CA API Gateway Oauth does not work on all nodes of the cluster

Document ID : KB000010758
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

When the CA API Gateway with Oauth (OTK) Tool Kit is installed. Customers have observed issues when using a Mysql OTK_DB and having this database hosted on the local Gateway along with the SSG database. 

Background:

The Oauth Tool Kit Database creation does not specifically state that the OTK_DB cannot reside on the local gateway. So a number of end users implement it here since mysql is already installed. 
There are a few concerns with this architecture and it should be carefully considered prior to implementation. 

Key Areas of evaluation for this type of implementation;

1) Performance of Mysql and existing host resources dependent on the projected size of the database.

2) High Availability, by default the reinitialize replication create_slave.sh only allows for 1 database at a time (typically SSG)

3) Added network connections (concurrency), Disk Size.

Instructions:

Typically this problem is seen when the JDBC url is defined as localhost only. Depending on when your OTK_DB was setup it might have gotten automatically replicated between local mysql nodes. If it had gotten replicated a localhost JDBC defined connection string would work on BOTH Primary DB's in the cluster but none of the remote processing hosts. If it did not get replicated then it would only work on a single host, actually hosting the JDBC driver. 

To validate which databases are in your mysql:

1) Connect to your Gateway appliance via ssh connecting as ssgconfig.

2) Choose menu item 3)  Use a privileged shell (root)

3) Specify the password.

4) #mysql

5) mysql> show databases;

This will show ssg and/or otk/otk_db

 

To check or change your jdbc driver:

1) Login to Policy Manager

2) On the top Menu bar choose Tasks -> Data Sources -> Manage JDBC Connections 

3) Select the Oauth or OTK driver and choose Edit

Sample below;

otkjdbc.PNG

Modify the JDBC url to similar to the below for a 2 node configuration.

For MYSQL Driver

jdbc:mysql://Gateway01:3306,Gateway02:3306/otk_db

 

For l7tech Mysql driver

 

jdbc:l7tech:mysql://Gateway01:3306;DatabaseName=otk_db;AlternativeServers=(Gateway02:3306)