Merge pull request #79 from AyeshW/4.0.x-cfn

Update README files

README.md

@@ -1,16 +1,40 @@
 # AWS Resources for WSO2 API Manager
 
-This repository contains CloudFormation templates to deploy WSO2 API Manager with different patterns in Amazon Web Services(AWS).
+This repository contains CloudFormation templates to deploy WSO2 API Manager in Amazon Web Services(AWS).
+In this pattern, 2 API Manager instances will be deployed with a single Micro Integrator instance that are connected via a 
+single Load Balancer.
 
 The WSO2 APIM CloudFormation templates use Puppet to manage the server configurations and use the following AMI's to provision the deployment.
 
-1. Puppetmaster AMI - Contains the API Manager GA distribution, WSO2 Update Manager and Puppet modules containing the configurations for APIM deployment patterns.
+1. Puppetmaster AMI - Contains the API Manager GA distribution and Puppet modules containing the configurations for APIM deployment patterns.
 
-2. APIM AMI - Contains the scripts that is required to create the Puppet catalog.
+2. APIM AMI - Contains the scripts that are required to create the Puppet catalog.
 
-3. APIM-Analytics AMI - Contains the scripts that is required to create the Puppet catalog.
+3. Micro-Integrator AMI - Contains the scripts that are required to create the Puppet catalog.
 
 First the Puppetmaster AMI would deploy and afterwards the product specific AMI's would deploy and request the necessary configurations from the Puppetmaster AMI to deploy the WSO2 API Manager.
 
-## Pattern 1
-![pattern1](images/deployment.png)
+## FAQ
+
+####1. Why do I get ``"MasterUsername Admin cannot be used as it is a reserved word used by the engine"`` error, when I try to deploy the setup with Postgres DB?
+
+You cannot use "Admin" as the DBUsername when you use Postgres as your DB. Use a different DB Username.
+
+
+####2. How do I fix ``ERROR {ServiceCatalogUtils} - Error occurred while reading the response from service catalog javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target`` error from the Micro Integrator, which is raised when I deploy a CAPP to the service catalog?
+
+As mentioned in [pattern-1/README.md](pattern-1/README.md), before creating the stack you have to add a Server Certificate to AWS using ACM or IAM as explained [here](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html).
+You have to add the same certificate to `{MI_HOME}/repository/resources/security/` directory using the below command.
+
+    >>> keytool -import -alias servercert -file /home/ubuntu/certificate.crt -storetype JKS -keystore client-truststore.jks
+Replace `/home/ubuntu/certificate.crt` with the path to your certificate.
+
+####3. What is the reason for getting ``ERROR {org.wso2.micro.integrator.initializer.utils.ServiceCatalogUtils} - Environment variables are not configured correctly org.apache.synapse.commons.resolvers.ResolverException: Environment variable could not be found`` in Micro Integrator?
+
+You will get this error when you try to deploy a CAPP with parameterized URL to service catalog. This is because, environment variables are not set for `MI_HOST` and `MI_PORT`.
+For setting up the environment variables within the MI Instance, switch as the root user and execute below commands. 
+
+    >>> export MI_HOST=[Micro-Integrator Hostname]
+    >>> export MI_PORT=8290
+
+Later, restart the Micro-Integrator by executing `sh {MI_HOME}/bin/micro-integrator.sh restart` as the root user.

database/README.md

@@ -1,10 +1,10 @@
-# WSO2 API Manager deployment with WSO2 API Manager Analytics - Database
+# WSO2 API Manager deployment with WSO2 Micro Integrator - Database
 
