Welcome!

IoT User Interface Authors: AppNeta Blog, Dana Gardner, Carmen Gonzalez, ManageEngine IT Matters, Elizabeth White

Related Topics: Java IoT, Microservices Expo, IBM Cloud, IoT User Interface, Apache

Java IoT: Article

Enterprise Framework Service for WebSphere Datapower

Minimize the exposure of ports and their configuration on firewall

Create Enterprise Framework Service:
Perform the following steps to create an Enterprise Framework Service, called EnterpriseFrameworkServiceMPGW, in Datapower.
1-    Create two loopback Services using XML Firewall:
1.a.    ServiceA
1.b.    serviceB

2-    Create the following 3 files
2.a.    Create EnvironmentConfig.xml. This file contains the environment value, so the incoming request is assign to right backend.

2.b.    Create EnvironmentConfig.xslt. This XSLT file read value from the EnvironmentConfig.xml and set the environment variable.

<?xml version="1.0" encoding="UTF-8"?>

<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"

version="1.0"

xmlns:dp="http://www.datapower.com/extensions"

extension-element-prefixes="dp"

exclude-result-prefixes="xalan dp"

xmlns:xalan="http://xml.apache.org/xslt">

<xsl:template match="/">

<xsl:variable name="masterConfig" select="document('local:///EnvironmentConfig.xml')"/>

<dp:set-variable name="'var://context/wp/environment'" value="normalize-space($masterConfig/config/environment/text())"/>

</xsl:template>

</xsl:stylesheet>

 

2.c.    Create EnterpriseFrameworkRouter.xslt. This XSLT file constructs the backend URL by preserving the incoming URI and reading the target host
information from the config.xml of that service.

<?xml version="1.0" encoding="ISO-8859-1"?>

<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"

xmlns:dp="http://www.datapower.com/extensions"

extension-element-prefixes="dp" exclude-result-prefixes="dp">

<xsl:template match="/">

<xsl:copy-of select="."/>

<xsl:variable name="incomingURI">

<xsl:value-of select="dp:variable('var://service/URI')"/>

</xsl:variable>

<xsl:variable name="tempVar">

<xsl:value-of select="substring-after($incomingURI,'/')"/>

</xsl:variable>

<xsl:variable name="serviceName">

<xsl:if test="contains($tempVar,'/')">

<xsl:value-of select="substring-before($tempVar,'/')"/>

</xsl:if>

<xsl:if test="not(contains($tempVar,'/'))">

<xsl:value-of select="$tempVar"/>

</xsl:if>

</xsl:variable>

<xsl:param name="hostAddr" select="'local:///'"/>

<xsl:variable name="remoteURL" select="concat($hostAddr,'/xml/',$serviceName,'/config.xml')"/>

<xsl:variable name="environment" select="dp:variable('var://context/wp/environment')"/>

<xsl:variable name="config" select="document($remoteURL)" />

<xsl:variable name="serviceDestination">

<xsl:copy-of select="$config/EnterpriseFrameworkDestinationList/serviceDestination[@environment=$environment]"/>

</xsl:variable>

<dp:set-variable name="'var://service/routing-url'" value="concat($serviceDestination,$incomingURI)"/>

</xsl:template>

</xsl:stylesheet>

 

 

3-    Upload these files to Datapower
3.a.    Create “xslt” folder and upload both xslt files there
3.b.    Upload “EnvironmentConfig.xml” to “local:///

 

4-    Create a Multi-Protocol Gateway (MPGW) named,  EnterpriseFrameworkMPGW with:
4.a.    Dynamic backend
4.b.    Request and Response type to Non-xml

 

5-    Create a front side handler, name it EnterpriseFrameworkFSH and assign port number to “81

 

6-    Create a new policy, EnterpriseFrameworkPolicy, and add following rules:
6.a.    Create a new rule for “Client to Server” and with two Transform actions
6.a.i.    Assign EnvironmentConfig.xslt to the first Transform action, make sure the Output set to NULL

 

6.a.ii.    Assign EnterpriseFrameworkRouter.xslt to the second Transform action, make sure Output set to NULL

 

6.b.    Create a new rule for “Server to Client” without any actions
6.c.    Overall EnterpriseFrameworkPolicy should look like this:

6.d.    Apply the Policy and close the window

7-    The EnterpriseFrameworkMPGW should look like this:  Save the configuration.

