WD515G 2.0 en WD5152LSG

Lab Setup Guide
Create, Secure, and Publish APIs with

IBM API Connect 10
Course code WD515 / ZD515 ERC 2.0
IBM Training
August 2021 edition
Notices
This information was developed for products and services offered in the US.
IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM
representative for information on the products and services currently available in your area. Any reference to an IBM product,
program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally
equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it
is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service.
IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this
document does not grant you any license to these patents. You can send license inquiries, in writing, to:
IBM Director of Licensing
IBM Corporation
North Castle Drive, MD-NC119
Armonk, NY 10504-1785
United States of America
INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND,
EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT,
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some jurisdictions do not allow disclaimer of express or implied
warranties in certain transactions, therefore, this statement may not apply to you.
This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information
herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the
product(s) and/or the program(s) described in this publication at any time without notice.
Any references in this information to non-IBM websites are provided for convenience only and do not in any manner serve as an
endorsement of those websites. The materials at those websites are not part of the materials for this IBM product and use of those
websites is at your own risk.
IBM may use or distribute any of the information you provide in any way it believes appropriate without incurring any obligation to you.
Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or
other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility
or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the
suppliers of those products.
This information contains examples of data and reports used in daily business operations. To illustrate them as completely as
possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any
similarity to actual people or business enterprises is entirely coincidental.
Trademarks
IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corp., registered in
many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of
IBM trademarks is available on the web at “Copyright and trademark information” at www.ibm.com/legal/copytrade.shtml.
© Copyright International Business Machines Corporation 2020, 2021.
This document may not be reproduced in whole or in part without the prior written permission of IBM.
US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
Contents
Contents
Trademarks..............................................................................................................................................................v
Classroom setup guide........................................................................................................................................1

Overview..............................................................................................................................................................................1
Requirements..........................................................................................................................................................3
Lab configuration overview.................................................................................................................................................3
Network requirements..........................................................................................................................................................3
Software requirements.........................................................................................................................................................4
Host or server system requirements.....................................................................................................................................4
IDs and passwords...............................................................................................................................................................4
Network setup instructions.................................................................................................................................5
Operating system setup instructions...............................................................................................................6

WD515 lab environment......................................................................................................................................................6
Software setup instructions................................................................................................................................7

Section 1. Download API Connect V10 software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -8
1.1. Log in to the VMware image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -8
1.2. Download files onto image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -9
Section 2. (OPTIONAL) Install SoapUI and Thunderbird . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -15
2.1. Install SoapUI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -15
2.2. Install Thunderbird . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -20
Section 3. Install Docker and Kubernetes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -23
3.1. Configure terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -23
3.2. Create directory and move files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -24
3.3. Configure Kubernetes repository . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -25
3.4. Install Docker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -25
3.5. Install Docker registry and create self-signed certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -28
3.6. Configure and install Kubernetes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -29
3.7. Install Helm and Deploy Tiller . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -32
3.8. Unzip downloaded files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -37
3.9. Install cert-manager and certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -38
3.10. Install Kubernetes operators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -39
3.11. Upload files to the docker registry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -41
3.12. Apply CRDs, operator and cert YAMLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -42
Section 4. Configure API Connect V10 subsystems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -44
4.1. Configure Management subsystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -44
4.2. Configure Developer Portal subsystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -45
4.3. Configure Gateway subsystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -47
4.4. Configure Analytics subsystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -48
4.5. Configure dynamic storage provisioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -50
4.6. Apply all subsystems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -56
4.7. Configure hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -56
4.8. Install a Simple Mail Transfer Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -57
4.9. Configure a DNS server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -58
Section 5. Configure Cloud Manager and API Manager Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -62
5.1. Log in to IBM API Connect Cloud Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -62
5.2. Configure topology in IBM API Connect Cloud Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -66
© Copyright IBM Corp. 2020, 2021 i

Course materials may not be reproduced in whole or in part without the prior written permission of
Contents
5.3. Log in to IBM API Connect API Manager................................................................................................ . -80

Section 6. (OPTIONAL) Setup a GraphQL server in Go . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -87
6.1. Install the latest version of Go . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -87
6.2. Clone and configure go-graphql . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -89
6.3. Open the GraphQL query playground . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . -101
Verification procedures....................................................................................................................................103
Remote labs........................................................................................................................................................104
© Copyright IBM Corp. 2020, 2021 i

Trademar
Trademarks
The reader should recognize that the following terms, which appear in the content of this training
document, are official trademarks of IBM or other companies:
IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of
International Business Machines Corp., registered in many jurisdictions worldwide.
The following are trademarks of International Business Machines Corporation, registered in many
jurisdictions worldwide:
Bluemix® Cloudant® DataPower®
DB™ Express® IBM API Connect™
IBM Bluemix™ IMS™ Notes®
Linux is a registered trademark of Linus Torvalds in the United States, other countries, or
both. Windows is a trademark of Microsoft Corporation in the United States, other countries,
or both.
Java™ and all Java-based trademarks and logos are trademarks or registered trademarks of
Oracle and/or its affiliates.
UNIX is a registered trademark of The Open Group in the United States and other countries.
LoopBack® and StrongLoop® are trademarks or registered trademarks of StrongLoop, Inc., an IBM
Company.
Social® is a trademark or registered trademark of TWC Product and Technology, LLC, an IBM
Company.
Other product and service names might be trademarks of IBM or other companies.
© Copyright IBM Corp. 2020, 2021 v

Classroom setup
Classroom setup guide
Overview
The purpose of this lab setup guide is to assist the classroom preparer in setting up the WD515
classroom lab environment.
This installation is useful for setting up a learning environment but may not be large enough
for a production environment.
The lab environment is only available on the IBM Remote Lab Platform (IRLP) environment. No
instructions are given for manually creating the course environment. This guide only provides
instructions for installing and verifying the software on the base image:
• "Requirements" on page -3
• "Network setup instructions" on page -5
• "Operating system setup instructions" on page -6
• "Software setup instructions" on page -7
• "Verification procedures" on page -103
• "Remote labs" on page -104
Important
The classroom must be ready to run lab exercises before the first day of class. Test the entire setup
thoroughly to avoid problems during class time. If you experience problems and need
assistance, contact the IBM Help Desk:
Toll-Free: 1-888-502-5511
International: 1-404-238-6000
Email: insthelp@us.ibm.com
© Copyright IBM Corp. 2020, 2021 1

