Topic
  • 11 replies
  • Latest Post - ‏2013-11-04T18:59:54Z by JoeMorganNTST
jsflover
jsflover
6 Posts

Pinned topic managing configuration of datapower manually as opposed to using wizards

‏2013-11-01T19:49:45Z |

I was wondering if there is a way we can use manage configuration of datapower manually for example use xml or xslt as opposed to using wizards. We have dp 4.03 and to configure all the objects using wizards is a lot of work. If i can use xml or combination of xml and xslt to create objects and setting up of everything that will be desirable as opposed to using wizards...

I was told in certain case there is one xml file that has everything and that can be used to drive everything as opposed to using configuration for each objects of datapower. Any example/ links would be appreciated

 

 

thanks in advance.

Updated on 2013-11-01T19:51:01Z at 2013-11-01T19:51:01Z by jsflover
  • JoeMorganNTST
    JoeMorganNTST
    427 Posts

    Re: managing configuration of datapower manually as opposed to using wizards

    ‏2013-11-01T20:34:35Z  

    There are many ways to configure DataPower.  I think you're referring to the XML Management Interface, though.  The XML file to which you are referring may be in the store directory with names beginning with "xml-mgmt"

     

  • jsflover
    jsflover
    6 Posts

    Re: managing configuration of datapower manually as opposed to using wizards

    ‏2013-11-02T01:01:46Z  

    There are many ways to configure DataPower.  I think you're referring to the XML Management Interface, though.  The XML file to which you are referring may be in the store directory with names beginning with "xml-mgmt"

     

    Thanks for replying replying back. Can we use xml management interface to create objects such as mpg, web services proxy and all its children objects as well. I was talking to someone who has done implementations before and he told me that lot of customers who do not have wsrr usually have some sort of an xml file or xslt file that holds all services in it for example their gateway configurations will be in this file. This way they would upload this file to the datapower box and set up the gateway configurations...In our implementation we have lots of web services that need to be configured and we need a common gateway that would inspect the incoming request and do some validations and then call the web services proxies based on some meta data in the request.  we are thinking of having one mpg in dmz and another mpg in the trusted domain and bunch of wsps in trusted domain that would interface with the web services. I was told one way to build this type of configuration is to use the wizard that would be time consuming, the other way would be to have a xml file that could contain all these configurations and we can deploy that to the box. I just wanted to know if that is correct approach since we do not have wsrr in our shop. 

     

    thanks in advance.

    Updated on 2013-11-02T01:02:37Z at 2013-11-02T01:02:37Z by jsflover
  • kenhygh
    kenhygh
    2087 Posts

    Re: managing configuration of datapower manually as opposed to using wizards

    ‏2013-11-03T12:58:54Z  
    • jsflover
    • ‏2013-11-02T01:01:46Z

    Thanks for replying replying back. Can we use xml management interface to create objects such as mpg, web services proxy and all its children objects as well. I was talking to someone who has done implementations before and he told me that lot of customers who do not have wsrr usually have some sort of an xml file or xslt file that holds all services in it for example their gateway configurations will be in this file. This way they would upload this file to the datapower box and set up the gateway configurations...In our implementation we have lots of web services that need to be configured and we need a common gateway that would inspect the incoming request and do some validations and then call the web services proxies based on some meta data in the request.  we are thinking of having one mpg in dmz and another mpg in the trusted domain and bunch of wsps in trusted domain that would interface with the web services. I was told one way to build this type of configuration is to use the wizard that would be time consuming, the other way would be to have a xml file that could contain all these configurations and we can deploy that to the box. I just wanted to know if that is correct approach since we do not have wsrr in our shop. 

     

    thanks in advance.

    You can create the XML Management interface to create any configuration object.

    It is TONS harder than doing it from the GUI.

    What you're talking about is a framework of configuration objects (MPGWs, WSPs, etc) and XSL stylesheets that implement what you want done. I've done this at several customers, but one main requirement: most of the services more-or-less are similar. You don't have wildly different protocols, payloads, security methods, etc.

    And you still create the config objects in the GUI.

  • jsflover
    jsflover
    6 Posts

    Re: managing configuration of datapower manually as opposed to using wizards

    ‏2013-11-03T20:28:10Z  
    • kenhygh
    • ‏2013-11-03T12:58:54Z

    You can create the XML Management interface to create any configuration object.

    It is TONS harder than doing it from the GUI.

    What you're talking about is a framework of configuration objects (MPGWs, WSPs, etc) and XSL stylesheets that implement what you want done. I've done this at several customers, but one main requirement: most of the services more-or-less are similar. You don't have wildly different protocols, payloads, security methods, etc.

    And you still create the config objects in the GUI.

    Thanks for your reply appreciate your answer. Yes, that's exactly what I need to do. Our requirements is very much like what you described which is services are very similar. Can you please tell me how I can implement it. I am very new to datapower so any link/red paper/etc you can share will be very appreciated

     

    thanks in advance and much appreciated!!!

