Install on Amazon Web Services Elastic Beanstalk

Install on Amazon Web Services Elastic Beanstalk
lac42
You can install
CA Live API Creator
to run as a cloud-based service in an Amazon Web Services (AWS) Elastic Beanstalk environment. Elastic Beanstalk automatically handles capacity provisioning, load balancing, scaling, and application health monitoring.
In this article:
Verify the Prerequisites
Before installing
CA Live API Creator
 to run in AWS Elastic Beanstalk, ensure that you have completed the following prerequisite steps:
  • You have obtained the package containing the
    CALiveAPICreator.war
     web application ARchive (WAR) file.
  • You have an AWS account.
  • You have reviewed the installation best practices.
    For more information about the best practices, see Installation Best Practices.
(Optional) Bundle the Admin Repository into the WAR File
If you want to bootstrap 
CA Live API Creator
 with a specific configuration for your API metadata, bundle the admin repository into the 
CALiveAPICreator.war
 file. For example, you have configured 
CA Live API Creator
 in your development environment, and you want to include this configuration in the 
CALiveAPICreator.war
 file and deploy it to a server.
If you are using a database to persist to persist the authentication tokens that 
CA Live API Creator
 dynamically generates, you can also bundle the definition of the data source for the authentication token database (the 
ApiKey.json
 file) into the WAR file.
For more information:
For a sample script that bundles the admin repository and the definition of the data source for the authentication token database into the WAR file, see Example: Deploy the Bundled WAR to a Cluster.
Follow these following steps:
  1. Create the 
    WEB-INF/classes
     directory.
  2. Create the 
    configuration.zip
     file from your admin repository (the 
    teamspaces
     and 
    system
     directories).
    For more information about these directories, see View your API Definition.
  3. Copy the following files to the 
    WEB-INF/classes
     directory:
    • The 
      configuration.zip
       file.
    • (Optional) The 
      ApiKey.json
       file for your environment.
  4. From the command line window, bundle the files that are in the 
    WEB-INF
     directory into the WAR file by issuing the following command:
    jar uvf <war file> WEB-INF
    Step 3 of the sample script bundles these files into the WAR file.
The admin repository (and optionally the definition of the data source for the authentication token database) is added to the 
CALiveAPICreator.war
 file.
Optional Configuration
The following topics provide optional configuration details.
The following optional configurations require that you restart API Server after you configure.
Add the JDBC Drivers to the WAR File
If you plan to create a database for 
CA Live API Creator
 to store the authentication tokens it generates for API users, then you must add the 
JDBCDrivers.config
 file to the
.ebextensions
directory that is in the WAR file. The 
JDBCDrivers.config
 file tells Elastic Beanstalk to install JDBC drivers for these databases.
CA Live API Creator
requires the corresponding JDBC driver to the database management system (DBMS) that you use as your database for your authentication tokens and for any other databases that you plan to access.
Follow these steps:
  1. Create the 
    .ebextensions
    directory in the same directory as the
    CALiveAPICreator.war
     file.
  2. Create the 
    JDBCDrivers.config
     file in the
    .ebextensions
     directory.
  3. Open the file, add links to the JDBC drivers that are located in the public maven repository that is in the file, and then save and close the file. To use licensed third-party drivers, create a storage location on AWS and modify the source to point to this internal S3 location.
    Examples:
    Derby data source
    files: "/usr/share/tomcat8/lib/derby-10.12.1.1.jar": mode: "000755" owner: tomcat group: tomcat source: http://central.maven.org/maven2/org/apache/derby/derby/10.12.1.1/derby-10.12.1.1.jar
    MySQL/MariaDB data source
    files: 
      "/usr/share/tomcat8/lib/mariadb-java-client-1.2.2.jar": 
        mode: "000755"
        owner: tomcat
        group: tomcat
        source: http://central.maven.org/maven2/org/mariadb/jdbc/mariadb-java-client/1.2.2/mariadb-java-client-1.2.2.jar
    PostgreSQL data source
    files:
      "/usr/share/tomcat8/lib/postgresql-9.4-1206-jdbc42.jar": 
        mode: "000755"
        owner: tomcat
        group: tomcat
        source: http://central.maven.org/maven2/org/postgresql/postgresql/9.4-1206-jdbc42/postgresql-9.4-1206-jdbc42.jar
  4. From the command line window, add the 
    JDBCDrivers.config
     file to the 
    CALiveAPICreator.war
     file by issuing the following command:
    jar uvf <war file> .ebextensions/JDBCDrivers.config
    The file format is YAML. For more information, see the Amazon Web Services documentation.
    A confirmation message appears.
The 
JDBCDrivers.config
 file is added to the 
.ebextensions
 directory that is in the 
CALiveAPICreator.war
 file.
Optimize the Performance of your AWS Beanstalk Instance
  1. Create the 
    JVMoptions.config
     file in the 
    .ebextensions
     directory.