-This is phase two of deploying WSO2 API Manager deployment with WSO2 API Manager Analytics. Use the [database.yaml](database.yaml) to create the required Database. The following are the tested database versions at the moment.
+This is the phase two of deploying WSO2 API Manager deployment with WSO2 Micro Integrator. Use the [database.yaml](database.yaml) to create the required Database. The following are the tested database versions at the moment.
 
 ```
   - MySQL-5.7
-  - Postgres-9.6
+  - 
   - Postgres-10.5
   - Oracle-SE1-11.2
   - Oracle-SE2-12.1

network/README.md

@@ -1,6 +1,6 @@
-# WSO2 API Manager deployment with WSO2 API Manager Analytics - Network
+# WSO2 API Manager deployment with WSO2 Micro Integrator - Network
 
-This is phase one of deploying WSO2 API Manager deployment with WSO2 API Manager Analytics. Use the [network.yaml](network.yaml) to create the required network. If you already have a preconfigured network, please proceed to [Phase 2](../database/README.md).
+This is the phase one of deploying WSO2 API Manager deployment with WSO2 Micro Integrator. Use the [network.yaml](network.yaml) to create the required network. If you already have a preconfigured network, please proceed to [Phase 2](../database/README.md).
 
 ## Design Overview
 

pattern-1/README.md

@@ -1,12 +1,13 @@
-# API Manager Pattern 1
+# API Manager Deployment - Pattern 1
 
-This repository contains CloudFormation templates to deploy WSO2 API Manager Pattern 1 in Amazon Web Services(AWS).
+This repository contains CloudFormation templates to deploy WSO2 API Manager Pattern 1 (2 APIM and 1 MI instances) in Amazon Web Services(AWS).
 
 ## Quick Start Guide
 
 1. Checkout this repository into your local machine using the following Git command.
 ```
 git clone https://github.com/wso2/aws-apim.git
+git checkout 4.0.x
 ```
 
 2. Go to [AWS console](https://console.aws.amazon.com/ec2/v2/home#KeyPairs:sort=keyName) and specify a key value pair for authentication in a preferred region. <br>
@@ -20,9 +21,9 @@ Allowed regions are:<br>
 
 This could be used to ssh into the instances. Add a Server Certificate to AWS using ACM or IAM as explained [here](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html). This will be used at the load balancer listeners.
 
-3. Go to [AWS CloudFormation console](https://console.aws.amazon.com/cloudformation/home) and select ``Launch Cloudformer``.
+3. Go to [AWS CloudFormation console](https://console.aws.amazon.com/cloudformation/home) and select ``Create Stack``.
 
-4. Browse to the cloned repository and select [Pattern 1](https://github.com/wso2/aws-apim/tree/master/pattern-1) CloudFormation template and proceed with the deployment.
+4. Browse to the cloned repository and select [nested-pattern-1.yaml](https://github.com/wso2/aws-apim/tree/master/pattern-1/nested-pattern-1.yaml) CloudFormation template and proceed with the deployment.
 
 5. Follow the on screen instructions and provide the SSH key value pair name given in step 2, Server-Certificate-Name given in step 3 and other requested information and proceed.
 

product/README.md

@@ -1,6 +1,6 @@
-# WSO2 API Manager deployment with WSO2 API Manager Analytics - Product Deployment
+# WSO2 API Manager deployment with WSO2 Micro Integrator - Product Deployment
 
-This is the final phase of deploying WSO2 Identity Server HA deployment. Use the [identity.yaml](identity.yaml) to set up the deployment.
+This is the final phase of deploying WSO2 API Manager deployment with WSO2 Micro Integrator. Use the [pattern-1.yaml](pattern-1.yaml) to set up the deployment.
 
 
 ## Design Overview
@@ -9,94 +9,36 @@ This is the final phase of deploying WSO2 Identity Server HA deployment. Use the
 
 The WSO2 API Manager CloudFormation templates use Puppet to manage the server configurations and use the following AMIs to provision the deployment.
 
-1. Puppet master AMI - Contains the WSO2 API Manager Generally Available(GA) distribution, WSO2 API Manager Analytics Generally Available(GA) distribution, WSO2 Update Manager, and Puppet modules containing the configurations for API Manager deployment patterns.
+1. Puppet Master AMI - Contains the WSO2 API Manager Generally Available(GA) distribution, WSO2 Micro Integrator Generally Available(GA) distribution, and Puppet modules containing the configurations for API Manager deployment patterns.
 
-2. IS AMI - Contains the scripts that are required to create the Puppet catalog. Additionally, these AMIs contain the OS hardening recommended by WSO2. When EC2 instances start using the AMIs, the instances are updated to get the latest OS updates.
+2. APIM AMI - Contains the scripts that are required to create the Puppet catalog. Additionally, these AMIs contain the OS hardening recommended by WSO2. When EC2 instances start using the AMIs, the instances are updated to get the latest OS updates.
 
 ### Order of execution
 
-1. Puppet master
-     - The latest OS updates and the required tools such as AWS CLI, Logstash, JDK are installed in the Puppet master.
+1. Puppet Master
+     - The latest OS updates and the required tools such as AWS CLI, Logstash, JDK, DB Connectors are installed in the Puppet master.
      - The scripts needed to add the latest updates to the WSO2 products are retrieved.
      - The latest updates for WSO2 servers are added to the residing GA WSO2 servers in the AMI.
      - Relevant configurations(IP addresses, DB URLs, etc.) are done to the puppet modules.
      - DB scripts are executed against the DB created in [Phase 2](../database/README.md).
 
-2. API Manager Analytics - Dashboard (Puppet agent)
-   - The latest OS updates and the required tools such as puppet agent, AWS CLI, Logstash, JDK are installed in the puppet agent.
-   - Puppet modules are retrieved from the Puppet master and the product is installed.
-   - The directories should be persisted and mounted to an Elastic File System(EFS).
-   - WSO2 servers are started.
-
-3. API Manager Analytics - Worker (Puppet agent)
-    - The latest OS updates and the required tools such as puppet agent, AWS CLI, Logstash, JDK are installed in the puppet agent.
-    - Puppet modules are retrieved from the Puppet master and the product is installed.
-    - The directories should be persisted and mounted to an Elastic File System(EFS).
-    - WSO2 servers are started.
-
-4. API Manager (Puppet agent)
-     - The latest OS updates and the required tools such as puppet agent, AWS CLI, Logstash, JDK are installed in the puppet agent.
+2. API Manager (Puppet agent)
+     - The latest OS updates and the required tools such as puppet agent, AWS CLI, Logstash, JDK, DB Connectors are installed in the puppet agent.
      - Puppet modules are retrieved from the Puppet master and the product is installed.
-     - The directories should be persisted and mounted to an Elastic File System(EFS).
      - WSO2 servers are started.
+
+3. Micro Integrator (Puppet agent)
+   - The latest OS updates and the required tools such as puppet agent, AWS CLI, Logstash, JDK, DB Connectors are installed in the puppet agent.
+   - Puppet modules are retrieved from the Puppet master and the product is installed.
+   - WSO2 servers are started.
 
 ### Estimated Cost
 
