DataPower Gateway for Linux

DataPower® Gateway for Linux® is installed from RPM packages.

The DataPower Gateway runs as an application on a Linux host. The DataPower Gateway requires exclusive access to some host resources. You can control the interaction by configuring the datapower.conf file.

Resource requirements on Linux hosts

To install the DataPower Gateway, the host must meet the following requirements.
  • To install the RPM packages, the host must be running a supported 64-bit version of Linux.
  • 2 GiB of free storage must be available on /opt.
  • 5 GiB of free storage must be available on /var.
  • At least 2 free loop devices are required, with an additional 1 loop device if RAID storage is used.
  • RAID storage, if used, must be configured in the datapower.conf file.
The absolute minimum resource allocation depends on expected workload and edition. After deployment, you can increase resource settings to meet workload requirements.
  • For DataPower Gateway without API workload, the minimum resource allocation is 4 virtual processors (vCPU) and 4 GB RAM.
  • For DataPower Gateway with API workload, the minimum resource allocation is 4 vCPU and 8 GB RAM independent of edition.

The datapower.conf file

The DataPower Gateway reads the /opt/ibm/datapower/datapower.conf file on startup. The file sets attributes for features such as local: and config: directory mapping, RAID configuration, and standalone standby control.

Use of the datapower.conf file is accomplished with the removal or presence of directives. In the file content, sections of self-explanatory comments refer to a directive that is prevented from being enacted by the presence of # as first character of a line. Editing the file to remove this character from the directive results in a configuration change to the DataPower Gateway when the datapower.conf file is read. For changes from the file to take effect, the DataPower Gateway must be restarted. The usage of the parameters in the datapower.conf file is as follows:

Enable or disable high availability managed by the DataPower Gateway
EnableStandbyControl=[true|false]
  • When true, the following conditions apply.
    • You cannot have a firewall on the Linux host.
    • The DataPower Gateway is in complete control of the iptables and ip_vs kernel subsystems.
    • The DataPower Gateway creates a network interface for each standby control group.
    • Self-balancing, which requires the Application Optimization feature, is available but unsupported.
  • When false, the following conditions apply. This setting is the default value.
    • Standby control is unavailable.
    • The DataPower Gateway does not modify the iptables and ip_vs kernel subsystems.
    • The DataPower Gateway does not create a network interface for each standby control group.
Specify the device to be used for a RAID volume
DataPowerRaidDevice=device_name
Either an image file or a user-defined block device, which on Docker it is known as a host device, can be used for a RAID volume. To enable RAID function, uncomment this line and specify the device name.
Specify the number of CPUs that are allocated
DataPowerCpuCount=number
The directive informs the DataPower Gateway how many CPUs to expect to use. If specified, DataPower acts as though it is running on a host with the specified number of CPUs. If not specified, the DataPower Gateway tunes itself to use all available CPUs. The entry is useful whenever the DataPower Gateway is not the only application on a host and is routinely needed when the DataPower Gateway is running in Docker.
Specify the limit of usable memory
DataPowerMemoryLimit=memory_limit
By default, the DataPower Gateway assumes that all available memory is dedicated to it. Specifying DataPowerMemoryLimit allows the DataPower Gateway to better coexist with other applications. If the specification is less than the minimum 4096 MiB, then 4096 MiB is used. If the specification is greater than total memory available to the system, then the host system's total memory is used. The entry is useful whenever the DataPower Gateway is not the only application on a host and is routinely needed when the DataPower Gateway is running in Docker.
Specify external directory access
DataPowerConfigDir=path
DataPowerLocalDir=path
DataPower Gateway for Linux allows external access to the contents of the local: and config: directories by mapping the DataPower firmware file system to user-specified directories in Linux file system.
  • If enabled, the DataPower Gateway reads and writes to the specified Linux directories.
  • If not enabled, the DataPower Gateway reads and writes to the config: and local: directories from its own file system.
Directory mapping can impact your workflow.
  • You can use any DataPower management interface to save changes externally.
  • You can enforce version control on file changes that are reflected in the local: and config: directories.
  • The mapped config: directory is used for configuration files.
  • The mapped local: directory is used for configuration artifacts such as stylesheet and DataPower Gateway files.
Specify the primary disk device size for the encrypted /var file system
DataPowerImageSize=disk_space
The minimum free disk space is sufficient for basic operations of the DataPower Gateway but does not support large configurations or disk-space intensive operations such as firmware upgrades. The maximum supported disk size is 16 GiB. Attempts to decrease the disk size are ignored. You can specify the value in bytes, KiB, MiB, or GiB. The following declarations set the disk size to 8 GiB.
  • DataPowerImageSize=8589934592
  • DataPowerImageSize=8388608K
  • DataPowerImageSize=8192M
  • DataPowerImageSize=8G
Accept the terms of the license agreements
DataPowerAcceptLicense=[true|false]
  • When true, the acceptance of the terms of the license agreements is automatic.
  • When false, you must access the DataPower GUI to accept the terms of the license agreements. This setting is the default value.

What running as an application means

When the DataPower Gateway runs as an application on Linux hosts, the following accommodations apply.
  • The DataPower Gateway runs as root.
  • Depending on the host, the DataPower Gateway is controlled with different commands.
    • When installed from RPM packages, the DataPower Gateway daemon is controlled with the systemctl command.
    • On Docker, the DataPower Gateway is started with the datapower-launch command.
  • The DataPower Gateway inherits many settings and some configuration from the operating system.
    • DNS settings are inherited. You cannot modify the inherited DNS configuration in DataPower, you can modify it only in the host. For more information, see DNS settings and DataPower Gateway for Linux.
    • The host name is inherited. The host name is the system identifier for the DataPower Gateway in system settings. If you attempt to change the system identifier, the change is silently ignored.
    • Time management is handled by the operating system. Time and date settings are not available on the DataPower Gateway.
    • Network interfaces are used as they are found. The Ethernet, VLAN, and link aggregation interfaces are not available for configuration in the DataPower Gateway.
    • Host aliases are created from the network interfaces that are defined in the operating system. The name for each host alias uses the ethernet_version_n format and its value is the original IP address from the operating system. For example, eth0_ipv4_1 is the host alias that is created for the first IP address on eth0 that uses IPv4.
  • Sysplex target control service is not available.
  • The installation wizard, started with the startup command, is not available.

DataPower Gateway for Docker compared to DataPower Gateway for Linux

Although DataPower Gateway for Linux can run inside a Docker container, DataPower Gateway for Docker is more flexible, less resource intensive, requires fewer privileges, and requires less preparation work than DataPower Gateway for Linux. Therefore, DataPower Gateway for Docker is the preferable approach to deploy a DataPower Gateway in a Docker container.