 

Integrate the Existing or New Services to the Enterprise Framework:

In order to incorporate the existing or new service in to the Enterprise Framework
1-    Create folder with the name of the service as a folder name under local:///xml/

 

2-    Create the following config.xml for serviceA
2.a.    The config.xml file for serviceA, which contains the IP address or hostname for each environment and  the port where serviceA is running

<?xml version="1.0" encoding="UTF-8"?>

<EnterpriseFrameworkDestinationList>

<serviceDestination environment="DEV">http://192.168.136.145:2048</serviceDestination>

<serviceDestination environment="QA">http://192.168.136.146:2048</serviceDestination>

<serviceDestination environment="PROD">http://192.168.136.147:2048</serviceDestination>

</EnterpriseFrameworkDestinationList>

 

 

3-    Upload the config.xml file at “local:///xml/serviceA” folder

 

4-    Create the similar config.xml for serviceB with serviceB’s hosts for each environment and assigned port

<?xml version="1.0" encoding="UTF-8"?>

<EnterpriseFrameworkDestinationList>

<serviceDestination environment="DEV">http://192.168.136.145:2049</serviceDestination>

<serviceDestination environment="QA">http://192.168.136.146:2049</serviceDestination>

<serviceDestination environment="PROD">http://192.168.136.147:2049</serviceDestination>

</EnterpriseFrameworkDestinationList>

 

5-    Upload the config.xml file at local:///xml/serviceB folder

6-    Every time a new service need to be integrated to Enterprise Framework, a config file need to be created for that service with values
of hostname/IP address and the port number where the service is installed. Nothing needs to be done on the EnterpriseFrameworkMPGW at all.

7-    For every incoming request EnterpriseFrameworkRouter.xslt (installed in the EnterpriseFrameworkMPGW) parse the URI and look for the
config.xml file for that service. If the service is not installed then there will be no xml/config file for that service.

Testing / Verification:

1-    Enabled the probes on serviceAFW and serviceBFW
2-    From the SOAP UI send the following test message for serviceA (http://<hostname>:81/serviceA)

3-    You should see the response back

4-    From the serviceA probe.  Notice the values of inbound-url and outbound-url.

5-    Now, send the request for serviceB  (http://<hostname>:81/serviceB)

6-    From the serviceB probe.  Notice the values of inbound-url and outbound-url.

7-    From the EnterpriseFrameworkMPGW Probe, you can see the requests are directed to their respective services. Notice the values of inbound-url and outbound-url.

Conclusion:
By implementing the Enterprise Framework Service to any WebSphere Datapower environment, it helps to streamline the development of
new services inside Datapower.  Datapower administrators do not need to deal with firewall and network configuration whenever a new
service is implemented on its appliances.  The framework also does not allow exposing any additional ports outside the network.

More Stories By Asim Saddal

Asim Saddal works in the Middleware (WebSphere Application Server, WebSphere Datapower, WebSphere Process Server, WebSphere VE) practice of IBM Software Services for WebSphere.

