Hybrid Integration on IBM Cloud Private Deployment
In this section we are presenting how Hybrid integration solution implementation is deployed to IBM Cloud Private. We address different configurations as business and operation requirements may differ per data center and even per business applications. Each configuration describes how some of the components of the solution may be deployed to ICP or kept on-premise servers.
Prerequisites
The following points should be considered before going into more detail of the ICP deployment: A conceptual understanding of how Kubernetes works, see also personal summary here A high-level understanding of Helm and Kubernetes package management. A basic understanding of IBM Cloud Private cluster architecture. Understand the different ICP environment and sizing Understand image management: Access to an operational IBM Cloud Private cluster see installation note for the different approaches you could use.
As a developer, you need to have the following components:
Docker installed on user laptop
Kubectl installed on user laptop
Helm
we have provided shell script to do those installation. Execute ../scripts/install_cli.sh ( or ./scripts/install_cli.bat for Windows)
Add Helm Charts Repository
* Add a browncompute namespace using ICP admin console, under Manage > Namespaces menu.
We will use this namespace to deploy the hybrid integration components into ICP cluster. As an alternate you can use the command: kubectl create namespace browncompute.
Deployment steps
Helm charts are defined one time and should stay reasonably stable over time. Docker image change at each build. Remember that docker images that are added to the image registry are owned by namespaces. All the users within a namespace are owners of the images. An owner can remove or update the images from the cluster management console. Super administrators have full access to all images in the cluster. Owners can also update the scope of an image
Here are the common steps to perform when deploying a component of the hybrid integration solution. Install Helm Chart + Option 1: Clone the Repo & Install the Chart + Option 2: Install from Helm Chart Repository + Option 3: Install from Helm Chart Repository using ICP Helm Charts Catalog Validate Helm Chart * Setup a CICD Pipeline for each project
Update docker images
You need to name the images with the owner, so the namespace used. Here are example of images scoped:
$ kubectl get images -n browncompute NAME AGE browncompute-inventory-dal 1d customerms 10m
kubectl get images -n default NAME AGE nginx 29d
docker push ext-demo.icp:8500/browncompute/customerms:latest
Install Helm Chart
We created Helm Charts for each project. For example the browncompute-inventory-dal chart packages all of the kubernetes resources required to deploy the browncompute-inventory-dal app and expose it to a public endpoint.
For more in-depth details of the inner-workings of Helm Charts, please refer to the Helm Chart Documentation to learn more about charts.
You have 3 options to install the chart:
1. Clone the Repo and Install the Chart.
2. Install the chart from our Helm Chart Repository, which is served here directly from GitHub.
3. Install the chart from our Helm Chart Repository using ICP's Charts Catalog.
Option 1: Clone the Repo & Install the Chart
To clone the repo & install the browncompute-inventory-dal chart from source, run the following commands:
# Clone the repo $ git clone https://github.com/ibm-cloud-architecture/refarch-integration-inventory-dal.git # Change to repo directory $ cd refarch-integration-inventory-dal # Install the Chart $ helm install chart/browncompute-inventory-dal --name browncompute-dal --tls
Option 2: Install from Helm Chart Repository
As an example for the Data Access Layer project, we created a Helm Chart Repository (located here) where we serve a packaged version of the browncompute-inventory-dal so that you can conveniently install it in your ICP Cluster.
To install the chart from the Helm Chart Repository, run the following commands:
# Add Local Reference to Helm Chart Repository $ helm repo add browncompute https://raw.githubusercontent.com/ibm-cloud-architecture/refarch-integration-inventory-dal/master/docs/charts # Install the Chart $ helm install browncompute/browncompute-inventory-dal --name browncompute-dal --tls
Option 3: Install from Helm Chart Repository using ICP Helm Charts Catalog
Coming Soon
Validate Helm Chart
If you installed the chart successfuly, you should see a CLI output similar to the following:
NAME: browncompute-dal LAST DEPLOYED: Tue Nov 14 22:23:39 2017 NAMESPACE: browncompute STATUS: DEPLOYED RESOURCES: ==> v1/Service NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE inventorydalsvc 10.101.0.176 <none> 9080/TCP,9443/TCP 1s ==> v1beta1/Deployment NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE browncompute-dal-browncompute-dal 2 2 2 0 1s ==> v1beta1/Ingress NAME HOSTS ADDRESS PORTS AGE browncompute-dal-browncompute-dal dal.brown.case 80 1s
Configurations
As an hybrid solution each component of the solution may run on existing on-premise servers or within IBM Cloud Private cluster. The deployment decision will be driven by the business requirements and the availability of underlying IBM middleware product as docker image and helm chart.
