire setup is also fronted by a load balancer.

Note

In a clustered setup, if the Key Manager is NOT fronted by a load balancer, you have to set the KeyValidatorClientType element to ThriftClient in the <API-M_HOME>/repository/conf/api-manager.xml file, to enable Thrift as the communication protocol. You need to configure this in all the Gateway and Key Manager components.

Understanding the distributed deployment

Top