To build your DataPower® Docker image, you
must develop the configuration for your application. The easiest method is in the Docker containers
on your workstation.
Before you begin
Before you can build and deploy a DataPower Docker application, create an export package with the
DataPower configuration for the DataPower Docker image. You can create and export the DataPower
configuration on a DataPower appliance or virtual DataPower offering.
You can create the DataPower configuration by using the DataPower GUI, CLI, or other management
interface, which can be importing an existing export package from a secure server. During the import
operation, you can use a deployment policy with deployment policy variables to modify the
configuration in the export package. The resultant and exported configuration is to be the explicit
configuration for your DataPower Docker application.
The defined and imported configuration is restricted to features supported by DataPower for
Docker. If you create an export package from another DataPower offering that has features
unsupported by DataPower Gateway for
Docker, these features are unavailable. For more
information, see Managing add-on features for a DataPower Docker image.
The easiest way to export and import packages is through the DataPower GUI, but you can use the
DataPower backup command to do an export.
Procedure
- Download the version-specific DataPower firmware image from the read-only IBM Container
Registry, which is also known as the IBM
container software library.
- Create a clean working directory with the config,
local, and certs subdirectories. These subdirectories are
mounted inside the container to extract the application’s configuration. For more information, see
Directories in a DataPower Docker image.
- Grant full permission to make sure that everyone can access these subdirectories.
chmod -R 777 config local certs
- Start the container. The following snippet is the minimal set of parameters. For more
information, see Environment variables and drouter arguments and a DataPower Docker image.
docker run -it --name name \
-v $(pwd)/config:/opt/ibm/datapower/drouter/config \
-v $(pwd)/local:/opt/ibm/datapower/drouter/local \
-v $(pwd)/certs:/opt/ibm/datapower/root/secure/usrcerts \
-e DATAPOWER_ACCEPT_LICENSE="true" \
-e DATAPOWER_INTERACTIVE="true" \
-p 9090:9090 \
tag
Where name is the name of the container, and
tag is generally in the
registry-path:version.build-edition
format.
- Configure access to the DataPower GUI.
# configure terminal
# web-mgmt
# admin-state "enabled"
# exit
- Access the DataPower Gateway to import the export package that
contains your DataPower configuration.
- To start a GUI session, enter https://localhost:9090 as the URL in
your browser.
- To start a CLI session, use the docker attach command.
- After you write and test your configuration, save everything to your mounted
volumes.
- In the GUI, click Save.
- In the CLI, issue the write memory command.
- Stop the DataPower container, where name is the name of the
container.
- Change ownership of files owned by root.
chown -R $USER:$USER config local certs
- Create the Dockerfile for the DataPower Docker image. The following snippet is the most
basic Dockerfile.
FROM tag
COPY config /opt/ibm/datapower/drouter/config
COPY local /opt/ibm/datapower/drouter/local
COPY certs /opt/ibm/datapower/root/secure/usrcerts
USER root
RUN chown -R drouter:root /opt/ibm/datapower/drouter/config \
/opt/ibm/datapower/drouter/local \
/opt/ibm/datapower/root/secure/usrcerts
RUN set-user drouter
USER drouter
- With your Dockerfile, build your DataPower Docker image, where
my-image is the name that differentiates various DataPower Docker images in your
repository.
docker build . -f Dockerfile -t my-image
- Use the docker push command to upload the DataPower Docker image to
your repository.