Classroom setup
Figure 1. Illustration of lab setup

Requiremen
Requirements
The following section provides information about how to set up the lab environment that is
needed to conduct the lab exercises in this course. As the classroom provider, you are
responsible for providing the following configuration for this class.
The total number of systems that are required for a class is the number of instructors
and students in the class.
Lab configuration overview

Table 1 provides configuration information for the lab setup.
Table 1. Configuration for each system
System type and

System label processor CPU Memory Hard disk Operating system
2.5 GHz or faster Duo
API Connect Core 12 48 GB 600 GB RedHat V7.4 or newer
Network requirements
Configure and test the specific network requirements for this class as shown in Table 2 on
page -3. The words must not provide indicate that this feature interferes with student
exercises
and must not be present in the classroom. The words not necessary indicate that the course
does not require the feature, but if it is present in the classroom, it does not interfere with
exercises.
If isolated networks are required, each system must be on its own private network that is
not visible to any other systems in the classroom. If a single network is required, all
classroom systems must be connected to the same network.
Table 2. Required network configurations
Network configurationClassroom requirement
Specify isolated networks or a single network. Not required

Specify whether Internet access is required. Required
Specify whether a DHCP server is required. Not required
Specify whether fixed IP addresses should be assigned.
Required
Specify whether promiscuous mode is required. Not required

Requiremen
Software requirements
Obtain the following software before starting classroom setup. The classroom provider is
responsible for obtaining software licenses for any non-IBM software.
Table 3. Required software for class
Additional Information
Software product Version Operating systems
RedHat Enterprise
IBM API Connect 10.0.1.2
Linux (RHEL) Server
Included in IBM API
RedHat Enterprise
IBM DataPower Gateway 10.0.1.2 Connect software
Linux (RHEL) Server install
v88.0.1
Mozilla Firefox RedHat Enterprise
or lat Linux (RHEL) Server 7
Host or server system requirements

This section does not apply to this course.
IDs and passwords

Table 4 lists the various IDs that IBM suggests for this class and any requirements that they
have. Some might be automatically created during the installation process.
Table 4. ID names and login information
ID User name Password Comment

Used to open the VMware
Access to the VMware image root passw0rd image that is created for this
course.
Used to sign in to API
API Connect Cloud Manager admin Passw0rd! Connect Cloud Manager.
Used to sign in to API

API Connect API Manager ThinkOwner Passw0rd! Connect API Manager.

Network setup
Network setup instructions

This section does not apply to the course.

Operating system setup
Operating system setup instructions

Perform the following steps to install and customize the base operating system for each system
in the class setup.
WD515 lab environment

Requires RedHat V7.6 to be installed.

Software setup
Software setup instructions

Perform the following steps to install and customize software that is required in addition to the
operating system. Estimated setup time for one system label is 4 hours.
The following sections describe how to do the following:
• Download API Connect V10 software
• Install Docker and Kubernetes
• Install the API Connect V10 subsystems
? Management
? Developer Portal
? Gateway
? Analytics
• Log in to API Connect V10 and configure the topology

Software setup
Section 1. Download API Connect V10 software

This section describes where and how to obtain the API Connect V10 software.
1.1. Log in to the VMware image

1. Log in to Linux.
a. Select Not listed? under user.
b. In the Username field, enter root and click Next.
c. In the Password field, enter passw0rd and click Sign in.

Software setup
1.2. Download files onto image

1. On the desktop, click Firefox.
2. Select Fix Central from the bookmarks toolbar.
3. In Fix Central, specify the product, version, and platform to find the API Connect files.
a. In the Product selector field, enter IBM API Connect.

Software setup
b. In the Installed version field, select 10.0.1.2.
c. In the Platform field, select Linux and click Continue.
4. On Identify fixes, leave Browse for fixes checked and click Continue.

Software setup
5. Find the API Connect fix pack files.

a. In the Filter fix details fields, type apiconnect.
b. Select these files:

-apiconnect-image-tool_10.0.1.2-ifix2
-apiconnect-operator-release-files_10.0.1.2-ifix2
c. Click Continue.
Information
If prompted, sign in with your IBM ID.

Software setup
6. On Download options, select Download using your browser (HTTPS) and click Continue.
7. Read the license agreement and select I agree.
8. Click the download links for your selected files and save them to a temporary folder,
such as Downloads.
a. Select these files:

Software setup
-apiconnect-image-tool_10.0.1.2-ifix2.tar.gz
-apiconnect-operator-release-files_10.0.1.2-ifix2.zip
b. When Opening apiconnect-image-tool_10.0.1.2-ifix2.tar.gz appears, select Save

File and click OK.
c. When Opening apiconnect-operator-release-files_10.0.1.2-ifix2.zip appears, select

Save File and click OK.

Software setup
9. Wait until both files have fully downloaded.
10. Go to Applications and click Files.
11. Confirm that the files are available in the Downloads folder.

Software setup
Section 2. (OPTIONAL) Install SoapUI and Thunderbird

This section describes where and how to obtain SoapUI and Thunderbird for the API Connect
v10 course. This section is not required to install API Connect.
2.1. Install SoapUI

1. Go to Applications in the upper left and click Terminal.
2. Run the following commands in the terminal:

# cd ~
# chmod 755 SoapUI-x64-5.2.1.sh

Software setup
3. Run SoapUI.
./SoapUI-x64-5.2.1.sh
a. Click Next on the Welcome to the SoapUI 5.2.1 Setup Wizard window.
b. Select I accept the license agreement and click Next.

Software setup
c. Select /root/SoapUI-5.2.1 as the destination directory and click Next.
d. Select HermesJMS and Tutorials and click Next.

Software setup
e. Select I accept the agreement and click Next.
f. Select /root/SoapUI-Tutorials as the target directory for SoapUI Tutorials and click
Next.

Software setup
g. Select /usr/local/bin as the directory to create symlinks and click Next.
h. Select Create a desktop icon and click Next.

