Red Hat OpenShift API Management

API management available as a service

Try API management
Service definition

OpenShift API Management: Set up your environment

Red Hat OpenShift API Management is an add-on supported on Red Hat OpenShift Dedicated and Red Hat OpenShift Service on AWS. As a new customer of Red Hat OpenShift API Management, the following instructions will guide you through the setup process.

Note: Even if you haven’t signed up for Red Hat OpenShift API Management, you will still be able to play with it by following the instructions provided on the getting started page. As a user, you will be able to set up your own API gateway, create and secure your APIs, and learn more about managing and sharing APIs.

   Pro tip: Click on the screenshots to view them at full size.

Step 1

Create an OpenShift Dedicated Cluster navigation window
Figure 1: Create an OpenShift Dedicated Cluster navigation window

 

Create an OpenShift Dedicated Cluster

To get started, sign in to Red Hat OpenShift Hybrid Cloud Console here.

The first step is to create a cluster. (Figure 1.)

  1. Select the OpenShift > Clusters menu in the left navigation pane.
  2. Select Create cluster. If you have an OpenShift Dedicated trial, select Create trial cluster.

Step 2

Choose your subscription and Infrastructure type
Figure 2: Choose your subscription and Infrastructure type

 

Enter details to set up your OpenShift Dedicated cluster

Your next step is to enter details about your cluster. 

  1. Choose your Subscription type (Figure 2). You can choose the Free trial if it is available.
  2. Choose Infrastructure type.
  3. Click Next to continue.

Step 3

Select a cloud provider
Figure 3a: Select a cloud provider
Enter AWS account details
Figure 3b: Enter AWS account details

 

Select a cloud provider

Your next step is to select an infrastructure provider.

  1. When prompted to Select a cloud provider, choose AWS (Figure 3a).
  2. Fill in the values for the following AWS account details as shown in Figure 3b, using your own account details:
    1. AWS Account ID
    2. AWS access key ID
    3. AWS secret access key
  3. Click Next.

Step 4

Enter cluster details
Figure 4: Enter cluster details

 

Enter cluster details

  1. Enter the following details for your cluster:
    1. Cluster name of your choice
    2. Version (4.10.4 at the time of writing)
    3. Region of your choice
    4. Availability (choose Single zone for this trial)
  2. Click the box next to Enable workload monitoring and leave the Encryption section as is, as shown in Figure 4.

Step 5

Select machine pool details
Figure 5: Select machine pool details

 

Select machine pool details

  1. Select the compute node instance types as follows:
    1. Select 4 vCPU 16 GiB RAM for the  Worker node instance type.
    2. Select 8 for the Worker node count.
  2. Click Next.

Step 6

Set up networking options
Figure 6a: Set up networking options
Set up CIDR ranges
Figure 6b: Set up CIDR ranges

 

Networking options

  1. Set Cluster privacy to Public as in Figure 6a.
  2. Click Next.
  3. Accept the default values for CIDR ranges, as in Figure 6b. 
  4. Click Next.

Step 7

Set up cluster update strategy
Figure 7: Set up cluster update strategy

 

Set up cluster update strategy

  1. Keep the default values:
    1. Individual updates
    2. 1 hour for the Grace period
  2. Click Next.

Step 8

Review and create the cluster
Figure 8a: Review and create the cluster
Cluster creation complete
Figure 8b: Cluster creation complete

 

Review and create the cluster

  1. Review the settings and click Create cluster (Figure 8a). 
  2. Installation will take about 15 minutes.
  3. Once installation is complete, you will see the dashboard showing that the Cluster installed successfully (Figure 8b).

Step 9

Set up cluster access control
Figure 9: Set up cluster access control

 

Set up cluster access control

After your OpenShift Dedicated cluster is created, you must configure identity providers to determine how users log in to access the cluster. For this example, you will choose GitHub as your identity provider.

Step 10

Add GitHub identity provider
Figure 10: Add GitHub identity provider

 

 

Add identity provider

As shown in Figure 10, set up the following:

  • Enter a unique name (GitHub, in this case).
  • An OAuth callback URL is automatically generated in the provided field. 
  • Make a note of this since you will use this to register the GitHub application in the next step.
  • Choose claim as your Mapping method.