 ```
-$169.86 per month
+$135.89 per month
 ```
 The above cost is calculated upon the usage of default parameters given in the [pattern-1.yaml](pattern-1.yaml). If different inputs are chosen at the runtime, the cost may differ from the above.
 
-## WSO2 API Manager deployment with WSO2 API Manager Analytics
-
-![pattern1](../images/deployment.png)
-
-
-## Customizations
-
-`WSO2ISEFSFileSystem` contains the bare minimum configurations to run an EFS. In a production system, the following values should be configured based on the requirements.
-
-### File system encryption
-
-Replace the EFS configurations in the CloudFormation if you need the File System to be encrypted.
-
-#### [Encrypted:](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html)
-
-> A Boolean value that, if true, creates an encrypted file system.
-
-#### [KmsKeyId:](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html)
-
-> The ID of the AWS KMS customer master key (CMK) to be used to protect the encrypted file system. This parameter is only required if you want to use a nondefault CMK. If this parameter is not specified, the default CMK for Amazon EFS is used. If KmsKeyId is specified, the Encrypted parameter must be set to true.
-
-```yaml
-WSO2APIMEFSFileSystem:
-  Type: 'AWS::EFS::FileSystem'
-  Properties:
-    PerformanceMode: generalPurpose
-    Encrypted: true
-    KmsKeyId: !Ref KmsKeyId
-```
-
-### File system throughput
-
-Replace the EFS configurations in the CloudFormation if you need to change the throughput configurations.
-
-#### [ThroughputMode:](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html)
-
-> The throughput mode for the file system to be created. There are two throughput modes to choose from for your file system: bursting and provisioned. If you set ThroughputMode to provisioned, you must also set a value for ProvisionedThroughPutInMibps. You can decrease your file system's throughput in Provisioned Throughput mode or change between the throughput modes as long as it’s been more than 24 hours since the last decrease or throughput mode change
-
-#### [ProvisionedThroughPutInMibps:](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html)
-
-> The throughput, measured in MiB/s, that you want to provision for a file system that you're creating. Valid values are 1-1024. Required if ThroughputMode is set to provisioned. The upper limit for throughput is 1024 MiB/s.
-
-```yaml
-WSO2APIMEFSFileSystem:
-  Type: 'AWS::EFS::FileSystem'
-  Properties:
-    PerformanceMode: generalPurpose
-    ThroughputMode: provisioned
-    ProvisionedThroughPutInMibps: 2.0
-```
 
 ## Things to note