Click here to close now.




















Welcome!

IoT User Interface Authors: Elizabeth White, Liz McMillan, Jim Kaskade, Pat Romanski, Dana Gardner

Related Topics: Java IoT, Microservices Expo, IBM Cloud, IoT User Interface, Apache

Java IoT: Article

Enterprise Framework Service for WebSphere Datapower

Minimize the exposure of ports and their configuration on firewall

Create Enterprise Framework Service:
Perform the following steps to create an Enterprise Framework Service, called EnterpriseFrameworkServiceMPGW, in Datapower.
1-    Create two loopback Services using XML Firewall:
1.a.    ServiceA
1.b.    serviceB

2-    Create the following 3 files
2.a.    Create EnvironmentConfig.xml. This file contains the environment value, so the incoming request is assign to right backend.

2.b.    Create EnvironmentConfig.xslt. This XSLT file read value from the EnvironmentConfig.xml and set the environment variable.

<?xml version="1.0" encoding="UTF-8"?>

<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"

version="1.0"

xmlns:dp="http://www.datapower.com/extensions"

extension-element-prefixes="dp"

exclude-result-prefixes="xalan dp"

xmlns:xalan="http://xml.apache.org/xslt">

<xsl:template match="/">

<xsl:variable name="masterConfig" select="document('local:///EnvironmentConfig.xml')"/>

<dp:set-variable name="'var://context/wp/environment'" value="normalize-space($masterConfig/config/environment/text())"/>

</xsl:template>

</xsl:stylesheet>

 

2.c.    Create EnterpriseFrameworkRouter.xslt. This XSLT file constructs the backend URL by preserving the incoming URI and reading the target host
information from the config.xml of that service.

<?xml version="1.0" encoding="ISO-8859-1"?>

<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"

xmlns:dp="http://www.datapower.com/extensions"

extension-element-prefixes="dp" exclude-result-prefixes="dp">

<xsl:template match="/">

<xsl:copy-of select="."/>

<xsl:variable name="incomingURI">

<xsl:value-of select="dp:variable('var://service/URI')"/>

</xsl:variable>

<xsl:variable name="tempVar">

<xsl:value-of select="substring-after($incomingURI,'/')"/>

</xsl:variable>

<xsl:variable name="serviceName">

<xsl:if test="contains($tempVar,'/')">

<xsl:value-of select="substring-before($tempVar,'/')"/>

</xsl:if>

<xsl:if test="not(contains($tempVar,'/'))">

<xsl:value-of select="$tempVar"/>

</xsl:if>

</xsl:variable>

<xsl:param name="hostAddr" select="'local:///'"/>

<xsl:variable name="remoteURL" select="concat($hostAddr,'/xml/',$serviceName,'/config.xml')"/>

<xsl:variable name="environment" select="dp:variable('var://context/wp/environment')"/>

<xsl:variable name="config" select="document($remoteURL)" />

<xsl:variable name="serviceDestination">

<xsl:copy-of select="$config/EnterpriseFrameworkDestinationList/serviceDestination[@environment=$environment]"/>

</xsl:variable>

<dp:set-variable name="'var://service/routing-url'" value="concat($serviceDestination,$incomingURI)"/>

</xsl:template>

</xsl:stylesheet>

 

 

3-    Upload these files to Datapower
3.a.    Create “xslt” folder and upload both xslt files there
3.b.    Upload “EnvironmentConfig.xml” to “local:///

 

4-    Create a Multi-Protocol Gateway (MPGW) named,  EnterpriseFrameworkMPGW with:
4.a.    Dynamic backend
4.b.    Request and Response type to Non-xml

 

5-    Create a front side handler, name it EnterpriseFrameworkFSH and assign port number to “81

 

6-    Create a new policy, EnterpriseFrameworkPolicy, and add following rules:
6.a.    Create a new rule for “Client to Server” and with two Transform actions
6.a.i.    Assign EnvironmentConfig.xslt to the first Transform action, make sure the Output set to NULL

 

6.a.ii.    Assign EnterpriseFrameworkRouter.xslt to the second Transform action, make sure Output set to NULL

 

6.b.    Create a new rule for “Server to Client” without any actions
6.c.    Overall EnterpriseFrameworkPolicy should look like this:

6.d.    Apply the Policy and close the window

7-    The EnterpriseFrameworkMPGW should look like this:  Save the configuration.

