Welcome!

IBM Cloud Authors: Yeshim Deniz, Liz McMillan, Pat Romanski, Carmen Gonzalez, Elizabeth White

Related Topics: Java IoT, Microservices Expo, IBM Cloud, Machine Learning , Apache

Java IoT: Article

Enterprise Framework Service for WebSphere Datapower

Minimize the exposure of ports and their configuration on firewall

Create Enterprise Framework Service:
Perform the following steps to create an Enterprise Framework Service, called EnterpriseFrameworkServiceMPGW, in Datapower.
1-    Create two loopback Services using XML Firewall:
1.a.    ServiceA
1.b.    serviceB

2-    Create the following 3 files
2.a.    Create EnvironmentConfig.xml. This file contains the environment value, so the incoming request is assign to right backend.

2.b.    Create EnvironmentConfig.xslt. This XSLT file read value from the EnvironmentConfig.xml and set the environment variable.

<?xml version="1.0" encoding="UTF-8"?>

<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"

version="1.0"

xmlns:dp="http://www.datapower.com/extensions"

extension-element-prefixes="dp"

exclude-result-prefixes="xalan dp"

xmlns:xalan="http://xml.apache.org/xslt">

<xsl:template match="/">

<xsl:variable name="masterConfig" select="document('local:///EnvironmentConfig.xml')"/>

<dp:set-variable name="'var://context/wp/environment'" value="normalize-space($masterConfig/config/environment/text())"/>

</xsl:template>

</xsl:stylesheet>

 

2.c.    Create EnterpriseFrameworkRouter.xslt. This XSLT file constructs the backend URL by preserving the incoming URI and reading the target host
information from the config.xml of that service.

<?xml version="1.0" encoding="ISO-8859-1"?>

<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"

xmlns:dp="http://www.datapower.com/extensions"

extension-element-prefixes="dp" exclude-result-prefixes="dp">

<xsl:template match="/">

<xsl:copy-of select="."/>

<xsl:variable name="incomingURI">

<xsl:value-of select="dp:variable('var://service/URI')"/>

</xsl:variable>

<xsl:variable name="tempVar">

<xsl:value-of select="substring-after($incomingURI,'/')"/>

</xsl:variable>

<xsl:variable name="serviceName">

<xsl:if test="contains($tempVar,'/')">

<xsl:value-of select="substring-before($tempVar,'/')"/>

</xsl:if>

<xsl:if test="not(contains($tempVar,'/'))">

<xsl:value-of select="$tempVar"/>

</xsl:if>

</xsl:variable>

<xsl:param name="hostAddr" select="'local:///'"/>

<xsl:variable name="remoteURL" select="concat($hostAddr,'/xml/',$serviceName,'/config.xml')"/>

<xsl:variable name="environment" select="dp:variable('var://context/wp/environment')"/>

<xsl:variable name="config" select="document($remoteURL)" />

<xsl:variable name="serviceDestination">

<xsl:copy-of select="$config/EnterpriseFrameworkDestinationList/serviceDestination[@environment=$environment]"/>

</xsl:variable>

<dp:set-variable name="'var://service/routing-url'" value="concat($serviceDestination,$incomingURI)"/>

</xsl:template>

</xsl:stylesheet>

 

 

3-    Upload these files to Datapower
3.a.    Create “xslt” folder and upload both xslt files there
3.b.    Upload “EnvironmentConfig.xml” to “local:///

 

4-    Create a Multi-Protocol Gateway (MPGW) named,  EnterpriseFrameworkMPGW with:
4.a.    Dynamic backend
4.b.    Request and Response type to Non-xml

 

5-    Create a front side handler, name it EnterpriseFrameworkFSH and assign port number to “81

 

6-    Create a new policy, EnterpriseFrameworkPolicy, and add following rules:
6.a.    Create a new rule for “Client to Server” and with two Transform actions
6.a.i.    Assign EnvironmentConfig.xslt to the first Transform action, make sure the Output set to NULL

 

6.a.ii.    Assign EnterpriseFrameworkRouter.xslt to the second Transform action, make sure Output set to NULL

 

6.b.    Create a new rule for “Server to Client” without any actions
6.c.    Overall EnterpriseFrameworkPolicy should look like this:

6.d.    Apply the Policy and close the window

7-    The EnterpriseFrameworkMPGW should look like this:  Save the configuration.

