Migration Tools: Supported Features, Requirements, Frequently Asked Questions
This topic provides more information about the migration tools in the CA API Gateway.
gateway91
This topic provides more information about the migration tools in the CA API Gateway.
Supported Features
Features | Supported |
Migration | |
Migrate full or partial API Gateway entities and configurations | yes |
Migrate all folders or specified folders | yes |
Test a migration before committing the operation | yes |
Encrypt and decrypt passwords and private keys in a migration bundle | yes |
Handle failures so API Gateway is not left in unstable state | yes |
Migrate system configurations | no |
Migrate inactive policy revisions | no |
Migrate all entities (see Manage Migration Limitations) | no |
Entities | |
Browse the contents of a API Gateway | yes |
List and filter entities | yes |
Perform basic CRUD operations on entities using REST Management API | yes |
Dependencies | |
Migrate dependencies | yes |
Map dependencies | yes |
Templatization | |
Create a template for environment-specific values to use for cross-environment migration | yes |
Customize a template to reduce the number of properties to pass (templatize, remove environment values from template, detemplatize) | yes |
Other | |
Roll back to previous migration version of a API Gateway | no |
Reset API Gateway to factory state | no |
Migrate HSM private keys | no |
Migrate CA Mobile API Gateway policies | yes |
Migrate CA API Developer Portal | no |
Migrate OAuth policies | yes |
Migrate OAuth database | no |
Migrate Solution Kits | yes* |
* see Migrate Solution Kits for more details
Requirements
- Licensed source and targetAPI Gateways version 8.3 or later
- Gateway Migration Utility (GMU) included with your Gateway (see the "CA API Gateway DevelopmentTools" archive in Release Notes 9.3)
- Gateway REST Management service
- A Windows or Linux desktop or laptop for GMU with either of the following versions:
- Java 1.7.0.xx
- Java 1.8.0.xxIf you are using Java 1.7, connections can fail if a common cipher suite cannot be negotiated. Java 1.8 supports the broadest range of cipher suites. Upgrade to Java 1.8 if necessary.
Frequently Asked Questions
What encryption scheme is used for the migration tools?
GMU and the REST Management API tools use a new reversible password encryption scheme that provides further security against attacks. .Is the Import/Export feature of Policy Manager the same as GMU?
No. The Import/Export feature in Policy Manager works well for migrating individual policies in Test environments. But it is not suitable for large deployments, and cannot be scripted. GMU is more suitable for migration operations in a production environment.I am currently using Enterprise Service Manager (ESM) for migrations. Is switching to GMU for migration recommended?
Yes, definitely. GMU is the preferred tool for migrating API Gateway
content. Unlike ESM, GMU migrates encapsulated assertions and you can securely export/import passwords during migration.Can I use GMU to back up
You can use GMU for backing up policies and services and other API Gateway
s?API Gateway
API Gateway
, including OS-level files and the database, use the backup.sh
, restore.sh,
and ssgmigrate.sh
commands.Does GMU encrypt passwords in assertions?
No. They are exported as plain text. The best practice is to use secure password references in policies, and use GMU encryption/decryption arguments on the migration bundle. See Develop Migration-Friendly Policies.