Software setup
i. Click Finish.
4. SoapUI is now ready for use.
2.2. Install Thunderbird

2. Run the following commands in the terminal:

# cd ~
# tar xjf thunderbird-78.9.0.tar.bz2
3. Run Thunderbird.
thunderbird/thunderbird
4. On the Set Up Your Existing Email Address page, use the following credentials and click
Configure manually:

Software setup
Username: admin
Email address: admin@ibm.com
5. Configure the Set Up Your Existing Email Address window manually with the following
credentials and click Advanced config:
Username: admin
Email address: admin@ibm.com
Server: .ibm.com
Port: Auto
SSL: Autodetect
Authentication: Autodetect
Username: admin@ibm.com

Software setup
6. On the System Integration window, select E-Mail and click Set as Default.
7. Thunderbird is now ready for use.

Software setup
Section 3. Install Docker and Kubernetes

This section describes how to install Docker and Kubernetes onto the VMware image.
3.1. Configure terminal

Attention
You must enter every command separately. After you type a command, press Enter.
• If steps contain multiple commands, each individual command will begin with #. Do
not include the # in typing the command.
• To avoid errors, copy and paste the commands that are provided for each step.
2. Configure the nameserver. In the terminal, run the following command:

gedit /etc/resolv.conf
a. Verify that the code in the editor to looks like the following.
# Generated by NetworkManager
nameserver 10.0.0.10
nameserver 10.0.0.1
nameserver 8.8.8.8
b. Click Save and close the editor.

Software setup
3. Set max_map_count and disable swap.

# sysctl -w vm.max_map_count=1048575
# echo "vm.max_map_count=1048575" >>
/etc/sysctl.conf # swapoff -a
# sed -i '/ swap / s/^/#/' /etc/fstab
4. Set hostname and disable SELinux and run the following commands:
# setenforce 0
# sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g'
/etc/sysconfig/selinux
# hostnamectl set-hostname think.ibm
5. Reboot and run the following command:

reboot
3.2. Create directory and move files

1. Re-log in to Linux.
2. Reopen the terminal.
3. Move the downloaded files from the Downloads folder to a new folder: distr.
a. Create a new directory named:
distr. # mkdir /root/distr
b. Move apiconnect-image-tool_10.0.1.2-ifix2.tar.gz and
apiconnect-operator-release-files_10.0.1.2-ifix2.zip from the Downloads folder to
the distr folder:
# cd /root/Downloads
# mv apiconnect-image-tool_10.0.1.2-ifix2.tar.gz
apiconnect-operator-release-files_10.0.1.2-ifix2.zip /root/distr
c. Verify that you successfully moved both files.
ll
4. Return to the root directory.

cd

Software setup
3.3. Configure Kubernetes repository

1. Disable the firewall.
systemctl disable firewalld && systemctl stop firewalld
2. Configure the Kubernetes repository by entering the following command into the terminal.
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
Attention
Do not enter the above command as multiple commands. Copy and paste the entire body of the
command into the terminal.
3.4. Install Docker
Attention
To complete the following steps, you must have a valid RedHat subscription.
1. Provide your RedHat subscription credentials.

subscription-manager register --force
a. Enter your RedHat username and password.
b. Attach the subscription.
# subscription-manager refresh
# subscription-manager attach --auto

Software setup
2. Enable the repositories.

# subscription-manager repos --enable=rhel-7-server-rpms
# subscription-manager repos --enable=rhel-7-server-extras-
rpms # subscription-manager repos --enable=rhel-7-server-
optional-rpms
Attention
Enabling repositories may require you to resubscribe into subscription-manager.
3. Install Docker dependencies.

yum install -y yum-utils device-mapper-persistent-data lvm2
4. Set up the stable repository.

yum-config-manager --add-repo
https://download.docker.com/linux/centos/docker-ce.repo

Software setup
5. Install Docker Community Edition (CE) package.

wget https://download.docker.com/linux/centos/docker-ce.repo -O
/etc/yum.repos.d/docker-ce.repo
6. Open docker-ce.repo.
gedit /etc/yum.repos.d/docker-ce.repo
a. Find (Ctrl+F):
baseurl=https://download.docker.com/linux/centos/$releasever/$basearch/st
able
and replace it with:
baseurl=https://download.docker.com/linux/centos/7/$basearch/stable
7. Install Docker.
yum install docker-ce-18.06.3.ce-3.el7

Software setup
Attention
If the terminal prompts [y/N] or [y/d/N], enter y and press Enter.
3.5. Install Docker registry and create self-signed certificates

1. Create an SSL certificate.
# mkdir
/root/certs # cd
/root/certs
# openssl req -newkey rsa:4096 -nodes -sha256 -keyout
/root/certs/think.ibm.key -x509 -days 3650 -out /root/certs/think.ibm.crt
Information
For creating the certificate, enter “.” in the fields, but for Common Name, enter think.ibm.
2. Restart and enable Docker.

systemctl restart docker && systemctl enable docker
3. Create Docker registry.

docker run -d --restart=always --name registry -v /root/certs:/certs
-v /var/lib/registry:/var/lib/registry -e REGISTRY_HTTP_ADDR=0.0.0.0:443
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/think.ibm.crt -e
REGISTRY_HTTP_TLS_KEY=/certs/think.ibm.key-p 5443:443 registry:2

Software setup
4. Move certificates.
# mkdir -p /etc/docker/certs.d/think.ibm:5443
# cp /root/certs/think.ibm.crt /etc/docker/certs.d/think.ibm:5443/ca.crt
# cp /root/certs/think.ibm.crt /etc/pki/ca-trust/source/anchors/ca.crt
# update-ca-trust
5. Install the EPEL repository.
yum -y install
https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
6. Install jq (JSON command line processor).

yum install jq -y
3.6. Configure and install Kubernetes

1. Install Kubernetes.
yum install -y kubelet-1.18.10 kubectl-1.18.10 kubeadm-1.18.10

Software setup
Troubleshooting
If Kubernetes does not install, re-configure the Kubernetes repository before reinstalling.
• Copy and paste the following into terminal:
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
• Install Kubernetes.
yum install -y kubelet-1.18.10 kubectl-1.18.10 kubeadm-1.18.10
2. Restart and enable Kubernetes.

systemctl restart kubelet && systemctl enable kubelet
3. Initialize Kubernetes control-plane.

kubeadm init --apiserver-advertise-address=10.0.0.10
--pod-network-cidr=192.168.0.0/16 --kubernetes-version=v1.18.10
Troubleshooting
If initializing the Kubernetes control-plane doesn’t work, run the following commands:
# modprobe br_netfilter
# echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

Software setup
Re-initialize the Kubernetes control-plane.

kubeadm init --apiserver-advertise-address=10.0.0.10
--pod-network-cidr=192.168.0.0/16 --kubernetes-version=v1.18.10
4. Start using the cluster.