 

Integrate the Existing or New Services to the Enterprise Framework:

In order to incorporate the existing or new service in to the Enterprise Framework
1-    Create folder with the name of the service as a folder name under local:///xml/

 

2-    Create the following config.xml for serviceA
2.a.    The config.xml file for serviceA, which contains the IP address or hostname for each environment and  the port where serviceA is running

<?xml version="1.0" encoding="UTF-8"?>

<EnterpriseFrameworkDestinationList>

<serviceDestination environment="DEV">http://192.168.136.145:2048</serviceDestination>

<serviceDestination environment="QA">http://192.168.136.146:2048</serviceDestination>

<serviceDestination environment="PROD">http://192.168.136.147:2048</serviceDestination>

</EnterpriseFrameworkDestinationList>

 

 

3-    Upload the config.xml file at “local:///xml/serviceA” folder

 

4-    Create the similar config.xml for serviceB with serviceB’s hosts for each environment and assigned port

<?xml version="1.0" encoding="UTF-8"?>

<EnterpriseFrameworkDestinationList>

<serviceDestination environment="DEV">http://192.168.136.145:2049</serviceDestination>

<serviceDestination environment="QA">http://192.168.136.146:2049</serviceDestination>

<serviceDestination environment="PROD">http://192.168.136.147:2049</serviceDestination>

</EnterpriseFrameworkDestinationList>

 

5-    Upload the config.xml file at local:///xml/serviceB folder

6-    Every time a new service need to be integrated to Enterprise Framework, a config file need to be created for that service with values
of hostname/IP address and the port number where the service is installed. Nothing needs to be done on the EnterpriseFrameworkMPGW at all.

7-    For every incoming request EnterpriseFrameworkRouter.xslt (installed in the EnterpriseFrameworkMPGW) parse the URI and look for the
config.xml file for that service. If the service is not installed then there will be no xml/config file for that service.

Testing / Verification:

1-    Enabled the probes on serviceAFW and serviceBFW
2-    From the SOAP UI send the following test message for serviceA (http://<hostname>:81/serviceA)

3-    You should see the response back

4-    From the serviceA probe.  Notice the values of inbound-url and outbound-url.

5-    Now, send the request for serviceB  (http://<hostname>:81/serviceB)

6-    From the serviceB probe.  Notice the values of inbound-url and outbound-url.

7-    From the EnterpriseFrameworkMPGW Probe, you can see the requests are directed to their respective services. Notice the values of inbound-url and outbound-url.

Conclusion:
By implementing the Enterprise Framework Service to any WebSphere Datapower environment, it helps to streamline the development of
new services inside Datapower.  Datapower administrators do not need to deal with firewall and network configuration whenever a new
service is implemented on its appliances.  The framework also does not allow exposing any additional ports outside the network.

More Stories By Asim Saddal

Asim Saddal works in the Middleware (WebSphere Application Server, WebSphere Datapower, WebSphere Process Server, WebSphere VE) practice of IBM Software Services for WebSphere.

