This is a best practice guide for API Portal High Availability (HA) setup with shared storage. For network sharing of files, we are going to use and configure NFS. For the purpose of this setup, we are assuming we already have installed two API Portal instances – A1 and A2. The architecture will be like this – the two API Portal nodes will be NFS clients and a separate instance (VM, machine, no need of installed API Portal on this one) will be the NFS server (NFS1). As an OS of this infrastructure we are using RHEL 7. Check the documentation how to install API Portal for HA.

Problem

Configuring shared files system between API Portal instances in HA deploy.

Resolution

NFS Server

1. Install NFS
   yum install nfs-utils
2. Enable and start NFS services
   systemctl enable rpcbind
   systemctl enable nfs-server
   systemctl enable nfs-lock
   systemctl enable nfs-idmap
   systemctl start rpcbind
   systemctl start nfs-server
   systemctl start nfs-lock
   systemctl start nfs-idmap
3. Configure the firewall (if enabled)
   firewall-cmd --permanent --add-service mountd
   firewall-cmd --permanent --add-service nfs
   firewall-cmd --permanent --add-service rpc-bind
4. Configure SeLinux (if enabled)
   setsebool nfs_export_all_rw 1
   setsebool nfs_export_all_ro 1
5. Now, we must create a directory that will be shared across NFS clients
   mkdir -p /opt/apiportal/images
   Note: The shared directory could be named as you decide, and the location is up to you!
6. From one of the API Portal (A1 or A2) instances you must copy the /opt/axway/apiportal/htdoc/images content and to paste it in the newly create directory /opt/apiportal/images on NFS1
7. Edit the file /etc/exports by adding the lines:
   /opt/apiportal/images A1(rw,sync,no_root_squash,no_subtree_check)
   /opt/apiportal/images A2(rw,sync,no_root_squash,no_subtree_check)
   Note: where A1 and A2 are the IPs or hostnames!
   
   For our shared repository, we used the following options: rw,sync,no_root_squash,no_subtree_check. The first option, rw, allows clients repository read and write access. sync directs NFS to, before replying to clients, store any changes that were made in the shared repository to the disk, thus ensuring file consistency. no_subtree_check, much like it sounds, prevents subtree checking, which is essentially the host performing a check to see if a file is still available. The last option,no_root_squash, is used to allow root access in the case that a shared repository is owned by root, as traditionally NFS restricts client root access to host root-owned repositories.
8. Reload the new exports file and restart the NFS service with
   exportfs -a
   systemctl restart nfs-server

NFS Clients

The NFS Server is ready. We are going to configure NFS Clients which are API Portal nodes.
Do these steps on both A1 and A2:

1. Install NFS
   yum install nfs-utils
2. Enable and start NFS services
   systemctl enable rpcbind
   systemctl enable nfs-server
   systemctl enable nfs-lock
   systemctl enable nfs-idmap
   systemctl start rpcbind
   systemctl start nfs-server
   systemctl start nfs-lock
   systemctl start nfs-idmap
3. Configure SeLinux (if enabled)
   setsebool nfs_export_all_rw 1
   setsebool nfs_export_all_ro 1
4. Mount the shared storage
   mount –t nfs NFS1:/opt/apiportal/images /opt/axway/apiportal/htdoc/images
   Note: NFS1 is the IP/Host of the NFS server!
   To mount this directory to be shared manually each time we start our client server, we can modify the /etc/fstab file to mount automatically on boot. Add this line at the bottom of the file
   NFS1:/opt/apiportal/images/opt/axway/apiportal/htdoc/imagesnfs rw,nosuid 0 0
5. You can validate with the command
   showmount –e NFS1

The directories you should share through NFS1 and mount in A1 and A2 like we did for /opt/axway/apiportal/htdoc/images are described in the HA documentation of API Portal. It is possible to share the whole htdoc directory, this is not recommended as it’s unnecessary, the needed directories are a few and there is no need of additional load.