For each component of the 'hybrid integration' solution the following needs may be done:
- build the docker image
- tag the image with information about the target repository server, namespace, tag and version
- push the image to the remote docker repository (most likely the one inside ICP master node)
- build the helm package from the chart definition
- install the chart to ICP cluster using helm install or upgrade command line interface
- access the URL end point
Configuration 1: ICP deployment and SOA services on-premise
Our target deployment is illustrated in the figure below:
The light blue area represents on-premise servers, while the green area represents the IBM Cloud Private, kubernetes cluster.
- On the left side, the Portal cloud native webapp was first developed as Angular / nodejs app, using cloud foundry deployment model. The new approach was to externalize the configuration outside of cloud foundry and package the application as docker container. This approach helps to deploy the application on any environment in a control manner. For the web app deployment follow the step by step tutorial.
- API Gateway on ICP
- Inventory data access layer on ICP
- Decision for product recommendation with Operational Decision Management on ICP
The second Datapower gateway is used to present 'System' APIs. (see this redbook "A practical Guide for IBM Hybrid Integration Platform" for detail about this clear APIs separation)
The gateway flow, deployed on IIB, is doing the REST to SOAP interface mapping: this configuration illustrates deep adoption of the ESB pattern leveraging existing high end deployments, scaling both horizontally and vertically. In this model the concept of operation for mediation and integration logic development and deployment are kept.
If you want to review each on-premise component, their descriptions are below: API Connect - Inventory product Gateway flow in integration broker SOAP service for data access Layer running on premise Inventory database on DB2 server
Configuration 2: Only Cloud native application on ICP
This is the simplest deployment where only the cloud native web application (the 'case' portal) is deployed. It still accesses the back end services via API Connect running on-premise. All other components run on-premise. The figure below illustrates this deployment:
Configuration 3: API runtime on ICP
The goal for this configuration is to deploy Data power gateway to IBM cloud private and deploy the interaction API products on it. The API product definition is split into interaction APIs and system APIs.
The steps are:
1. Modify the webapp configuration to use a different URL for the gateway flow: The settings is done in the values.yaml in the chart folder of the case portal app
1. Deploy webapp to ICP following the tutorial as seen in configuration 1
1. Deploy API Connect gateway from ICP Catalog using this tutorial
1. Deploy the api product to the new gateway.
Configuration 4: Integration Bus as micro flow running in ICP
This configuration is using integration components on premise and the other more lightweight components on ICP, and add a micro-service for integration as introduced in this article using a message flow deployed on IIB runninig in ICP.
This approach leverages existing investment and IIB concept of operation, and IBM Datapower for security and API gateway. This approach has an impact on the way to manage application inside IIB. Instead of deploying multiple applications inside one instance of IIB, we are packaging the app and IIB runtime into a unique container to deploy in pods and facilitate horizontal scaling. The vertical scaling delivered out of the box in IIB is not leveraged.
- Deploy webapp to ICP follows this tutorial
- Deploy Java application running on Liberty read this tutorial)
- Deploy IBM Integration Bus read this tutorial
- Deploy API Connect gateway from ICP Catalog using this tutorial
- Deploy the api product to the new gateway.
Use ICP Catalog
All component of the solution we can deploy to ICP are packaged as helm chart, and centralized in the docs/charts folder of this repository. Using the ICP admin console you can get the list of repositories using the Manage > Helm Repositories menu:
You can add a new repository, and with the Sync repositories button the Helm catalog is modified with the new images.
When you add new application / package you need to update your private catalog index.yaml file. The index.yaml file describes how your applications is listed in the ICP Application Center:
$ curl get -k https://9.19.34.107:8443/helm-repo/charts/index.yaml $ helm repo index --merge index.yaml