@CloudExpo Stories
In their session at 17th Cloud Expo, Hal Schwartz, CEO of Secure Infrastructure & Services (SIAS), and Chuck Paolillo, CTO of Secure Infrastructure & Services (SIAS), provide a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. In his role as CEO of Secure Infrastructure & Services (SIAS), Hal Schwartz provides leadership and direction for the company.
There are many considerations when moving applications from on-premise to cloud. It is critical to understand the benefits and also challenges of this migration. A successful migration will result in lower Total Cost of Ownership, yet offer the same or higher level of robustness. In his session at 15th Cloud Expo, Michael Meiner, an Engineering Director at Oracle, Corporation, analyzed a range of cloud offerings (IaaS, PaaS, SaaS) and discussed the benefits/challenges of migrating to each offe...
SYS-CON Events announced today that the "Second Containers & Microservices Expo" will take place November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities.
As organizations shift towards IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection and E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his session at 17th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Partnerships at Com...
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin,...
SYS-CON Events announced today that MobiDev, a software development company, will exhibit at the 17th International Cloud Expo®, which will take place November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software development company with representative offices in Atlanta (US), Sheffield (UK) and Würzburg (Germany); and development centers in Ukraine. Since 2009 it has grown from a small group of passionate engineers and business managers to a full-scale mobi...
Between the compelling mockups and specs produced by your analysts and designers, and the resulting application built by your developers, there is a gulf where projects fail, costs spiral out of control, and applications fall short of requirements. In his session at @DevOpsSummit, Charles Kendrick, CTO and Chief Architect at Isomorphic Software, presented a new approach where business and development users collaborate – each using tools appropriate to their goals and expertise – to build mocku...
Container technology is sending shock waves through the world of cloud computing. Heralded as the 'next big thing,' containers provide software owners a consistent way to package their software and dependencies while infrastructure operators benefit from a standard way to deploy and run them. Containers present new challenges for tracking usage due to their dynamic nature. They can also be deployed to bare metal, virtual machines and various cloud platforms. How do software owners track the usag...
SYS-CON Events announced today that VividCortex, the monitoring solution for the modern data system, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The database is the heart of most applications, but it’s also the part that’s hardest to scale, monitor, and optimize even as it’s growing 50% year over year. VividCortex is the first unified suite of database monitoring tools specifically desi...
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being software-defined – from our phones and cars through our washing machines to the datacenter. However, there are larger challenges when implementing software defined on a larger scale - when building software defined infrastructure. In his session at 16th Cloud Expo, Boyan Ivanov, CEO of StorPool, provided some practical insights on what, how and why when implementing "software-defined" in the datacent...
Learn how you can use the CoSN SEND II Decision Tree for Education Technology to make sure that your K–12 technology initiatives create a more engaging learning experience that empowers students, teachers, and administrators alike.
Mobile, social, Big Data, and cloud have fundamentally changed the way we live. “Anytime, anywhere” access to data and information is no longer a luxury; it’s a requirement, in both our personal and professional lives. For IT organizations, this means pressure has never been greater to deliver meaningful services to the business and customers.
"We've just seen a huge influx of new partners coming into our ecosystem, and partners building unique offerings on top of our API set," explained Seth Bostock, Chief Executive Officer at IndependenceIT, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Digital Transformation is the ultimate goal of cloud computing and related initiatives. The phrase is certainly not a precise one, and as subject to hand-waving and distortion as any high-falutin' terminology in the world of information technology. Yet it is an excellent choice of words to describe what enterprise IT—and by extension, organizations in general—should be working to achieve. Digital Transformation means: handling all the data types being found and created in the organizat...
Chuck Piluso presented a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. Prior to Secure Infrastructure and Services, Mr. Piluso founded North American Telecommunication Corporation, a facilities-based Competitive Local Exchange Carrier licensed by the Public Service Commission in 10 states, serving as the company's chairman and president from 1997 to 2000. Between 1990 and 1997, Mr. Piluso served as chairman & founder of International Te...
With SaaS use rampant across organizations, how can IT departments track company data and maintain security? More and more departments are commissioning their own solutions and bypassing IT. A cloud environment is amorphous and powerful, allowing you to set up solutions for all of your user needs: document sharing and collaboration, mobile access, e-mail, even industry-specific applications. In his session at 16th Cloud Expo, Shawn Mills, President and a founder of Green House Data, discussed h...
One of the hottest areas in cloud right now is DRaaS and related offerings. In his session at 16th Cloud Expo, Dale Levesque, Disaster Recovery Product Manager with Windstream's Cloud and Data Center Marketing team, will discuss the benefits of the cloud model, which far outweigh the traditional approach, and how enterprises need to ensure that their needs are properly being met.
The Internet of Everything (IoE) brings together people, process, data and things to make networked connections more relevant and valuable than ever before – transforming information into knowledge and knowledge into wisdom. IoE creates new capabilities, richer experiences, and unprecedented opportunities to improve business and government operations, decision making and mission support capabilities.
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Arch...