Production Deployment Checklist¶
Given below is a checklist that will guide you to set up your production environment for WSO2 API-M.
Guideline | Details |
---|---|
Security hardening |
Guidelines for hardening the security of a WSO2 deployment in a production environment can be discussed under three high-level categories:
Related links
|
Hostname |
By default, WSO2 products identify the hostname of the current machine through the Java API. However, it is recommended to configure the hostname by setting the
hostname parameter in the deployment.toml file.
Related links
|
Registry and governance |
The API-M runtime uses a database registry for persistent storage of configurations. It is recommended to switch to a database like Oracle, MySQL, or MSSQL. Note that the default setup does not include database backup procedures. The production setup should obviously need to have regular database backup procedures configured.
The Micro Integrator runtime uses a file-based registry instead of a database.
|
Performance Tuning |
Most of the performance tuning recommendations are common to all WSO2 products. However, each WSO2 product may have additional guidelines for optimizing the performance of product-specific features.
|
Firewalls |
The following ports must be accessed when operating within a firewall: API-M Ports
|
Proxy servers |
If the runtime is hosted behind a proxy such as ApacheHTTPD, you can configure the runtime to use the proxy server. See the following topics for instructions:
|
High availability |
Configure your deployment with high availability. Refer the recommended deployment patterns and select an option that fits your requirements. In the cloud native deployment, high availability should be achieved via the container orchestration system (Kubernetes). |
Data backup and archiving | Implement a backup and recovery strategy for your system. |