# mkdir -p $HOME/.kube
# sudo cp -i /etc/kubernetes/admin.conf
$HOME/.kube/config # sudo chown $(id -u):$(id -g)
$HOME/.kube/config
5. Set KUBECONFIG and create kubectl alias.
# export KUBECONFIG=$HOME/.kube/config
# alias k="kubectl -n apiconnect"
# echo "export KUBECONFIG=$HOME/.kube/config" >>
/root/.bashrc # echo 'alias k="kubectl -n apiconnect"' >>
/root/.bashrc
6. Remove the master’s taints.
kubectl taint nodes --all node-role.kubernetes.io/master-
7. Deploy the pod network.

kubectl apply -f https://docs.projectcalico.org/v3.16/manifests/calico.yaml

Software setup
8. Check that all pods are up and running.

# kubectl get nodes
# kubectl get po --all-namespaces
Information
Wait for a few seconds and re-run kubectl get nodes if status is NotReady.
Wait for a few seconds and re-run kubectl get po --all-namespaces if all READY statuses
are not 1/1 yet.
9. Validate that the registry is available.

curl https://think.ibm:5443/v2/_catalog
3.7. Install Helm and Deploy Tiller

1. Create an ingress-config.yml file.
# cd /root/distr
# gedit ingress-config.yml

Software setup
An editor will pop up:
Attention
When entering code into YAML files, verify that the indentation and spacing is intact.

Software setup
Enter the following code into the editor:

controller:
config:
hsts-max-age: "31536000"
keepalive: "32"
log-format: '{ "@timestamp": "$time_iso8601", "@version": "1",
"clientip": "$remote_addr",
"tag": "ingress", "remote_user": "$remote_user", "bytes": $bytes_sent,
"duration":
$request_time, "status": $status, "request": "$request_uri", "urlpath":
"$uri",
"urlquery": "$args", "method": "$request_method", "referer":
"$http_referer",
"useragent": "$http_user_agent", "software": "nginx", "version":
"$nginx_version",
"host": "$host", "upstream": "$upstream_addr", "upstream-status":
"$upstream_status"
}'
main-snippets: load_module "modules/ngx_stream_module.so"
proxy-body-size: "0"
proxy-buffering: "off"
server-name-hash-bucket-size: "128"
server-name-hash-max-size:
"1024" server-tokens: "False"
ssl-ciphers: HIGH:!aNULL:!MD5
ssl-prefer-server-ciphers:
"True" ssl-protocols: TLSv1.2
use-http2: "true"
worker-connections:
"10240" worker-cpu-
affinity: auto worker-
processes: "1"
worker-rlimit-nofile:
"65536" worker-shutdown-
timeout: 5m
daemonset:
useHostPort:
false
extraArgs:
annotations-prefix:
ingress.kubernetes.io enable-ssl-
passthrough: true
hostNetwork:
true kind:
DaemonSet name:
controller
rbac:
create: "true"

Software setup
2. Click Save and close editor.
3. Set variables.
# export NAMESPACE=apiconnect
# export TILLER_NAMESPACE=apiconnect
# echo "export NAMESPACE=apiconnect" >> /root/.bashrc
# echo "export TILLER_NAMESPACE=apiconnect" >> /root/.bashrc
4. Create a Kubernetes namespace.
kubectl create namespace $NAMESPACE
5. Deploy Tiller.
kubectl create clusterrolebinding add-on-cluster-admin
--clusterrole=cluster-admin --serviceaccount=apiconnect:default
6. Install Helm.
# wget https://get.helm.sh/helm-v2.17.0-linux-amd64.tar.gz
# tar -zxvf helm-v2.17.0-linux-amd64.tar.gz
7. Move Helm files.

mv linux-amd64/helm /usr/local/bin/helm
8. Verify the Helm version.
helm version

Software setup
9. Initialize Helm.
helm init
10. Validate that the tiller is running.

k get po | grep tiller
Attention
You may have to wait and re-run k get po | grep tiller before the status changes to 1/1 and
Running.
11. Deploy nginx.

helm install stable/nginx-ingress --name ingress --values ingress-config.yml
--namespace kube-system
12. Validate that all ingress pods are running.

kubectl get po -n kube-system | grep ingress
Attention
You may have to wait and re-run kubectl get po -n kube-system | grep ingress before
both ingress pods’ statuses change to 1/1 and Running.

Software setup
3.8. Unzip downloaded files

1. Install unzip.
yum -y install unzip

Software setup
2. Unzip apiconnect operator release files.

unzip apiconnect-operator-release-files_10.0.1.2-ifix2.zip
a. Unzip helper files.

unzip helper_files.zip
3.9. Install cert-manager and certificates

1. Apply the CR.
kubectl apply -f cert-manager-0.10.1.yaml --validate=false

Software setup
2. Check the cert-manager pods’ statuses.

kubectl get po -n cert-manager
Wait for all cert-manager pods READY statuses to be 1/1 before proceeding to the next
step.
Attention
You may have to wait and re-run the command before all cert-manager pods are 1/1.
3.10.Install Kubernetes operators

1. Create a registry secret with credentials to pull down product images and replace
⏴USER_EMAIL> with any valid email address.
kubectl create secret docker-registry apic-registry-secret
--docker-server=think.ibm:5443 --docker-username=any --docker-password=any
--docker-email=<USER_EMAIL> -n apiconnect
2. Create a registry secret for the DataPower registry with credentials to pull down
product images and replace ⏴USER_EMAIL> with any valid email address.
kubectl create secret docker-registry datapower-docker-local-cred
--docker-server=think.ibm:5443 --docker-username=any --docker-password=any
--docker-email=<USER_EMAIL> -n apiconnect
3. Create a DataPower admin secret.