  • kenhygh
    kenhygh
    2087 Posts

    Re: managing configuration of datapower manually as opposed to using wizards

    ‏2013-11-03T21:58:56Z  
    • jsflover
    • ‏2013-11-03T20:28:10Z

    Thanks for your reply appreciate your answer. Yes, that's exactly what I need to do. Our requirements is very much like what you described which is services are very similar. Can you please tell me how I can implement it. I am very new to datapower so any link/red paper/etc you can share will be very appreciated

     

    thanks in advance and much appreciated!!!

    Well ... this is a service we sell at IBM.

    If you're new to DataPower, I suggest you 1) get education. It is by far the most cost-effective way to get up on DataPower, and 2) engage professional services to get you off to a fast start.

     

  • JoeMorganNTST
    JoeMorganNTST
    427 Posts

    Re: managing configuration of datapower manually as opposed to using wizards

    ‏2013-11-04T15:07:57Z  
    • jsflover
    • ‏2013-11-03T20:28:10Z

    Thanks for your reply appreciate your answer. Yes, that's exactly what I need to do. Our requirements is very much like what you described which is services are very similar. Can you please tell me how I can implement it. I am very new to datapower so any link/red paper/etc you can share will be very appreciated

     

    thanks in advance and much appreciated!!!

    It sounds to me like you need to 1) Build the initial services via the GUI, and 2) Learn how to create reusable services and objects, and 3) learn how to create deployment policies.  #3 would probably help you the most, as you could export an existing service or set of services and then re-import them using a deployment policy that changes, creates, or removes those things that do not apply to the import.

     

  • jsflover
    jsflover
    6 Posts

    Re: managing configuration of datapower manually as opposed to using wizards

    ‏2013-11-04T16:22:08Z  

    It sounds to me like you need to 1) Build the initial services via the GUI, and 2) Learn how to create reusable services and objects, and 3) learn how to create deployment policies.  #3 would probably help you the most, as you could export an existing service or set of services and then re-import them using a deployment policy that changes, creates, or removes those things that do not apply to the import.

     

    thanks a lot Joe for your reply and direction. This is exactly what I needed in terms of a roadmap to design the solution. Really appreciate your help. Its always good to hear from real professional guys who are ready to help customers and not trying to sell services.

     

    Joe I have created the initial services using GUI. I am assuming deployment policies would take care of whether environment is dev, uat or production. Do you recommend any books/links that talks about how to create reusable services and objects and deployment policies.

     

    Again Thanks a lot!! Joe

  • JoeMorganNTST
    JoeMorganNTST
    427 Posts

    Re: managing configuration of datapower manually as opposed to using wizards

    ‏2013-11-04T16:56:51Z  
    • jsflover
    • ‏2013-11-04T16:22:08Z

    thanks a lot Joe for your reply and direction. This is exactly what I needed in terms of a roadmap to design the solution. Really appreciate your help. Its always good to hear from real professional guys who are ready to help customers and not trying to sell services.

     

    Joe I have created the initial services using GUI. I am assuming deployment policies would take care of whether environment is dev, uat or production. Do you recommend any books/links that talks about how to create reusable services and objects and deployment policies.

     

    Again Thanks a lot!! Joe

    Deployment policies are generally pretty easy.  The builder in DataPower is very, very flexible and gives you a *lot* of power with very little effort.
     
    What I recommend you do is create the deployment policy on the *importing* appliance/domain.  So, in a perfect world, you'd have a DEV appliance and a UAT appliance.  When moving your services from DEV to UAT, you'd want the deployment policy in UAT to receive from DEV.  Likewise for production.  When you move from UAT to production, the deployment policy on the production appliance ensures your configuration is correct there.
     
    You're not required to do it that way, but I've found doing it that way allows deployment imports from DEV or UAT (not that you'd *want* to do it that way, but you never know).  You can have your deployment policy on the "exporting" appliance/domain, and that works too, but it is a little more difficult to build.
     
    For general practice stuff, I find this forum and the IBM online help to be the best place to find help and direction.  There are a number here that work for IBM and some that actually support DataPower.  There aren't too many talking about the practice of reusable objects, though DataPower allows this, but it isn't so easily done using what we refer to as the "top down" approach.  It might take a bit to understand how each of the objects are created, and then realizing how they can be reused.
     
    For the moment, though, it sounds like you're on track with deployment policies.  With all of this said, I realize you said you're on 4.03.  I honestly don't remember if 4 had them, but I believe they do.  Is there any reason why you can't move to 5 or 6?
  • jsflover
    jsflover
    6 Posts

    Re: managing configuration of datapower manually as opposed to using wizards

    ‏2013-11-04T17:17:16Z  
    Deployment policies are generally pretty easy.  The builder in DataPower is very, very flexible and gives you a *lot* of power with very little effort.
     
    What I recommend you do is create the deployment policy on the *importing* appliance/domain.  So, in a perfect world, you'd have a DEV appliance and a UAT appliance.  When moving your services from DEV to UAT, you'd want the deployment policy in UAT to receive from DEV.  Likewise for production.  When you move from UAT to production, the deployment policy on the production appliance ensures your configuration is correct there.
     
