DataPower

 View Only

  • 1.  DataPower in CP4I

    Posted 29 days ago

    Hi,

    Just starting to work on DataPower CP4I.

    When a Datapower is deployed and running in CP4I with multiple replicas, how are updates in the services propagated to the replicas?

    The scenario is where one can access the DataPower WEBUI and creates or updates a service with new XSLT/GatewayScript files, TLS profiles, configuration files..etc.

    Are the existing pods deleted and new ones created with the updates?  

    Or are updates to DataPower services or creation of services performed outside of CP4I , and deployed in CP4I using DataPower CRD and operator and oc/kubctl commands? It appears that the DataPower CRD, uses the application domain as the basic unit of deployment?

    Thanks,

    Paul



    ------------------------------
    Paul Dango
    ------------------------------


  • 2.  RE: DataPower in CP4I

    Posted 29 days ago

    Hi Paul,

    In general, it is not recommended to enable and use the DataPower UI in a Kubernetes / OpenShift environment, especially not with multiple replicas. This is because any changes made via the UI will not be persisted in the container, nor replicated to the other Pods in the StatefulSet. Instead, service configuration should be developed elsewhere and deployed to the cluster using ConfigMaps, Secrets, and the DataPowerService custom resource. As for where to develop the configurations, I'd recommend a local DataPower container (e.g., via podman or docker) where you can easily mount the config and local directories to lift out the configuration and files you'd need to deploy to the cluster.

    The following documentation can be used as a guide for setting up a local development environment in docker / podman. You can ignore / skip the part about building a custom image if you like; the important part is the run command with file system mounting and the UI port (9090) exposed. Note you may need to customize this to better suite your needs (such as exposing more ports).

    https://www.ibm.com/docs/en/datapower-gateway/10.5.x?topic=docker-creating-datapower-application

    For working with the DataPowerService in CP4I / OpenShift, I would recommend the following guide:

    https://www.ibm.com/docs/en/datapower-operator/1.10?topic=guides-domain-configuration

    Hope the above information helps.

    Aidan



    ------------------------------
    Aidan Harbison
    ------------------------------

    Original Message


  • 3.  RE: DataPower in CP4I

    Posted 29 days ago
    HI Aidan,

    Thank you for your response.  It sure clarifies a key point in migrating to DataPower in CP4I.

    Thanks,

    Paul

     



    Original Message


  • 4.  RE: DataPower in CP4I

    IBM Champion
    Posted 29 days ago

    Hi Paul,

    Like Aidan stated use of DataPower UI to manage things is not recommended in containerized environments, or I'd say in any kind environments. You should always manage your configuration and other source code in a version control system and deploy changes via some kind of automated pipeline. This way you can manage the changes made to your services and other configurations in a consistent manner. 



    ------------------------------
    Hermanni Pernaa
    ------------------------------

    Original Message


  • 5.  RE: DataPower in CP4I

    Posted 28 days ago

    DataPower WebGUI is the primary development interface of DataPower. Hence, your question is quite general in nature.  Here is how I do it. 

    Development Environment: You will have one DP operator instance that you can either instantiate on OCP cluster or on your local laptop. The source code and configuration should come from GitHub. Feel free to enable webGUI and do the changes that you wish. Once done, your changes must be merged back to GitHub. After that usual DevOps process kicks in and your code/config gets integrated/propagated to higher environments. 

    SIT/UAT and Higher environments (all the way up to production): There you do not enable webGUI (be careful not to enable them as you enabled them on Dev environment and it is there in your development branch). There the image deployment happens through GitHub/OCP mechanism. You can have as many instances as you want commanded by OCP service entry point. Here to troubleshoot you got to rely on logs only. 

    I don't see a technical constraint on enabling webGUI on CP4I. But as Aidan hinted below, in non-development environments it is not that common. You also have to carefully weight the concept of 'application domain' in CP4I/OCP, in case you are trying to migrate to OCP. 



    ------------------------------
    Ajitabh Sharma
    ------------------------------

    Original Message