This blog post summarizes all the latest and greatest capabilities which were made available in the latest App Connect operator release - v12.0.0. This release continues our commitment to customers who want to run an "LTS" version of the software. This is the new "LTS" release which replaces the existing LTS operator versions 5.0.X which were part of the CP4I 2022.2. For further detail about the release please refer to the Documentation
Over our existing LTS release this introduces a large number of new capabilities.
- New IntegrationRuntime custom resource
- Keycloak authentication and authorisation
- Dashboard API
- Helm installer on Kubernetes
- Accounting and Statistics in App Connect Dashboard
- Record and Replay
In addition to the above major items there are also a number of minor but very useful updates such as
- All the great new features in App Connect Enterprise 12.0.12 - More details in Ben Thompson 12.0.12.0 Blog
- 50+ New Connectors in Designer
- Support for all future OpenShift and Kubernetes versions.
- Automatically enable TLS on HTTP Input nodes in IntegrationRuntime
- Run API flows authored in App Connect Designer in serverless mode (only in non-production deployments) in IntegrationRuntime
- Automatic discovery of the types of flows in BAR files when using the BarURL to configure the appropriate containers in IntegrationRuntime
- Ability to discover and import staged or published APIs from IBM API Connect into App Connect Designer
- Ability to back up and restore IBM App Connect resources and persistent volumes on Red Hat OpenShift
- Update of a configuration object of type
Accounts no longer triggers a restart of deployed integration runtimes that reference that configuration object
- Support for Federal Information Processing Standards 140 (FIPS 140) compliance for a subset of components
- Support for pod priority custom resource settings, which indicate the importance of an integration server or integration runtime pod relative to other pods
- Support for toleration custom resource settings, which allow the scheduler to schedule integration server or integration runtime pods with matching taints
- Support for NodeSelectors to enable you to run your IntegrationRuntime on specific workers (handy if you want to use worker licensing to enable you to over-commit on limits)
- Addition of a new license entitlement for App Connect custom resources (or instances):
AppConnectEnterpriseNonProduction
- Addition of two new configuration types that allow an IBM App Connect Enterprise vault and vault key to be specified for a Toolkit integration
- Support for lifecycle preStop and postStart custom resource settings to execute hooks on a container for a deployed integration runtime
- OpenAPI connector enhanced to support annotation standards for modeling operations as CRUD operations in App Connect Designer, and to support annotation standards for pagination, responses, and security schemes
- Ability to disable the creation of a default network policy for an integration runtime (by using spec.defaultNetworkPolicy.enabled) so that a custom network policy can be created
- Mapping Assist enhancements to enable the transformation generator to generate complex JSONata expressions when multiple mappings are inserted in a target field
- Addition of templates to App Connect Designer
- Addition of a new private network agent for connecting to an application on a private network from App Connect Designer, and a corresponding
Private network agent configuration type that can be applied to integration servers and integration runtimes during deployment
- Mapping Assist support in the Set Variable node in event-driven or API flows, and Mapping Assist enhancements for applying mapping suggestions and transforming data
- OpenAPIconnector enhanced to enable you to override a selected server URL from an imported OpenAPI 3.0.x document with a custom URL
- Addition of three new configuration types for integration servers and integration runtimes to enable connections to IBM Db2 and IBM MQ
New IntegrationRuntime Custom Resource
The intention of the IntegrationRuntime custom resource is that it offers everything that the IntegrationServer custom resource does and more. The IntegrationRuntime already comes with a large number of extra capabilities over the existing IntegrationServer.
One of the most important points to highlight is that the IntegrationRuntime is still based around the same App Connect Enterprise runtime that was also used in the IntegrationServer, so it still benefits from all the quality and heritage that comes with a mature application.
For further information on this please refer to our blog What is an IntegrationRuntime and also the more recent Converting an IntegrationServer CR to an IntegrationRuntime CR for ACEcc
Keycloak authentication and authorisation
In our previous LTS release we supported the IBM Foundational Services to provide an IAM layer to the App Connect Dashboard and Designer Authoring UIs. This release we have switched from using this which was a bespoke IBM offering to Keycloak which is a Redhat provided capability based on the widely used Keycloak open source project. Keycloak provides support to integrate with many more identify providers and is also much easier to configure. As a product that contributes to the CloudPak for Integration, this change aligns with all the other products that are part of the CloudPak.
One of the biggest feedback we had around our previous IAM capability was that it was very heavy weight, we have listened to this and using Keycloak uses substantially less resources to stand up and also is quicker to deploy so create for proof of concepts
For further information on configuring this please refer this blog - How to use Keycloak to provide authentication and authorization for App Connect Dashboard and Designer Authoring - as well as the CP4I documentation Identity and access management
Dashboard API
We have introduced a new API on the Dashboard in this release. Previously, many of the actions that were available via the UI was also available directory via the openshift / kubernetes UI but there were some capabilities such as bar file management that were only possible by using the API. With the new API, customers are able to perform actions such as creating / updating / deleting IntegrationRuntimes or bar files etc.
The API has been designed to align with Keycloak when enabled and also align with the App Connect on AWS API.
For further information please refer to this blog - Introducing the API for IBM App Connect in containers
Helm Installer on Kubernetes
When we first introduced our operator onto Kubernetes we wanted to try and keep as much consistent between the supported platforms i.e. OpenShift and native Kubernetes and as a result used OpenShift Lifecycle Manager (OLM) for installing. Unfortunately this resulted in some capability limitations that we could not support such as supporting Air-Gap installs etc. We also received feedback that customers found OLM very heavy weight vs the most common installer technology on Kubernetes of Helm.
Now we have a new helm 3 chart "ibb-appconnect-operator" for installing on to Kubernetes which is part of the IBM Helm chart repository. Using the new helm chart you can install the App Connect operator in an "AllNamespaces" or "ownNamespace" mode limit to openshift and also support private registries for Air-gapped clusters.
Accounting and Statistics in App Connect Dashboard
We have introduced a new view in the App Connect Dashboard called a "Per Replica View". This enables you to access the admin API of a specific IntegrationServer runtime component. This enables you to access some extra tab views such as accounting and stats, resource stats, , Activity Log, Admin log etc. This has been one of the most commonly requested features that was available in software installs.
We still continue to contribute accounting and stats metrics to the local prometheus on Openshift which can be used to build custom charts but the built in capability now makes it very easy to perform problem diagnosis.
For further information please refer to the Blog - Viewing accounting and statistics for an IntegrationRuntime custom resource in IBM App Connect in containers