@CloudExpo Stories
Video experiences should be unique and exciting! But that doesn’t mean you need to patch all the pieces yourself. Users demand rich and engaging experiences and new ways to connect with you. But creating robust video applications at scale can be complicated, time-consuming and expensive. In his session at @ThingsExpo, Zohar Babin, Vice President of Platform, Ecosystem and Community at Kaltura, discussed how VPaaS enables you to move fast, creating scalable video experiences that reach your aud...
All clouds are not equal. To succeed in a DevOps context, organizations should plan to develop/deploy apps across a choice of on-premise and public clouds simultaneously depending on the business needs. This is where the concept of the Lean Cloud comes in - resting on the idea that you often need to relocate your app modules over their life cycles for both innovation and operational efficiency in the cloud. In his session at @DevOpsSummit at19th Cloud Expo, Valentin (Val) Bercovici, CTO of Soli...
"Once customers get a year into their IoT deployments, they start to realize that they may have been shortsighted in the ways they built out their deployment and the key thing I see a lot of people looking at is - how can I take equipment data, pull it back in an IoT solution and show it in a dashboard," stated Dave McCarthy, Director of Products at Bsquare Corporation, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
What happens when the different parts of a vehicle become smarter than the vehicle itself? As we move toward the era of smart everything, hundreds of entities in a vehicle that communicate with each other, the vehicle and external systems create a need for identity orchestration so that all entities work as a conglomerate. Much like an orchestra without a conductor, without the ability to secure, control, and connect the link between a vehicle’s head unit, devices, and systems and to manage the ...
An IoT product’s log files speak volumes about what’s happening with your products in the field, pinpointing current and potential issues, and enabling you to predict failures and save millions of dollars in inventory. But until recently, no one knew how to listen. In his session at @ThingsExpo, Dan Gettens, Chief Research Officer at OnProcess, discussed recent research by Massachusetts Institute of Technology and OnProcess Technology, where MIT created a new, breakthrough analytics model for ...
IoT is rapidly changing the way enterprises are using data to improve business decision-making. In order to derive business value, organizations must unlock insights from the data gathered and then act on these. In their session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, and Peter Shashkin, Head of Development Department at EastBanc Technologies, discussed how one organization leveraged IoT, cloud technology and data analysis to improve customer experiences and effici...
Everyone knows that truly innovative companies learn as they go along, pushing boundaries in response to market changes and demands. What's more of a mystery is how to balance innovation on a fresh platform built from scratch with the legacy tech stack, product suite and customers that continue to serve as the business' foundation. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, discussed why and how ReadyTalk diverted from healthy revenue and mor...
In this strange new world where more and more power is drawn from business technology, companies are effectively straddling two paths on the road to innovation and transformation into digital enterprises. The first path is the heritage trail – with “legacy” technology forming the background. Here, extant technologies are transformed by core IT teams to provide more API-driven approaches. Legacy systems can restrict companies that are transitioning into digital enterprises. To truly become a lead...
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
"MathFreeOn.com is a line coding platform for engineers and scientists. When they want to solve an engineering problem and they have to use software - they have to pay a lot of money for licenses - but with MathFreeOn you don't have to pay a lot of money. Just go to our site and write the code and you can check the result right away," explained Simon Lee, CMO of MathFreeOn, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Cla...
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can ...
In his session at 19th Cloud Expo, Claude Remillard, Principal Program Manager in Developer Division at Microsoft, contrasted how his team used config as code and immutable patterns for continuous delivery of microservices and apps to the cloud. He showed how the immutable patterns helps developers do away with most of the complexity of config as code-enabling scenarios such as rollback, zero downtime upgrades with far greater simplicity. He also demoed building immutable pipelines in the cloud ...
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
In his session at Cloud Expo, Robert Cohen, an economist and senior fellow at the Economic Strategy Institute, provideed economic scenarios that describe how the rapid adoption of software-defined everything including cloud services, SDDC and open networking will change GDP, industry growth, productivity and jobs. This session also included a drill down for several industries such as finance, social media, cloud service providers and pharmaceuticals.
"Dice has been around for the last 20 years. We have been helping tech professionals find new jobs and career opportunities," explained Manish Dixit, VP of Product and Engineering at Dice, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Extracting business value from Internet of Things (IoT) data doesn’t happen overnight. There are several requirements that must be satisfied, including IoT device enablement, data analysis, real-time detection of complex events and automated orchestration of actions. Unfortunately, too many companies fall short in achieving their business goals by implementing incomplete solutions or not focusing on tangible use cases. In his general session at @ThingsExpo, Dave McCarthy, Director of Products...
"ReadyTalk is an audio and web video conferencing provider. We've really come to embrace WebRTC as the platform for our future of technology," explained Dan Cunningham, CTO of ReadyTalk, in this SYS-CON.tv interview at WebRTC Summit at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
@DevOpsSummit taking place June 6-8, 2017 at Javits Center, New York City, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @DevOpsSummit at Cloud Expo New York Call for Papers is now open.