White Papers
Abstract
This tutorial series explains how to configure and use the GitOps objects within an IBM DataPower Gateway. GitOps objects are used to manage, version, and propagate the configuration of one or more IBM DataPower Gateway domains. This tutorial describes the functions, structure, and capabilities of GitOps, as implemented in firmware release 10.6.0. In Part 1, you learn how to configure GitOps and perform basic Reads and Writes.
Content
Introduction
DataPower integration with Git is provided at domain level with a suite of GitOps objects. GitOps converts persisted configuration within a domain to JSON, and operates on the converted document by using JSONata queries and transforms. GitOps performs Git pulls, adds, commits, and templating on DataPower.
One or more domains and templates can be sourced within the repository from any number of DataPower Gateways. The repository takes the following form.
/datapower
├── domain1
│ ├── config
│ └── local
├── domain2
│ ├── config
│ └── local
└── templates
Configuring the GitOps object
Within each domain, a new GitOps domain singleton object is created. This object contains the configuration for the following purposes.
- Connect the domain with a Git repository and branch.
- Identify the mode of operation (read-only or read/write)
- Identify the user who is attached to commits from this domain in read/write mode.
- Supply credentials for authentication and verification to the repository
- List the templates by name for GitOps read and write operations.
GitOps actions
After configuration, the GitOps object provides two actions, which are responsible for the following purposes.
- Push domain configuration as JSON to the source repository along with all allowed content within the domain's
local:directory. - Pull domain configuration from the source repository, commit the objects to the domain, and update all content within the domain’s
local:directory.
The respective behavior is triggered by each of the following action objects.
GitOps Write (gitops-write)
GitOps Write is an action object responsible for taking persisted configuration on the domain and writing Git source. The location, branch, @git.user, and @git.email configured on the GitOps object dictates where and how GitOps Write writes. Optionally, GitOps Write can also templatize values specified each template-policy configured on the GitOps object.
The configuration is stored within the /datapower/<domain_name>/config/<domain_name>.cfg.json location on the Git repository. The configuration files take the following JSON form.
{
"@build": "rel-10-5-3-branch",
"@timestamp": "Wed Nov 31 12:00:00 2023",
"configuration": [
{
"CLASS_NAME": {
"@name": "OBJECT_NAME",
"PROPERTY1": "PROPERTY1_VALUE",
"PROPERTY2": {
"SUBPROP": "SUBPROP_VALUE"
},
"PROPERTY3": [
"VECTORPROP_VALUE1",
"VECTORPROP_VALUE2"
]
}
},
. . .
]
}GitOps Read (gitops-read)
GitOps Read is an action object responsible for pulling the latest configuration and templates from Git based on the GitOps object configuration. The source is pulled from the location and branch at the HEAD, tag, or specific commit hash configured on the GitOps object. The templated values from the inbound JSON are then resolved. The executable configuration is placed into the tracked location of a configuration sequence to be committed and persisted to the domain’s configuration.
Was this topic helpful?
Document Information
More support for:
IBM DataPower Gateway
Component:
DataPower
Software version:
10.5.3
Document number:
7085880
Modified date:
13 June 2024
UID
ibm17085880