Over the past few months, I have been working with several customers who share a common goal.. They are operating across multiple environments, including VMWare-based systems, software-installed gateways, and cloud-native Kubernetes platforms. The overarching theme is their need for a dynamic configuration that is maintainable, able to be quickly replicated, and easy to implement in a CI/CD pipeline.
The conversations have been fantastic, and exciting for me, especially as Broadcom delivers new features and functionality that enhance dynamic configuration for both cloud native and traditional on-premises deployments. The latest feature in the Layer 7 Gateway 11.1.1 is called the Graphman Management API, commonly referred to as Graphman.
The Graphman API, you say? Let’s take a look at some high-level details of its functionality:
-
General Availability: Graphman is generally available as of Gateway 11.1.1.
-
Built-in Service: It is a built-in service that can be published on the Gateway.
-
RESTful APIs: Graphman is built on a robust suite of RESTful APIs based on GraphQL.
-
Command Line Client: It includes a command-line client called the Graphman Client.
To enable the Graphman Management API on your Gateway or Gateway Cluster, it simply needs to be enabled as an internal published service. That can be accomplished in the Gateway Policy Manager UI, can be bootstrapped to enable it, or be enabled by default in your Helm chart configuration.
The Graphman Client allows for easy configuration,backups and migration of your Gateway configuration. Gateway details, such as host names and ports, can be configured in the graphman.configuration file. You can set up multiple gateways within the Graphman Client, which can then be used to import and export Gateway configuration bundles as JSON files. This functionality allows for seamless migration of configurations from one Gateway to another, enabling rapid application of dynamic configurations.
Getting started with the Graphman client is as easy as 1,2,3. (4,5,6..)
-
Set the GRAPHMAN_HOME environment variable.
-
Configure your Gateway information in the graphman.configuration file, such as:
-
Export a Gateways full configuration as a bundle:
-
Explode the bundle into an easy to work with file folder structure:
-
At this step, select the configuration files that you want to migrate to your second Gateway cluster. The /tree folder contains your policies, there are also folders for cluster wide properties, JDBC connections, private keys, everything you need for your gateway configuration. To migrate all of your policies to the next gateway, create a bundle using everything in the /tree folder. The folder needs the same directory structure as the initial export after it was exploded. An easy way to remove items that should not be migrated to the second gateway is to delete them from the exploded folder. Then keep anything in the exploded folder you want migrated, and implode those contents to create the bundle to be imported in step 7.
-
Implode the folder you configured with everything you want to migrate to the second Gateway/Gateway cluster.
-
Once you are satisfied you have your bundle configured and imploded correctly, you are ready to import to the second gateway. The second gateway is specified with the –gateway flag, and the –gateways.gateway2.allowMutations allows the gateway’s configuration to be modified during the import call.
That’s really all you need to get started with the Graphman Management API and the Graphman Client.
The Graphman Management API and the Graphman command line client really provide an easy mechanism to backup Gateway configuration and migrate configurations between Gateways that reside on-prem or in the cloud. I highly recommend checking it out and consider leveraging it with your CI/CD tooling to provide rapid configuration and deployment of Layer 7 Gateways in a modern sustainable fashion.
Links and docs:
For additional details checkout the Graphman Management Documentation at
https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/11-1/apis-and-toolkits/graphman-management-api.html
Also check out the Git repository for the Graphman Client here:
https://github.com/Layer7-Community/graphman-client/wiki/Getting-Started