    You're not required to do it that way, but I've found doing it that way allows deployment imports from DEV or UAT (not that you'd *want* to do it that way, but you never know).  You can have your deployment policy on the "exporting" appliance/domain, and that works too, but it is a little more difficult to build.
     
    For general practice stuff, I find this forum and the IBM online help to be the best place to find help and direction.  There are a number here that work for IBM and some that actually support DataPower.  There aren't too many talking about the practice of reusable objects, though DataPower allows this, but it isn't so easily done using what we refer to as the "top down" approach.  It might take a bit to understand how each of the objects are created, and then realizing how they can be reused.
     
    For the moment, though, it sounds like you're on track with deployment policies.  With all of this said, I realize you said you're on 4.03.  I honestly don't remember if 4 had them, but I believe they do.  Is there any reason why you can't move to 5 or 6?

    Thanks Joe again for your detailed explanation and in depth knowledge. Yes I believe 4.0.x does have deployment policies I will try it for sure. We are going to migrate to 5 or 6 soon. Its just that we have so many environments that we need to plan it accordingly. We have it on our road map for first quarter of next year.

     

    Thanks again for your help...

  • jsflover
    jsflover
    6 Posts

    Re: managing configuration of datapower manually as opposed to using wizards

    ‏2013-11-04T17:20:41Z  
    Deployment policies are generally pretty easy.  The builder in DataPower is very, very flexible and gives you a *lot* of power with very little effort.
     
    What I recommend you do is create the deployment policy on the *importing* appliance/domain.  So, in a perfect world, you'd have a DEV appliance and a UAT appliance.  When moving your services from DEV to UAT, you'd want the deployment policy in UAT to receive from DEV.  Likewise for production.  When you move from UAT to production, the deployment policy on the production appliance ensures your configuration is correct there.
     
    You're not required to do it that way, but I've found doing it that way allows deployment imports from DEV or UAT (not that you'd *want* to do it that way, but you never know).  You can have your deployment policy on the "exporting" appliance/domain, and that works too, but it is a little more difficult to build.
     
    For general practice stuff, I find this forum and the IBM online help to be the best place to find help and direction.  There are a number here that work for IBM and some that actually support DataPower.  There aren't too many talking about the practice of reusable objects, though DataPower allows this, but it isn't so easily done using what we refer to as the "top down" approach.  It might take a bit to understand how each of the objects are created, and then realizing how they can be reused.
     
    For the moment, though, it sounds like you're on track with deployment policies.  With all of this said, I realize you said you're on 4.03.  I honestly don't remember if 4 had them, but I believe they do.  Is there any reason why you can't move to 5 or 6?

    can you please explain what do you mean by top down approach any example you can provide will be really helpful...thanks a lot

  • JoeMorganNTST
    JoeMorganNTST
    427 Posts

    Re: managing configuration of datapower manually as opposed to using wizards

    ‏2013-11-04T18:59:54Z  
    • jsflover
    • ‏2013-11-04T17:20:41Z

    can you please explain what do you mean by top down approach any example you can provide will be really helpful...thanks a lot

    Top down is what you do when you go through the GUI and build, say, a Web Services proxy or Multi-Protocol Gateway via the links on the appliance's control panel (exempt from appliances not having those links, such as the XB6x, XC10, etc.).

    Building a basic Web Service Proxy takes little more than locating a WSDL and clicking on a few links and buttons.  But, open up a Web Service Proxy, then click on, "View Status", and you'll see a 55 gallon drum of stuff that was created for you.  It's good that this displays the objects in hierarchical ownership view,. because it perfectly illustrates the "Top Down" vs "Bottom Up" approach.

    You can create all of these objects from the "bottom up" and then associating the objects with those that own it, but that process takes a real in-depth knowledge about what you need to create.

    But this takes us back to the idea that you can create reusable objects.  The Top-Down approach doesn't offer many direct opportunities to "re-use" stuff other than XML Managers, Monitoring Objects and SSL Proxy Profiles.  However, if you take it from the "bottom-up", you can name these objects anything you like and re-use them as many times as you like.

    For example, after you create 10 web service proxies from the top-down, you'll have 10 matching objects that match a URL of "*".  If you used the bottom-up approach, you could have a single "Match All" object for the whole domain.  I will say, though, I haven't had too many cases where this became a big problem.

    Reusing objects can be very useful, but you really have to know what you're doing, and your productivity with DataPower will generally be slow.  I would suggest sticking with the Top-Down until you realize that you're having to make individual but otherwise identical changes to multiple services because something somewhere changed that all of these services utilize, in-common. 

    Another case, in point, is if you create an XML FW that you later want to be an MPG.  You can move most of what you created over (and you can ask us at that time how to accomplish it).  At that time, you'll begin to appreciate that DataPower does enable you to reuse things.

     

     

    Updated on 2013-11-04T19:02:59Z at 2013-11-04T19:02:59Z by JoeMorganNTST