DO240 - ch01s04

Bookmark this page

Guided Exercise: Installing Red Hat 3scale API Management

In this exercise, you will install Red Hat 3scale API Management by using the 3scale OpenShift operator, and then install the 3scale Toolbox CLI.

Outcomes

You should be able to:

Install Red Hat 3scale API Management on OpenShift by using the 3scale OpenShift operator.
Install the 3scale Toolbox CLI.

You must be logged in to the workstation machine as the student user.

Run the following command to ensure that your OpenShift cluster is running properly.

[student@workstation ~]$ lab start install-setup

Procedure 1.2. Instructions

Log in to the Red Hat OpenShift web console with an account that has cluster administrator privileges.
1. Navigate to https://console-openshift-console.apps.ocp4.example.com to access the OpenShift web console. If a certificate errors appears, then accept the self-signed certificates.
2. In the Log in with page, click htpasswd_provider.
3. Log in with the following credentials:
  - Username: admin
  - Password: redhat
Create a new OpenShift project, where you will install the 3scale Operator.
1. In the Administrator pane, click Home → Projects.
2. Click Create Project and type 3scale in the Name field. Then, click Create.
Install the 3scale OpenShift operator by using the OpenShift Console.
1. In the Administrator pane, click Operators → OperatorHub.
2. In the Filter by keyword text box, type 3scale.
3. Select the Red Hat Integration - 3scale operator, and then click Install.
  Figure 1.7: 3scale operator in the OperatorHub
4. Complete the form according to the following parameters, and then click Install.
  - Update channel: threescale-2.11
  - Installed Namespace: 3scale
  - Update approval: Automatic
  The operator takes some time to install.
5. Click View Operator to access the operator details page.
  Figure 1.8: Operator successfully installed
Deploy the APIManager custom resource.
1. In the Provided APIs section, find APIManager. Click Create instance.
  The Create APIManager form displays.
  Note
  The Create instance button does not appear until the 3scale operator becomes ready. If you do not see the button, then wait until the 3scale operator finishes the deployment process.
2. Click YAML view in the Configure via section to see the APIManager custom resource as a YAML file.
3. Update the YAML according to the following snippet.
```
apiVersion: apps.3scale.net/v1alpha1
kind: APIManager
metadata:
  name: apimanager-sample
  namespace: 3scale
spec:
  wildcardDomain: apps.ocp4.example.com
  resourceRequirementsEnabled: false
```
  Note
  The wildcardDomain field is used to create the accessible routes of 3scale. For example, the Admin Portal might be 3scale-admin.wildcardDomain.
  The wildcardDomain field should be a resolvable domain. Usually, it is the domain where you are running your OpenShift cluster. In the previous YAML snippet you use the apps.ocp4.example.com domain because it is the domain used by the OpenShift cluster in the workstation environment.
4. Click Create. The APIManager deployment creates several OpenShift resources, therefore, it takes several minutes for all the pods to be available.
  In the meantime, you can proceed with the exercise by installing the 3scale Toolbox CLI.
Install the 3scale Toolbox CLI. The official way of installing the Toolbox is by using the 3scale Toolbox CLI container image, registry.redhat.io/3scale-amp2/toolbox-rhel8:3scale2.11.
1. In a web browser, navigate to https://access.redhat.com/terms-based-registry/. Log in with your Red Hat account if necessary. The page displays your current Red Hat Service Accounts, if you have any.
2. Click New Service Account to create a new Service Account. In the Name field type do240, and then click Create.
  Note
  Your username also includes the random string of numbers provided before the Name field. For example, if you provide the do240 name, then a possible username string is 89238478|do240.
3. The Token Information page displays your username and token. Keep this page open, as the contents are necessary later in this exercise.
4. In your command-line terminal, log in to the Red Hat Registry by using Podman. Use the username and token from the previous step.
```
[student@workstation ~]$ podman login registry.redhat.io
Username: username_from_previous_step
Password: token_from_previous_step
```
5. Pull the 3scale Toolbox CLI image from the Red Hat Registry by using Podman.
```
[student@workstation ~]$ podman pull \
registry.redhat.io/3scale-amp2/toolbox-rhel8:3scale2.11
Trying to pull registry.redhat.io/3scale-amp2/toolbox-rhel8:3scale2.11...
...output omitted...
```
6. Verify the installation. You can use podman run to execute the 3scale Toolbox CLI by using the following format:
```
podman run registry.redhat.io/3scale-amp2/toolbox-rhel8:3scale2.11 3scale COMMAND