kubectl create secret generic datapower-admin-credentials
--from-literal=password=admin -n apiconnect

Software setup
4. Configure ibm-
apiconnect.yaml. gedit ibm-
apiconnect.yaml
a. Replace (Ctrl+F) every instance of namespace: default with namespace: apiconnect
b. Replace (Ctrl+F) every instance of REPLACE-DOCKER-REGISTRY with

think.ibm:5443
c. Click Save and close the editor.
5. Configure ibm-
datapower.yaml. gedit ibm-
datapower.yaml
a. Replace (Ctrl+F) every instance of namespace: default with apiconnect

Software setup
b. Replace (Ctrl+F) every instance of docker.io/ibmcom/datapower-operator:1.2.2

with think.ibm:5443/datapower-operator:1.2.2.
c. Below IBM_ENTITLED_REGISTRY, replace (Ctrl+F) "cp.icr.io/cp/datapower" with

"think.ibm:5443" (including quotation marks).
d. Below IBM_ENTITLED_REGISTRY, replace (Ctrl+F) "docker.io/ibmcom" with
"think.ibm:5443" (including quotation marks).
e. Click Save and close the editor.
3.11.Upload files to the docker registry

1. Upload images to the Docker registry.
docker load < apiconnect-image-tool_10.0.1.2-ifix2.tar.gz
# systemctl restart docker

# docker run --rm apiconnect-image-tool-10.0.1.2-ifix2 upload 10.0.0.10:5443
--tls-verify=false
Attention
It may take quite some time for this command to finish processing. Please be patient and wait.

Software setup
3.12.Apply CRDs, operator and cert YAMLs

1. Apply the YAMLs.
kubectl apply -f ibm-apiconnect-crds.yaml
kubectl apply -f ibm-apiconnect.yaml -n apiconnect
kubectl apply -f ibm-datapower.yaml -n apiconnect
kubectl apply -f ingress-issuer-v1-alpha1.yaml -n apiconnect

Software setup
2. Validate that certificates were created and pods are 1/1 and Running.
# k get
certificates # k
get po

Software setup
Section 4. Configure API Connect V10 subsystems

This section describes how to configure the management, developer portal, gateway and analytics
subsystems with specific parameters.
4.1. Configure Management subsystem

1. Redact
management_cr.yaml. gedit
management_cr.yaml
a. Replace the following variables in the management_cr.yaml editor.
$APP_PRODUCT_VERSION = 10.0.1.2-eus
$SECRET_NAME = apic-registry-secret
$DOCKER_REGISTRY = think.ibm:5443
$PROFILE = n1xc4.m16
$STACK_HOST = think.ibm
(admin.think.ibm,
manager.think.ibm,
api.think.ibm,
consumer.think.ibm)
$STORAGE_CLASS = myblock
accept: true
use: nonproduction

Software setup
4.2. Configure Developer Portal subsystem

1. Redact
portal_cr.yaml. gedit
portal_cr.yaml
a. Replace the following variables in the portal_cr.yaml editor.
Software setup
$PROFILE = n1xc2.m8
(api.think.ibm,
portal.think.ibm)
accept: true
use: nonproduction

Software setup
4.3. Configure Gateway subsystem

1. Redact
apigateway_cr.yaml. gedit
apigateway_cr.yaml
a. Replace the following variables in the apigateway_cr.yaml editor:
$PROFILE = n1xc4.m8
(rgw.think.ibm,
rgwd.think.ibm)
accept: true
use: nonproduction
$ADMIN_USER_SECRET = datapower-admin-credentials

Software setup
4.4. Configure Analytics subsystem

1. Redact
analytics_cr.yaml. gedit
analytics_cr.yaml
a. Replace the following variables in analytics_cr.yaml the editor:
Software setup
accept: true
use: nonproduction
$PROFILE = n1xc2.m16
(ac.think.ibm,
ai.think.ibm)
$DATA_VOLUME_SIZE = 250Gi

Software setup
4.5. Configure dynamic storage provisioning

1. Create directory
/root/storage. mkdir
/root/storage

Software setup
2. Prepare the required ClusterRole and ClusterRoleBinding file for the provisioner
by running the following command in the terminal:
gedit storage-rbac.yaml
a. Enter the following code into the editor:
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: hostpath-provisioner
namespace: apiconnect
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list",
"watch"]
- apiGroups: [""]
resources:
["events"]
verbs: ["list", "watch", "create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
subjects:
- kind:
ServiceAccount
name: default
namespace:
apiconnect

Software setup

Software setup
3. Prepare a hostpath provisioner Deployment YAML by running the following command

in the terminal:
gedit hostpath-provisioner.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
k8s-app: hostpath-provisioner
spec:
replicas: 1
revisionHistoryLimit: 0
selector:
matchLabels:
template:
metadata:
labels:
spec:
containers:
- name: hostpath-provisioner
image: mazdermind/hostpath-provisioner:latest
env:
- name:
NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: PV_DIR
value: /root/storage
- name: PV_RECLAIM_POLICY
value: Retain
volumeMounts:
- name: pv-volume
mountPath:
/root/storage
volumes:
- name: pv-
volume

Software setup
hostPath:
path: /root/storage

Software setup

Software setup
4. Prepare a StorageClass YAML by running the following command in the terminal:

gedit StorageClass.yaml
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name:
myblock
annotations:
storageclass.kubernetes.io/is-default-class: "true"
provisioner: hostpath

5. Create YAML files by running the following commands in the terminal:
# kubectl create -f storage-rbac.yaml -n apiconnect
# kubectl create -f hostpath-provisioner.yaml -n
apiconnect # kubectl create -f StorageClass.yaml -n
apiconnect
6. Validate that the hostpath provisioner is running.

k get po
Troubleshooting
In the case of an Error from server (InternalError): an error on the server ("") has
prevented the request from succeeding error, run the following commands:
# rpm -qa | grep -i haproxy-
1.5.18 # rpm -e haproxy-1.5.18-
9.el7.x86-64

