IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.


#TechXchangePresenter
 View Only
Back to Library

Tech Bytes IWHI: Communication b/w webMethods.io and AWS/Azure cloud over private link 

9 hours ago

Introduction 

This article gives you an overview of what are private links and how to configure a private link between RabbitMQ and weMethods.io 

Audience 

It is assumed that readers of this article know basic networking concept. 

Pre-requisite 

  • webMethods.io Integration tenant with Hub and spoke setup. 
  • RabbitMQ setup is running inside the VPC/VNET to which private link connectivity is established. 

  What is Private link? 

  • Private links enable us to connect the IBM® webMethods Hybrid Integration to your private cloud on Microsoft Azure or Amazon Web Services (AWS) without exposing your network traffic to the internet. 

Why do we need private link? 

  • Delivers enhanced performance with typical backbone throughput—specifics may vary by service. Offers lower and more consistent latency, eliminating public internet hops. 
  • Enhanced security with no need for internet-facing open listeners. Provides greater isolation, meeting stringent regulatory compliance requirements. 

 Private Link for Azure cloud with webMethods.io Integration 

  • Azure Private Link enables secure, private connectivity between your Azure Virtual Network (VNET) and the IBM webMethods iPaaS VNET, ensuring traffic remains within the Microsoft backbone network. 
  • For each webMethods Enterprise Plus spoke, you can configure one private link for the outbound connection from the IBM iPaaS VNET to client infrastructure Azure VNET, and one private link for the inbound connection from client Azure VNET to the IBM iPaaS VNET. If required, you can peer other VNETs to the VNET where the private link is attached 

Picture

 

Private Link for AWS cloud with webMethods.io Integration 

 AWS private links enable you to connect your Amazon Virtual Private Cloud (VPC) to the IBM iPaaS VPC using a connection that is private and secure.  

Picture 

What is Hub and Spoke? 

 

  • With the IBM webMethods Enterprise Plus offering, a dedicated VNET (Azure) or VPC (AWS) based on the hub and spoke architecture to support private links.   
  • The hub hosts all your shared components or services, and the spoke hosts all your dedicated components or services. 
  • All the communication between hub and spoke takes place over the private link. 

 

Picture 

Link: https://www.ibm.com/docs/en/wm-private-links?topic=private-links#topic_hfm_bqx_bgc__title__1 

Types of private link communication 

Outbound private link communication:   

  • Client Infrastructure (service provider) on the left. 
  • IBM webMethods.io (service consumer) on the right. 
  • A directional arrow indicating outbound communication from your infrastructure to webMethods Cloud. 

Picture 

 

 

Inbound private link communication:  

Picture 

  • IBM webMethods.io (service provider) on the left. 
  • Client Infrastructure (service consumer) on the right. 
  • Data flow direction clearly indicated from IBM to the client. 

 

Typical use cases for private link 

 

Connecting to Private cloud or on-premises resources  

 

Picture 

Private Link between IBM webMethods.io and Customer Cloud Environment (AWS/Azure). 

  • A Router that forwards requests to On-Premises or Private Cloud. 
  • Connectivity from the router to on-premises via Site-to-Site VPN or MPLS.
  • In this scenario, you do not have any resources in AWS/Azure. You have only resources on-premises, or with a cloud provider that is not supported. 

Access AWS resources from IBM webMethods.io 

 

Picture 

Access Azure resources from IBM webMethods.io 

 

Picture 

Some real time examples using private link 

  • A manufacturing company uses SAP ERP hosted on-premises and wants to integrate it with webMethods.io for order processing and inventory updates. 
  • A bank wants to integrate its core banking system with webMethods.io to automate loan processing workflows. 
  • A healthcare provider uses webMethods.io to orchestrate data flows between EMR (Electronic Media Record) systems and third-party analytics platforms. 
  • A retail chain uses Salesforce and a custom inventory system hosted in Azure. 

Use case 

  • Publishing and Subscribing the message to rabbit MQ using AMQP protocol over the private link. 
  • In our case we will use the workflow to publish and subscribe the message. 

Setting up private link 

  • To setup the private link its mutual effort from both from IBM cloudOps team as well as from client infra team. 

Outbound private link 

  • For setting up outbound private link where the request will originate from webMethods.io and will fetch the data from customer infrastructure. In this case IBM webMethods will work as service consumer whereas client infrastructure will act as service provider. 
  • To achieve same client will generate the private link end points and will share with IBM cloudOps team. Then IBM cloudOps team will configure those private link end points on tenants VPC/VNET. 
  • Reference link for in detail setup  

          https://www.ibm.com/docs/en/wm-private-links?topic=configuring-private-links-microsoft-azure 

          https://www.ibm.com/docs/en/wm-private-links?topic=configuring-private-links-amazon-aws 

 

Inbound private link 

  • For setting up inbound private link where the request will originate from customer infrastructure and will fetch the data from webMethods.io. In this case client infrastructure will act as service consumer whereas IBM webMethods will work as service provider. 
  • To achieve same IBM webMethods.io team will generate the private link end points and will share with client. Then client infra team will configure those private link end points on their infrastructure VPC/VNET. 

Publish the message  

  • When we publish the message to the queue then communication will happen over the outbound private link. 
  • Navigate to the workflow and select the AMQP connector 
  • The AMQP connector supports the AMQP 0–9–1 messaging protocol. 
  • Configure the AMQP account using the details 

Picture 

 

Note: we need to use AMQP connector to connect to rabbit MQ  

 

Picture 

 

 

Subscribe the message 

  • When we subscribe the message to the queue then communication will happen over the outbound private link. 
  • During design time, listeners in the backend were configured to establish connectivity using WebSocket. 
  • When any message is published to the queue the listeners configured will subscribe the message. 

 

Picture 

 

Points to remember 

  • Private link acts as pipe between 2 VPC’s VNET’s. So. It is one to one type of setup. 
  • This setup can be done when both the VPC’s/ VNET’s are in the same region. 
  • Private Link may introduce slight latency due to routing through private endpoints. Monitor performance and optimize where needed. 

Statistics
0 Favorited
4 Views
0 Files
0 Shares
0 Downloads