```
  For example, if you want to execute the help command in the 3scale Toolbox CLI.
```
[student@workstation ~]$ podman run \
registry.redhat.io/3scale-amp2/toolbox-rhel8:3scale2.11 3scale help
NAME
    3scale - 3scale toolbox

USAGE
    3scale <sub-command> [options]
...output omitted...
```
7. Because using podman run is too long, you can create a bash alias.
```
[student@workstation ~]$ alias 3scale="podman run \
registry.redhat.io/3scale-amp2/toolbox-rhel8:3scale2.11 3scale"
```
  Now you can run 3scale COMMAND. For example, you can run the 3scale help command.
```
[student@workstation ~]$ 3scale help
NAME
    3scale - 3scale toolbox

USAGE
    3scale <sub-command> [options]
...output omitted...
```
In the 3scale Toolbox CLI, add a remote for the default 3scale tenant.
1. Log in to RHOCP:
```
[student@workstation ~]$ oc login -u admin -p redhat api.ocp4.example.com:6443
Login successful.

...output omitted...
```
2. In your command-line terminal, use the oc get secret command to retrieve the password for the 3scale tenant Admin Portal.
```
[student@workstation ~]$ oc get secret system-seed -n 3scale \
--template={{.data.ADMIN_PASSWORD}} | base64 -d; echo
```
  The default passwords of 3scale are stored in the system-seed secret. By executing the previous command, you retrieve the ADMIN_PASSWORD entry of the system-seed secret. Then, because the secret is encoded in Base64, you decode it.
3. Navigate to https://3scale-admin.apps.ocp4.example.com, the 3scale tenant Admin Portal. Log in with the the following credentials:
  - Username: admin
  - Password: Password from the system-seed secret
  Warning
  As noted before, the deployment of the APIManager custom resource takes several minutes. If the Admin Portal is not accessible, try again in a few minutes.
  If the How does 3scale work page displays, click X to close it.
4. In the top pane, click Dashboard to display the drop down menu. Then, click Account Settings.
  Figure 1.9: 3scale tenant administration portal
5. In the left pane, click Personal → Tokens.
6. In the Access Tokens section, click Add Access Token. Complete the form according to the following values:
  - Name: toolbox
  - Scopes: All (select Billing API, Account Management API, Analytics API and Policy Registry API)
  - Permission: Read & Write
  Then, click Create Access token. Save the access token displayed.
7. Using the official 3scale Toolbox CLI image, create a container with a name of toolbox-original. This image must contain the remote information.
```
[student@workstation ~]$ podman run --name=toolbox-original \
registry.redhat.io/3scale-amp2/toolbox-rhel8:3scale2.11 3scale remote \
add 3scale-tenant -k https://ACCESS_TOKEN@3scale-admin.apps.ocp4.example.com
```
  Note
  Because podman run creates a new container on every execution, the information added is not kept between executions. A solution to this issue is creating a new image from the original 3scale Toolbox CLI image that contains the remote information. This way, you use podman run to execute an image with the remote information on every execution.
  If you make a mistake in this step, execute podman rm toolbox-original. Then, you can execute the preceding command again.
8. Create an image from the toolbox-original container.
```
[student@workstation ~]$ podman commit toolbox-original toolbox
Getting image source signatures
...output omitted...
Writing manifest to image destination
Storing signatures
```
9. Update the 3scale bash alias to use the new image.
```
[student@workstation ~]$ alias 3scale="podman run toolbox 3scale -k"
```
  Note
  The classroom workstation includes a .bashrc file with the preceding alias configured. Future workstation sessions do not require setting the alias again.
  Note that the -k option allows connections without an SSL certificate. Now you can list the remotes by using the 3scale alias.
```
[student@workstation ~]$ 3scale remote list
3scale-tenant https://3scale-admin.apps.ocp4.example.com access-token
```

Finish

Run the following command

[student@workstation ~]$ lab finish install-setup

This concludes the guided exercise.

Discuss Cloud-native API Administration with Red Hat 3scale API Management

Go to community

Welcome to the Cloud-native API Administration (DO240) group in the Red Hat Learning Community!

Deanna

11 sie 2023

We are excited to launch a space dedicated to the Red Hat Training course Cloud-native API Administration with Red Hat 3scale API Management! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to DO240.Read more about Cloud-native API Administration with Red Hat 3scale API Management here.

Revision: do240-2.11-40390f6

Cloud-native API Administration with Red Hat 3scale API Management

Guided Exercise: Installing Red Hat 3scale API Management

Note

Note

Note

Warning

Note

Note