API Gateway 11.1 | Administering API Gateway | Deployment | Deployment Configurations | Externalizing Configurations | Connecting IBM webMethods API Gateway to API Control Plane | API Control Plane Agent Configuration using YAML file
 
API Control Plane Agent Configuration using YAML file
In API Gateway, create an external configuration file called cp-agent.yml in the \IntegrationServer\instances\default\packages\WmAPIGateway\resources\configuration.
Note:
Ensure that you use the file name as cp-agent.yml. You cannot configure agent using other file names.
A sample YAML file is as follows:
cp-agent.yml
---
agentConfig:
enabled: true
runtimeConfig:
runtimeName: "API_Gateway_CHN"
deploymentType: "SAG_SAAS"
description: "A demo deployment of SAG API Gateway"
heartBeatIntervalInSeconds: 60
metricsSynchIntervalInSeconds: 60
assetSynchIntervalInSeconds: 120
region: "Chennai"
location: "New Delhi"
host: "<valid API Gateway URL>"
tags:
- mki
- local
capacity:
value:
units:
controlPlaneConfig:
controlPlaneURL: "<valid API Control Plane URL>"
username: "<user name>"
password: "<password>"
Note:
API Control Plane URL must be specified with http protocol. If API Gateway and API Control Plane is deployed in the same host machine, ensure to update API Control Plane URL as http://172.17.0.1:81 in the YAML file and access API Control Plane using https://localhost:8080
The password for the API Control Plane user is first read from the cp-agent.yml file. Later, the password is saved in API Gateway passman and used for further restarts.
After you start API Gateway instance, access API Control Plane with the following url,
*https://localhost:8080 if API Control Plane is deployed using Docker with the default configurations specified in the GIT Hub repository.
*https://my-control-plane/ if API Control Plane is deployed using Helm with the default configurations specified in the GIT Hub repository.
Handling Secrets
In API Control Plane agent configuration context, secret refers to the password of the API Control Plane user, which is specified through the apigw_cp_agentConfig_controlPlaneConfig_password property.
*If you deploy API Gateway in Docker container, the secret can be provided as JAVA_OPTS for the first time. Later the secret is removed. The sample docker compose file is as follows:

apigateway_02:
.....
image: ${GATEWAY_IMAGE}
container_name: apigw02
environment:
........
- JAVA_OPTS='-Dapigw_cp_agentConfig_controlPlaneConfig_password=password'
*If you configure API Control Plane agent using YAML, for the first time the password is read from the YAML file. Later, the password secret is saved in API Gateway passman and used for further restarts.
The sample YAML file is as follows:
cp-agent.yml
---
agentConfig:
controlPlaneConfig:
password: "test"
Configuration Source Hierarchy
The API CP agent properties can be passed to API Gateway as environment variables, JAVA properties, or YAML file. If the properties are defined in mutiple configuration sources. The property defined in the higher configuration hierarchy takes precedence.
The hierarchy of configuration sources are as follows:
1. Environment variables
2. Java properties
3. YAML config file
4. API Gateway UI
For example, if the runtimeConfig_description property is passed as environment variable and if the same property is passed as YAML file in the cp-agent.yml, then the value that is provided in the environment variable takes precedence as the environment variable has a higher precedence in the hierarchy.