Step 11

Register a new OAuth application
Figure 11a: Register a new OAuth application
Get client ID and client secret
Figure 11b: Get client ID and client secret

 

Register a new OAuth Application

Next you will need to create a new OAuth application

  • Log in to GitHub (in a different window)
  • Access your profile Settings.
  • Choose Developer settings found at the bottom of the left hand menu
  • Click on the button New OAuth App. 

As shown in Figure 11a, create a new OAuth application:

  • For Application name, type whatever name you’d like to assign to your app. This should match the name provided in Figure 4 (osd-rhoam, in this case).
  • In "Homepage URL", type the full URL to your app's website (you can also choose https://console.redhat.com).
  • Enter the Authorization Callback URL from the Hybrid Cloud Console as noted in Figure 10a.
  • Click Register application. 

 

On the next page:

  • Generate a Client secret
  • Copy the Client ID and Client secret. You’ll use these in the next step.

Step 12

Complete creation of cluster identity provider
Figure 12: Complete creation of cluster identity provider

 

Complete creation of cluster identity provider

Return to the Hybrid Cloud Console.

  • Enter the Client ID and Client secret provided by GitHub in the previous step.
  • Enter an optional Hostname if you are using a hosted instance of GitHub Enterprise. 
  • Select Use organizations or Use teams if you want to restrict access to a particular GitHub organization or team, and enter the name of that organization or team. 
  • Click Add.

Step 13

Set up cluster roles and access
Figure 13a: Set up cluster roles and access

 

Add cluster user
Figure 13b: Add cluster user

 

Add admin users

Administrator roles are managed using a dedicated-admins group on the cluster. You can add and remove users from Red Hat OpenShift Cluster Manager.

  1. Click the Access control tab (Figure 13a).
  2. Click Add User.
  3. In the Add cluster user popup (Figure 13b):
    1. Enter the User ID you want to add. This would be the GitHub user ID within the GitHub organization you added in the previous step.
    2. Choose the dedicated-admins group.
  4. Click Add user.

This completes the installation of OpenShift Dedicated.

Step 14

Select Red Hat OpenShift API Management add-on
Figure 14a: Select Red Hat OpenShift API Management add-on

 

Install Red Hat OpenShift API Management
Figure 14b: Install Red Hat OpenShift API Management

 

Installing Red Hat OpenShift API Management

Once OpenShift Dedicated cluster is set up, you can add OpenShift API Management to the cluster.

  1. Click the Add-ons tab to view a list of available add-ons.
  2. Click the Red Hat OpenShift API Management card (Figure 14a).
  3. Click the Install button that appears on the popup card (Figure 14b).

Step 15

Configure Red Hat OpenShift API Management
Figure 15: Configure Red Hat OpenShift API Management

 

Configuring Red Hat OpenShift API Management

Next, you need to provide the additional details necessary to configure OpenShift API Management.

  1. Accept the default value for CIDR range unless you have a VPC/VPN setup.
  2. Enter your email address for notification purposes.
  3. Select Evaluation or 100 Thousand Requests Per Day as the value for Quota.
  4. Check the box to acknowledge the Addon Resource Requirements.
  5. Click the Install button.

The initial installation will take about 30 to 45 minutes. 

Step 16

Installation of Red Hat OpenShift API Management complete
Figure 16a: Installation of Red Hat OpenShift API Management complete

 

Authorize access in Github
Figure 16b: Authorize access in Github

 

Configuring Red Hat OpenShift API Management

After installation is complete, OpenShift API Management should show up as Installed in the Clusters > Add-ons page (Figure 16a).

  1. Click the Open Console button to navigate to the OpenShift Web Console.
  2. You will be asked to log in to the OpenShift console using your Github identity provider. Authorize this access by clicking on the Authorize button at the bottom of the page (Figure 16b).
  3. You will be redirected to the OpenShift Dedicated dashboard page.

Step 17

Launch OpenShift API Management
Figure 17: Launch OpenShift API Management

 

OpenShift API Management dashboard
Figure 18: OpenShift API Management dashboard

 

Launch OpenShift API Management

  1. From the OpenShift console, access API Management  from the application switcher in the top menu bar. (Figure 17.)
  2. You can also access API Management SSO from the application switcher.  You will need to use GitHub authentication for this as well.

Installation and set up of Red Hat OpenShift API Management is now complete. You can now create and secure your APIs!