API Connect

Hello!

In our v5 environment, we have the following topology:

Non-Prod
API CMC and API Manager (2 vmware servers in a cluster behind an F5 LB)
Developer Portal Servers (3 vmware servers in a cluster behind an F5 LB)
4 sets of gateways, 2 vmware servers per environment behind an F5 LB  (DEV, ASM, TST, SPE)
1 set of gateways, 2 physical servers behind an F5 LB (STG)

Prod
API CMC and API Manager (2 vmware servers in a cluster behind an F5 LB)
Developer Portal Servers (3 vmware servers in a cluster behind an F5 LB)
1 set of gateways, 2 physical servers per environment behind an F5 LB  (PRD)

Currently in our Openshift APIC v10 environment, we have:

NP (Non-Prod)
API CMC, API Manager, and Developer Portal (Openshift pods)
1 gateway cluster for DEV, ASM, TST (using DEV profile)

STG (essentially pre-prod, where our perf testing is done)
API CMC, API Manager, and Developer Portal (Openshift pods)
1 gateway cluster for SPE, STG (using PRD profile)

PRD (Production)
API CMC, API Manager, and Developer Portal (Openshift pods)
1 gateway cluster for SPE, STG (using PRD profile)

There have been concerns about whether or not we need to have multiple API Manager/Management Consoles/Developer Portals/Gateways for the 3 NP environments instead of them sharing those resources.  Those 3 environments are not often heavily used, so my initial thought is we would be okay splitting it up the way I have it above.  Any thoughts?  I'm curious how people at other organizations have tackled this.

------------------------------
Jennifer Stipe
------------------------------

The easiest way is to combine all resources in one cloud and split by provider org. 

More tricky way - you can leave Manager and Portal as is and combine 2 or more domains/Gateways on single DataPower VM.
DataPower VM has up to 4 ethernet ports, so you can set 2 or more domains on different IP addresses (from the same VLAN) and use it for different Gateways. You can even split by ports on single IP, but its even more tricky.
On DataPower VM this will not isolate resources, but it splits logic and configuration part , all the domain settings and objects.    

------------------------------
Denis Migulin
------------------------------

Original Message:
Sent: Thu October 14, 2021 01:05 PM
From: Jennifer Stipe
Subject: APIC v10 topology vs. APIC v5

Hello!

In our v5 environment, we have the following topology:

Non-Prod
API CMC and API Manager (2 vmware servers in a cluster behind an F5 LB)
Developer Portal Servers (3 vmware servers in a cluster behind an F5 LB)
4 sets of gateways, 2 vmware servers per environment behind an F5 LB  (DEV, ASM, TST, SPE)
1 set of gateways, 2 physical servers behind an F5 LB (STG)

Prod
API CMC and API Manager (2 vmware servers in a cluster behind an F5 LB)
Developer Portal Servers (3 vmware servers in a cluster behind an F5 LB)
1 set of gateways, 2 physical servers per environment behind an F5 LB  (PRD)

Currently in our Openshift APIC v10 environment, we have:

NP (Non-Prod)
API CMC, API Manager, and Developer Portal (Openshift pods)
1 gateway cluster for DEV, ASM, TST (using DEV profile)

STG (essentially pre-prod, where our perf testing is done)
API CMC, API Manager, and Developer Portal (Openshift pods)
1 gateway cluster for SPE, STG (using PRD profile)

PRD (Production)
API CMC, API Manager, and Developer Portal (Openshift pods)
1 gateway cluster for SPE, STG (using PRD profile)

There have been concerns about whether or not we need to have multiple API Manager/Management Consoles/Developer Portals/Gateways for the 3 NP environments instead of them sharing those resources.  Those 3 environments are not often heavily used, so my initial thought is we would be okay splitting it up the way I have it above.  Any thoughts?  I'm curious how people at other organizations have tackled this.

------------------------------
Jennifer Stipe
------------------------------