Software setup
4.6. Apply all subsystems

1. Install the custom resources.
# kubectl apply -f management_cr.yaml -n
apiconnect # kubectl apply -f portal_cr.yaml -n
apiconnect
# kubectl apply -f apigateway_cr.yaml -n
apiconnect # kubectl apply -f analytics_cr.yaml -
n apiconnect
2. Verify that the subsystems are fully installed and that all subsystem statuses are Running.
# kubectl get ManagementCluster -n
apiconnect # kubectl get PortalCluster -n
apiconnect
# kubectl get GatewayCluster -n
apiconnect # kubectl get AnalyticsCluster
-n apiconnect
Troubleshooting
If a subsystem installation has exceeded 10 minutes and its status has not yet changed, run
the following command and replace ⏴SUBSYSTEM_YAML> with the YAML name of the stalled
subsystem:
kubectl delete -f <SUBSYSTEM_YAML> -n apiconnect
Re-run the following command to reapply the subsystem YAML:
kubectl apply -f <SUBSYSTEM_YAML> -n apiconnect
4.7. Configure hosts

1. Edit the hosts file to include all subsystem hosts and IP addresses:
gedit /etc/hosts

Software setup
2. Enter the following text in to the editor:

#########Local Ingress#########
10.0.0.10 think.ibm
10.0.0.10 ac.think.ibm
10.0.0.10 ai.think.ibm
10.0.0.10 rgw.think.ibm
10.0.0.10 rgwd.think.ibm
10.0.0.10 admin.think.ibm
10.0.0.10 manager.think.ibm
10.0.0.10 consumer.think.ibm
10.0.0.10 api.think.ibm
10.0.0.10 api.portal.think.ibm
10.0.0.10 portal.think.ibm
###############################
3. Click Save.
4.8. Install a Simple Mail Transfer Protocol

1. Install a fake SMTP for future portal configuration.
# mkdir /root/emails
# docker run -d -p 2525:25 -v /root/emails:/var/mail munkyboy/fakesmtp

Software setup
4.9. Configure a DNS server

1. Install DNS BIND, a software that provides an ability to perform name to IP conversion.
yum -y install bind bind-utils

Software setup
2. Configure named.conf to setup a caching name server:

gedit /etc/named.conf
a. Enter the following code into the editor and click Save:
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html
options {
listen-on port 53 { 127.0.0.1; 10.0.0.10; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { any;
}; recursion yes;
dnssec-enable yes;
dnssec-validation
yes; dnssec-lookaside
auto;
/* Path to ISC DLV key */

bindkeys-file "/etc/named.root.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {

Software setup
type master;
file
"named.ca";
};
zone "think.ibm" IN {
type master;
file "think.ibm.zone";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

Software setup
3. Configure think.ibm.zone to setup a forward zone file:

gedit /var/named/think.ibm.zone
$TTL 604800
@ IN SOA ns.think.ibm. root.think.ibm. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns.think.ibm.
IN A 10.0.0.10
* IN A 10.0.0.10
4. Reload the named service.

systemctl reload named
5. Test the name server.
nslookup think.ibm
Attention
Running the following command will result in a NXDOMAIN error:

nslookup 10.0.0.10

Software setup
Section 5. Configure Cloud Manager and API Manager Settings

This section describes how to configure IBM API Connect Cloud Manager and IBM API Connect
API Manager.
5.1. Log in to IBM API Connect Cloud Manager

2. Select Cloud Manager from the bookmarks toolbar.
3. Open Cloud Manager.

a. On the Warning: Potential Security Risk Ahead page, click Advanced.

Software setup
b. Click Accept the Risk and Continue.
c. The IBM API Connect Cloud Manager login window opens.
4. Use the following credentials to log in to Cloud Manager and click

Login: Username: admin
Password: 7iron-hide

Software setup
Information
If a Firefox pop-up appears asking to save your login, feel free to select whichever option you
prefer so long as the login information is correct.
5. On the Change Password page, enter a valid email address in the Email field and enter
the following information for the other fields:
Current password: 7iron-hide
New Password: Passw0rd!
Confirm password: Passw0rd!
Do not alter or use a different password for the course since your instructor needs to
know your login information to assist you. The email address is shaded below for privacy.
a. Click Save.

Software setup
Information
If you are redirected to the IBM API Connect Cloud Manager login page, enter admin/Passw0rd!
for Username/Password and click Login.

Software setup
5.2. Configure topology in IBM API Connect Cloud Manager

1. On the Cloud Manager home page, go to the taskbar on the left and click on Resources.
a. On the Resources page, click on Notifications and then click on Create.
b. Enter the following information in the Email server configuration fields:

Title: smtp
Address: 10.0.0.10
Port: 2525
Authenticate user: admin
Authenticate password: Passw0rd!

Software setup
c. Select Secure connection and click Save.

Software setup
2. Set this smtp configuration as a Notifications mechanism for your installation.

a. Go to the left taskbar and select Settings.
b. Select Notifications and click on Edit.
c. Enter the following information in the fields for Edit sender & email server and click
Save:
Name: APIC Administrator
Email address: apicadm@my.apic.local

Software setup
3. Configure your topology by connecting all subsystems together. Add the Analytics
subsystem.
a. Go to the left taskbar and select Topology.

Software setup
b. Click on Register Service.
c. Select Analytics.
d. Configure the analytics service and click

Save: Title: analytics
Endpoint: https://ac.think.ibm
TLS client profile: Analytics client TLS client profile:1.0.0

Software setup
4. Add the Gateway subsystem.

a. Click on Register Service.

Software setup
b. Select DataPower API Gateway.
c. Configure the gateway service and click Save.

Title: gateway
Endpoint: https://rgwd.think.ibm
TLS client profile: Default TLS client profile:1.0.0
API endpoint base: https://rgw.think.ibm
Host name: *
TLS server profile: Default TLS server profile

Software setup

Software setup
5. Add the Portal subsystem.

a. Click on Register Service.
b. Select Portal.
c. Configure the portal service and click Save.

Title: portal
Endpoint: https://api.portal.think.ibm
TLS client profile: Portal Director TLS client profile:1.0.0
Portal website URL: https://portal.think.ibm

Software setup

Software setup
6. Associate an analytics service by clicking on Associate analytics service.
a. Select analytics and then click on Associate.

Software setup
7. DataPower API Gateway service gateway should be associated with analytics.
8. Create a provider organization by selecting Provider organizations in the left taskbar.
a. On Provider organizations, click Add.