 

Integrate the Existing or New Services to the Enterprise Framework:

In order to incorporate the existing or new service in to the Enterprise Framework
1-    Create folder with the name of the service as a folder name under local:///xml/

 

2-    Create the following config.xml for serviceA
2.a.    The config.xml file for serviceA, which contains the IP address or hostname for each environment and  the port where serviceA is running

<?xml version="1.0" encoding="UTF-8"?>

<EnterpriseFrameworkDestinationList>

<serviceDestination environment="DEV">http://192.168.136.145:2048</serviceDestination>

<serviceDestination environment="QA">http://192.168.136.146:2048</serviceDestination>

<serviceDestination environment="PROD">http://192.168.136.147:2048</serviceDestination>

</EnterpriseFrameworkDestinationList>

 

 

3-    Upload the config.xml file at “local:///xml/serviceA” folder

 

4-    Create the similar config.xml for serviceB with serviceB’s hosts for each environment and assigned port

<?xml version="1.0" encoding="UTF-8"?>

<EnterpriseFrameworkDestinationList>

<serviceDestination environment="DEV">http://192.168.136.145:2049</serviceDestination>

<serviceDestination environment="QA">http://192.168.136.146:2049</serviceDestination>

<serviceDestination environment="PROD">http://192.168.136.147:2049</serviceDestination>

</EnterpriseFrameworkDestinationList>

 

5-    Upload the config.xml file at local:///xml/serviceB folder

6-    Every time a new service need to be integrated to Enterprise Framework, a config file need to be created for that service with values
of hostname/IP address and the port number where the service is installed. Nothing needs to be done on the EnterpriseFrameworkMPGW at all.

7-    For every incoming request EnterpriseFrameworkRouter.xslt (installed in the EnterpriseFrameworkMPGW) parse the URI and look for the
config.xml file for that service. If the service is not installed then there will be no xml/config file for that service.

Testing / Verification:

1-    Enabled the probes on serviceAFW and serviceBFW
2-    From the SOAP UI send the following test message for serviceA (http://<hostname>:81/serviceA)

3-    You should see the response back

4-    From the serviceA probe.  Notice the values of inbound-url and outbound-url.

5-    Now, send the request for serviceB  (http://<hostname>:81/serviceB)

6-    From the serviceB probe.  Notice the values of inbound-url and outbound-url.

7-    From the EnterpriseFrameworkMPGW Probe, you can see the requests are directed to their respective services. Notice the values of inbound-url and outbound-url.

Conclusion:
By implementing the Enterprise Framework Service to any WebSphere Datapower environment, it helps to streamline the development of
new services inside Datapower.  Datapower administrators do not need to deal with firewall and network configuration whenever a new
service is implemented on its appliances.  The framework also does not allow exposing any additional ports outside the network.

More Stories By Asim Saddal

Asim Saddal works in the Middleware (WebSphere Application Server, WebSphere Datapower, WebSphere Process Server, WebSphere VE) practice of IBM Software Services for WebSphere.

