Deploying the TIBCO Cloud™ API Management - Local Edition Cluster

To deploy the TIBCO Cloud™ API Management - Local Edition cluster, the administrator should:
  • Update platform API (V3) properties (Jenkins job update_platform_api_properties),
  • Customize key stores for Traffic Manager and Configuration Manager (Jenkins jobs whose names starting with upload_ssl_*).



Updating Platform API Properties

For security, the administrator should update UUIDs for areas, update package keys and secrets.



Using this Jenkins job, the administrator can:
  • Customize domain suffix
  • Customize area name
  • Generate new UUIDs for areas
  • Generate new keys for packages
  • Generate new secrets for packages

The file /var/jenkins_home/docker-deploy/properties/tml_papi_properties.json is updated.

Prepare Keystore for Traffic Manager

A keystore for Traffic Manager can be prepared using either of the following Jenkins jobs:
  • Uploading SSL Server Keystore for Traffic Manager



    To upload an SSL server keystore for Traffic Manager:
    1. Upload the keystore in PKCS#12 format.
    2. Input the password protecting the keystore.
    The Jenkins job delivers the following output:
    • Converts the keystore to JKS format from PKCS#12 format and saves it as /var/jenkins_home/docker-deploy/properties/tml-tm.jks.
    • Records the keystore password in tm_keystore_password in /var/jenkins_home/docker-deploy/properties/tml_tm_properties.json.
  • Uploading SSL Server Key Certificate Traffic Manager



    To upload an SSL server key certificate for Traffic Manager:
    1. Upload the certificate in PEM format.
    2. Upload the private key in PKCS#8 format and input the password protecting the private key.
    The Jenkins job delivers the following output:
    • Puts the certificate and private key to keystore in JKS format and saves it as /var/jenkins_home/docker-deploy/properties/tml-cm.jks.
    • Records the keystore password in cm_keystore_password in /var/jenkins_home/docker-deploy/properties/tml_cm_properties.json.

Prepare Keystore for Configuration Manager

A keystore for Traffic Manager can be prepared using either of the following Jenkins jobs:
  • Uploading SSL server keystore for Configuration Manager



    To upload an SSL server keystore for Configuration Manager:
    1. Upload the keystore in PKCS#12 format.
    2. Input the password protecting the keystore.
    The Jenkins job delivers the following output:
    • Converts the keystore to JKS format from PKCS#12 format and saves it as /var/jenkins_home/docker-deploy/properties/tml-tm.jks.
    • Exports certificate as /var/jenkins_home/docker-deploy/properties/tml-cm-crt.pem.
    • Exports private key as /var/jenkins_home/docker-deploy/properties/tml-cm-key.pk8.
    • Records the keystore password in cm_keystore_password in /var/jenkins_home/docker-deploy/properties/tml_tm_properties.json.
  • Uploading SSL Server Key Certificate for Configuration Manager



    To upload an SSL server key certificate for Configuration Manager:
    1. Upload the certificate in PEM format.
    2. Upload the private key in PKCS#8 format and input the password protecting the private key.
    The Jenkins job delivers the following output:
    • Saves the certificate as /var/jenkins_home/docker-deploy/properties/tml-cm-crt.pem.
    • Saves the private key as /var/jenkins_home/docker-deploy/properties/tml-cm-key.pk8.
    • Puts the certificate and private key to keystore in JKS format and saves it as /var/jenkins_home/docker-deploy/properties/tml-cm.jks.
    • Records the keystore password in cm_keystore_password in /var/jenkins_home/docker-deploy/properties/tml_cm_properties.json.

Building the Deployment Package

The administrator can:
  • Deploy the API Management - Local Edition cluster inside the Installer,
  • or build the deployment package, download the deployment package, and deploy the Local Edition cluster from another host.

Click Build Now in Jenkins job build_deployment_package to build the deployment package. The deployment package docker-deploy.tgz is available for download from the build archive:



Note: The keystores, keys and certificates are included the deployment package.
To start deployment, refer to the deployment pages for the supported platform.