  2. Open the file, enter the following JVM options, and then save and close the file:
    To set your initial and maximum heap size
    , define the following settings:
    option_settings:
    - namespace: "aws:elasticbeanstalk:container:tomcat:jvmoptions"
      option_name: Xms
      value: 256m
    - namespace: "aws:elasticbeanstalk:container:tomcat:jvmoptions"
      option_name: Xmx
      value: 1024m
    For more information:
    To set the detail level for logging for garbage collection
    , define the following setting:
    option_settings:
    - namespace: "aws:elasticbeanstalk:container:tomcat:jvmoptions"
      option_name: verbose
      value: gc
  3. From the command line window, add this file to the 
    CALiveAPICreator.war
     file by issuing the following command:
    jar uvf <war file> .ebextensions/JVMoptions.config
Your JVM options take affect after you deploy the WAR file.
Minimize Security Vulnerabilities by Enabling HTTP Security Headers
You can minimize security vulnerabilities on 
CA Live API Creator
 applications, such as API Creator and Data Explorer, which are web-based applications, by adding security headers to Tomcat. HTTP security headers give browsers explicit instructions about how to communicate with a website. 
You can minimize security vulnerabilities on 
CA Live API Creator
 applications at one of the following levels: 
  • At the Java-container level, within Tomcat.
  • At the 
    CA Live API Creator
     application-level.
For more information about how to add security headers to Tomcat, see Install on Apache Tomcat.
Create an AWS Elastic Beanstalk Instance
Creating an AWS Elastic Beanstalk instance creates an application with
CA Live API Creator
 and a Web server environment. Complete this procedure in the AWS Elastic Beanstalk console.
CA Live API Creator
can run in a micro instance, but it takes advantage of the CPUs that you allocate.
CA Live API Creator
uses up to 4 GB to 8 GB of memory per Java container.
For more information about the amount of memory that
CA Live API Creator
requires, see Installation Requirements and Supported Platforms.
For more information about how to create an AWS Elastic Beanstalk instance, see the Amazon Web Services documentation.
Follow these steps:
  1. Define the general information for the Web server environment. On the Create a web server environment page, complete the following:
    Environment name
    Confirm the environment name.
    Domain
    Enter a domain name.
    Platform
    Select 
    Tomcat
    .
    Application code
    Upload the 
    CALiveAPICreator.war
     WAR file by clicking 
    Upload your code
    , and then click 
    Upload
    .
  2. (Optional) Configure options for the Web server environment by clicking 
    Configure more options
    .
    The Configure <your environment name> page appears.
    • Configure the environment properties. Complete the following steps:
      1. Click 
        Modify
         in the 
        Software
         tile.
        The Modify software page appears.
      2. In the 
        Environment properties
         section, add the following environment variables, and then save your changes:
        • (If you want to set the location of your admin repository) 
          LAC_REPOSITORY_ROOT
        • (If you want to set the location from which 
          CA Live API Creator
           pulls your admin repository) 
          LAC_REPOSITORY_CONFIGURATION_URL
        • (If you want to set the absolute path of the logging configuration file) 
          LAC_LOGGING_CONFIG_FILE
        • (If you want to set the cluster synchronization strategy) 
          LAC_CLUSTER_SYNC_STRATEGY
        • (If you want to assign the path of the Hazelcast configuration XML file when determining how nodes discover each other in a cluster) 
          hazelcast.config
        For more information about these options and other options that you can add before starting your server, see API Server Startup Options.The Configure <your environment name> page appears.
    • Configure the capacity. Complete the following steps:
      1. Click 
        Modify
         in the
        Capacity
         tile.
        The Modify capacity page appears.
      2. Select
        Load balanced
        as the
        Environment type
        , and then save your changes.
        The Configure <your environment name> page appears.
      3. (Optional) Configure load balancer health checks. Complete the following steps:
        1. Click 
          Modify
           in the
          Load balancer
           tile.
          The Modify load balancer page appears.
        2. Point the health check path to the 
          @heartbeat
          system REST endpoint. For 
          Health check path
          , enter
          /rest/abl/admin/v2/@heartbeat
          , and then save your changes.
          For more information about this system REST endpoint, see System REST Endpoints.
        The Configure <your environment> page appears.
  1. Click 
    Create environment
    .
An application with 
CA Live API Creator
 and a Web server environment is created. AWS Elastic Beanstalk creates EC2 instances, a load balancer, an elastic IP address, and a security group.
Advanced Configuration
The following topic provides advanced configuration details.
Create a Database for your Authentication Tokens
Prerequisite:
 You have added the 
JDBCDrivers.config
 file to the 
.ebextensions
 directory that is in the 
CALiveAPICreator.war
 file.
By default, 
CA Live API Creator
 generates authentication tokens, stores them in the in-memory Derby database, and synchronizes them to your admin repository in the following cases:
  • You have configured 
    CA Live API Creator
     to run as a single node.
  • You are running in a local development environment.
  • You have specified an authentication provider that uses the 
    Default Auth Provider
     authentication method (for example, the 
    built-in authentication
     authentication provider) or a custom JavaScript authentication provider that uses the 
    JavaScript Auth Provider
     authentication method as the authentication provider for your API.
You can optionally have 
CA Live API Creator
 store the authentication tokens that it generates for API users in a database instead by creating one.
For more information about how to create this database, see Create a Database for your Authentication Tokens.