@ThingsExpo Stories
The 21st International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Machine Learning and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding busin...
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @ThingsExpo Silicon Valley Call for Papers is now open.
As cloud adoption continues to transform business, today's global enterprises are challenged with managing a growing amount of information living outside of the data center. The rapid adoption of IoT and increasingly mobile workforce are exacerbating the problem. Ensuring secure data sharing and efficient backup poses capacity and bandwidth considerations as well as policy and regulatory compliance issues.
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
SYS-CON Events announced today that SoftLayer, an IBM Company, has been named “Gold Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York. SoftLayer, an IBM Company, provides cloud infrastructure as a service from a growing number of data centers and network points of presence around the world. SoftLayer’s customers range from Web startups to global enterprises.
Five years ago development was seen as a dead-end career, now it’s anything but – with an explosion in mobile and IoT initiatives increasing the demand for skilled engineers. But apart from having a ready supply of great coders, what constitutes true ‘DevOps Royalty’? It’ll be the ability to craft resilient architectures, supportability, security everywhere across the software lifecycle. In his keynote at @DevOpsSummit at 20th Cloud Expo, Jeffrey Scheaffer, GM and SVP, Continuous Delivery Busine...
SYS-CON Events announced today that Outscale will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Outscale's technology makes an automated and adaptable Cloud available to businesses, supporting them in the most complex IT projects while controlling their operational aspects. You boost your IT infrastructure's reactivity, with request responses that only take a few seconds.
SYS-CON Events announced today that Loom Systems will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Founded in 2015, Loom Systems delivers an advanced AI solution to predict and prevent problems in the digital business. Loom stands alone in the industry as an AI analysis platform requiring no prior math knowledge from operators, leveraging the existing staff to succeed in the digital era. With offices in S...
SYS-CON Events announced today that DivvyCloud will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. DivvyCloud software enables organizations to achieve their cloud computing goals by simplifying and automating security, compliance and cost optimization of public and private cloud infrastructure. Using DivvyCloud, customers can leverage programmatic Bots to identify and remediate common cloud problems in rea...
SYS-CON Events announced today that Tintri, Inc, a leading provider of enterprise cloud infrastructure, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Tintri offers an enterprise cloud platform built with public cloud-like web services and RESTful APIs. Organizations use Tintri all-flash storage with scale-out and automation as a foundation for their own clouds – to build agile development environments...
SYS-CON Events announced today that Progress, a global leader in application development, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Enterprises today are rapidly adopting the cloud, while continuing to retain business-critical/sensitive data inside the firewall. This is creating two separate data silos – one inside the firewall and the other outside the firewall. Cloud ISVs ofte...
SYS-CON Events announced today that Tappest will exhibit MooseFS at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. MooseFS is a breakthrough concept in the storage industry. It allows you to secure stored data with either duplication or erasure coding using any server. The newest – 4.0 version of the software enables users to maintain the redundancy level with even 50% less hard drive space required. The software func...
SYS-CON Events announced today that Interoute has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Interoute is the owner operator of Europe's largest network and a global cloud services platform, which encompasses over 70,000 km of lit fiber, 15 data centers, 17 virtual data centers and 33 colocation centers, with connections to 195 additional partner data centers. Our full-service Unifie...
SYS-CON Events announced today that EARP will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. "We are a software house, so we perfectly understand challenges that other software houses face in their projects. We can augment a team, that will work with the same standards and processes as our partners' internal teams. Our teams will deliver the same quality within the required time and budget just as our partn...
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in compute, storage and networking technologies, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology, is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/...
SYS-CON Events announced today that Carbonite will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Carbonite protects your entire IT footprint with the right level of protection for each workload, ensuring lower costs and dependable solutions with DoubleTake and Evault.
SYS-CON Events announced today that Technologic Systems Inc., an embedded systems solutions company, will exhibit at SYS-CON's @ThingsExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Technologic Systems is an embedded systems company with headquarters in Fountain Hills, Arizona. They have been in business for 32 years, helping more than 8,000 OEM customers and building over a hundred COTS products that have never been discontinued. Technologic Systems’ pr...
SYS-CON Events announced today that Cloudistics, an on-premises cloud computing company, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Cloudistics delivers a complete public cloud experience with composable on-premises infrastructures to medium and large enterprises. Its software-defined technology natively converges network, storage, compute, virtualization, and management into a ...
New competitors, disruptive technologies, and growing expectations are pushing every business to both adopt and deliver new digital services. This ‘Digital Transformation’ demands rapid delivery and continuous iteration of new competitive services via multiple channels, which in turn demands new service delivery techniques – including DevOps. In this power panel at @DevOpsSummit 20th Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, panelists will examine how DevOps helps to meet th...
SYS-CON Events announced today that Progress, a global leader in application development, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Enterprises today are rapidly adopting the cloud, while continuing to retain business-critical/sensitive data inside the firewall. This is creating two separate data silos – one inside the firewall and the other outside the firewall. Cloud ISVs oft...