Software setup
b. Select Create organization.
c. Create the organization and click Create.

Title: Think
User registry: API Manager Local User Registry
Type of user: New User
Username: ThinkOwner
Email: owner@think.ibm
First name: Think
Last name: Owner
Password: Passw0rd!
Confirm password: Passw0rd!

Software setup

Software setup
d. The Think provider organization should be Enabled.
9. Cloud Manager is now configured and ready for use.
5.3. Log in to IBM API Connect API Manager

1. Click the plus sign or press Ctrl+T to create a new tab.
2. Select API Manager from the bookmarks toolbar.
3. Open API manager.

a. On the Warning: Potential Security Risk Ahead page, click Advanced.

Software setup
b. Click Accept the Risk and Continue.
c. The IBM API Connect API Manager login window opens.
d. User the following credentials to log in to API Manager and click

Login: Username: ThinkOwner
Password: Passw0rd!
Information
The login credentials the same values we used to configure the provider organization.

Software setup
e. The page refreshes and redirects to the IBM API Connect API Manager home page.

Software setup
4. Configure Gateway services and click Manage from the left taskbar.
a. Select Sandbox.
b. Select Catalog settings.

Software setup
c. Select Gateway services.
d. Click Edit.
e. Check gateway and click Save.

Software setup
f. Gateway services is now enabled.
5. Configure Portal services and select Portal.
a. Click Create.

Software setup
b. On the Portal site, select portal as the portal service from the drop-down list. This
will automatically populate the URL field.
c. Click Create.
d. Portal service portal has been added.
6. API Manager is now configured and ready for use.

Software setup
Section 6. (OPTIONAL) Setup a GraphQL server in Go

This section describes how to install and setup a GraphQL server in Go. This is a consultant built
server, not supported by IBM Support, and is used in the API Connect v10 course for the
GraphQL API to call as a sample application.
6.1. Install the latest version of Go

2. Select Golang from the bookmarks toolbar.
3. Select the Linux tab.

Software setup
4. Click the Download Go for Linux button.
5. When the Opening go1.16.3.linux-amd64.tar.gz window appears, select Save File and
click OK.
7. Navigate to the Downloads directory.

cd /root/Downloads

Software setup
8. Install Go and remove any previous installation.

rm -rf /usr/local/go && tar -C /usr/local -xzf go1.16.3.linux-amd64.tar.gz
Attention
When entering code into the editor, verify that the indentation and spacing is intact.
9. Add /usr/local/go/bin to the PATH environment variable.

gedit /etc/profile
export PATH=$PATH:/usr/local/go/bin
b. Apply changes immediately by running the following line in the terminal:

export PATH=$PATH:/usr/local/go/bin
10. Verify that Go has been installed.
go version
6.2. Clone and configure go-graphql

1. Navigate to the distr directory.
cd /root/distr
2. Git clone the go-graphql repository.
git clone https://github.com/marukhno/go-graphql.git

Software setup
Attention
Verify that git is enabled.

git version
3. Navigate to the go-graphql directory.

cd go-graphql
4. Install gqlgen: a Go library for building GraphQL servers.
go get github.com/99designs/gqlgen
5. Initialize a new project.

go run github.com/99designs/gqlgen init

Software setup
6. Configure schema.graphqls.
# cd
/root/distr/go-graphql/graph #
gedit schema.graphqls
type Query {
account(id: ID!): Account
accounts(limit: Int): [Account]
}
type Account
{ id: ID!
name:
Name!
shippingAddress: Address!
creditCard: CreditCard!
}
type Name {
first:
String! last:
String!
}
type Address {
country: String!
street: String!
state: String!
zip: String!
building: String!
}
type CreditCard
{ number:
String! pin:
Int!
expirationDate: String!
}
input NewName{
first:
String! last:
String!
}
input NewAddress{
country: String!
street: String!
state: String!

Software setup
zip: String!
building: String!
}

Software setup
input
NewCreditCard{ nu
mber: String!
pin: Int!
expirationDate: String!
}
input
NewAccount{ id
: ID!
name: NewName!
shippingAddress: NewAddress!
creditCard: NewCreditCard!
}
type Mutation {
createAccount(input: NewAccount!): Account!
}

Software setup
7. Regenerate resolvers based on the SDL.

go run github.com/99designs/gqlgen generate

Software setup
8. Configure resolver.go to make the data accessible by ID.

# cd
gedit resolver.go
var Accounts = make(map[string]*model.Account)

Software setup
9. Configure schema.resolvers.go.
# cd
gedit schema.resolvers.go
func (r *mutationResolver) CreateAccount(ctx context.Context, input
model.NewAccount) (*model.Account, error) {
mockAcc :=
model.Account{ ID:
input.ID,
Name: &model.Name{
First: input.Name.First,
Last: input.Name.Last,
},
ShippingAddress: &model.Address{
Country:
input.ShippingAddress.Country, Street:
input.ShippingAddress.Street,
State: input.ShippingAddress.State,
Zip: input.ShippingAddress.Zip,
Building:
input.ShippingAddress.Building,
},
CreditCard: &model.CreditCard{
Number: input.CreditCard.Number,
Pin: input.CreditCard.Pin,
ExpirationDate: input.CreditCard.ExpirationDate,
},
}
Accounts[input.ID] =
&mockAcc return &mockAcc,
nil
}
func (r *queryResolver) Account(ctx context.Context, id string)

(*model.Account, error) {
if acc, ok := Accounts[id]; ok
{ return acc, nil
} else {
return nil, nil
}
}
func (r *queryResolver) Accounts(ctx context.Context, limit *int)

([]*model.Account, error) {
accArray := make([]*model.Account, 0, len(Accounts))
for _,v := range Accounts {
accArray = append(accArray, v)

Software setup
}
l := *limit
if l > len(accArray)
{ l =
len(accArray)

Software setup
return accArray[:l], nil

}

Software setup
10. Configure server.go.

# cd /root/distr/go-
graphql # gedit
server.go
package
main import
(
"github.com/99designs/gqlgen/graphql/handler/transport"
"github.com/go-chi/chi"
"github.com/gorilla/websocket"
"github.com/rs/cors"
"log"
"net/http"
"os"
"github.com/99designs/gqlgen/graphql/handler"
"github.com/99designs/gqlgen/graphql/playground"
"github.com/marukhno/go-graphql/graph"
"github.com/marukhno/go-graphql/graph/generated"
)
const defaultPort = "8080"
func main() {
port :=
os.Getenv("PORT") if
port == "" {
port = defaultPort
}
router := chi.NewRouter()
// Add CORS middleware around every request
// See https://github.com/rs/cors for full option listing
router.Use(cors.New(cors.Options{
AllowedOrigins: []string{"https://*", "http://*"},
AllowedMethods: []string{"GET", "POST", "PUT",
"DELETE",
"OPTIONS"},
AllowedHeaders: []string{"*"},
AllowCredentials: true,
Debug: true,
}).Handler)
srv :=
handler.NewDefaultServer(generated.NewExecutableSchema(generated.Config{R
esolvers: &graph.Resolver{}}))
srv.AddTransport(&transport.Websocket{
Upgrader: websocket.Upgrader{
CheckOrigin: func(r *http.Request) bool {
// Check against your desired domains here
return true
},

Software setup
ReadBufferSize: 1024,
WriteBufferSize: 1024,
},

Software setup
})
router.Handle("/", playground.Handler("GraphQL playground", "/query"))
router.Handle("/query", srv)
//log.Printf("connect to http://localhost:%s/ for GraphQL playground",
port)
//log.Fatal(http.ListenAndServe(":"+port, nil))
log.Printf("connect to https://localhost:%s/ for GraphQL
playground", port)
err := http.ListenAndServeTLS(":"+port, "certs/go-
graphql.crt", "certs/go-graphql.key", router)
if err != nil {
log.Fatal("ListenAndServe: ",
err)
}
}

Software setup
11. Create a certs directory.

mkdir certs && cd certs
12. Generate a TLS certificate and key.
openssl req \
-newkey rsa:4096 -nodes -sha256 -keyout go-graphql.key \
-x509 -days 3650 -out go-graphql.crt

Software setup
Information
For creating the certificate, enter “.” in the fields, but for Common Name, enter think.ibm.
13. Create a Dockerfile.

# cd /root/distr/go-
graphql # gedit
Dockerfile
FROM
golang:1.15.5 RUN
mkdir /app ADD .
/app/ WORKDIR
/app
RUN go build -o main
. EXPOSE 8080
CMD ["/app/main"]

Software setup
14. Build an image based on the Dockerfile.

docker build --tag=go-graphql:1.0.0 .
15. Run the GraphQL server in a Docker container.

docker run -p 8080:8080 go-graphql:1.0.0
6.3. Open the GraphQL query playground

1. Open and view the GraphQL query playground.Click on the plus-sign or press Ctrl+T
to open a new tab in Firefox.
2. In the search bar, enter https://think.ibm:8080.

Software setup
3. On the Warning: Potential Security Risk Ahead page, click Advanced.
4. Click Accept the Risk and Continue.
5. Your GraphQL query playground is now ready for use.

Verification
Verification procedures
Follow the verification procedures to access the IBM Remote Lab Platform in the preface of the
course exercise guide.

Remote
Remote labs
Note
For more information about reserving and accessing remote labs on the IBM Remote Lab
Platform, see the Training Provider Operations Guide. IBM strongly encourages you to test the
remote lab access before the class start date. Local network restrictions can cause access
problems.

© Copyright International Business Machines Corporation 2020, 2021.

WD515G 2.0 en WD5152LSG

Uploaded by

Copyright:

Available Formats

WD515G 2.0 en WD5152LSG

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

WD515G 2.0 en WD5152LSG

Uploaded by

Copyright:

Available Formats

Lab Setup Guide

Create, Secure, and Publish APIs with

Classroom setup guide........................................................................................................................................1

Network setup instructions.................................................................................................................................5

Operating system setup instructions...............................................................................................................6

Software setup instructions................................................................................................................................7

© Copyright IBM Corp. 2020, 2021 i

5.3. Log in to IBM API Connect API Manager................................................................................................ . -80

© Copyright IBM Corp. 2020, 2021 i

© Copyright IBM Corp. 2020, 2021 v

Classroom setup guide

© Copyright IBM Corp. 2020, 2021 1

Figure 1. Illustration of lab setup

© Copyright IBM Corp. 2020, 2021 2

Lab configuration overview

System type and

Specify isolated networks or a single network. Not required

© Copyright IBM Corp. 2020, 2021 3

Host or server system requirements

IDs and passwords

ID User name Password Comment

Used to sign in to API

© Copyright IBM Corp. 2020, 2021 4

Network setup instructions

© Copyright IBM Corp. 2020, 2021 5

Operating system setup instructions

WD515 lab environment

© Copyright IBM Corp. 2020, 2021 6

Software setup instructions

© Copyright IBM Corp. 2020, 2021 7

Section 1. Download API Connect V10 software

1.1. Log in to the VMware image

b. In the Username field, enter root and click Next.

c. In the Password field, enter passw0rd and click Sign in.

© Copyright IBM Corp. 2020, 2021 8

1.2. Download files onto image

2. Select Fix Central from the bookmarks toolbar.

© Copyright IBM Corp. 2020, 2021 9

b. In the Installed version field, select 10.0.1.2.

c. In the Platform field, select Linux and click Continue.

© Copyright IBM Corp. 2020, 2021 10

5. Find the API Connect fix pack files.

b. Select these files:

If prompted, sign in with your IBM ID.

© Copyright IBM Corp. 2020, 2021 11

7. Read the license agreement and select I agree.

© Copyright IBM Corp. 2020, 2021 12

b. When Opening apiconnect-image-tool_10.0.1.2-ifix2.tar.gz appears, select Save

c. When Opening apiconnect-operator-release-files_10.0.1.2-ifix2.zip appears, select

© Copyright IBM Corp. 2020, 2021 13

9. Wait until both files have fully downloaded.

10. Go to Applications and click Files.

© Copyright IBM Corp. 2020, 2021 14

Section 2. (OPTIONAL) Install SoapUI and Thunderbird

2.1. Install SoapUI

2. Run the following commands in the terminal:

© Copyright IBM Corp. 2020, 2021 15

b. Select I accept the license agreement and click Next.

© Copyright IBM Corp. 2020, 2021 16