Thursday, 26 October 2017

IBM API Connect and IBM DataPower Gateway - The Fun Continues

As per previous posts, I'm continuing to enjoy the voyage of discovery that is IBM API Connect (APIC) and IBM DataPower Gateway (IDG).

This time it's me trying to understand (a) why things aren't properly working and (b) how APIC drives IDG

Thus far, I've discovered that API connects to the XML Management Interface on the IDG, and creates a new Domain ( with a semi-random name prefixed by APIMgmt_e.g. APIMgmt_BF8B3A8C34 ), and then creates a pair of Multiprotocol Gateways (MPG), named webapi-internal and webapi.

All seems fine but ….

I'm seeing this in the IDG logs: -

1,20171026T152710.907Z,APIMgmt_BF8B3A8C34,network,error,xmlmgr,webapi-wcc,36511,,,0xb30009,,,"Host connection could not be established"
1,20171026T152710.907Z,default,network,error,,,1759,,,0x80e00173,,,"TCP connection attempt refused from 127.0.0.1 to 127.58.140.52 port 2444"
1,20171026T152710.907Z,APIMgmt_BF8B3A8C34,network,error,xmlmgr,webapi-wcc,36511,,,0x80e00049,,,"Host connection failed to establish: 127.58.140.52 : tcp port 2444"
1,20171026T152710.907Z,APIMgmt_BF8B3A8C34,network,error,,,36511,,,0x80e00627,,,"Error occurred (port error) when connecting to URL 'http://127.58.140.52:2444/ODCInfo/ODCInfo?c=analytics-lb'"
1,20171026T152710.907Z,APIMgmt_BF8B3A8C34,wcc,warn,wcc-service,webapi-wcc,36511,,,0x80e0053c,,,"Request for WebSphere Cell information failed: Empty result set"


which is weird because my IDG has a static IP address of 192.168.1.200.

( How I got that address is a whole other blog post - ask me about VMware, Bridged networking and DHCP ! )

So I dug further into the configuration, via the IDG UI: -


and then searched for that particular IP address - 127.58.140.52 - which occurred in three places: -





So I dug into the configuration further: -


and found this: -


I changed the address to the correct address of the IDG ( yes, and I've NO idea why APIC / IDG things that we have a WebSphere Application Server (WAS) cell in the mix )….

I'm not yet fully there … but I'm learning as I go.

For the record, I did some other tinkering to IDG: -

Add hostname aliases for the APIC Management and Developer Portal boxes

config; dns; static-host management.uk.ibm.com 192.168.1.150; static-host portal.uk.ibm.com 192.168.1.151; static-host datapower.uk.ibm.com 192.168.1.200; exit; write mem; exit;

config; dns; show; exit; exit

Global configuration mode
Modify DNS Settings configuration

 admin-state enabled 
 name-server 8.8.8.8 53 53 3 
 static-host datapower.uk.ibm.com 192.168.1.200 "" 
 static-host localhost 127.0.0.1 "" 
 static-host management.uk.ibm.com 192.168.1.150 "" 
 static-host portal.uk.ibm.com 192.168.1.151 "" 
 force-ip-preference off 
 load-balance round-robin 
 retries 2 
 timeout 5 Seconds


test tcp-connection management.uk.ibm.com 443

TCP connection successful

test tcp-connection portal.uk.ibm.com 443

TCP connection successful

test tcp-connection datapower.uk.ibm.com 8443

TCP connection successful

Check the internal IDG load balancers

config; show domains

 Domain             Needs save File capture Debug log Probe enabled Diagnostics Command Quiesce state Interface state Failsafe mode 
 ------------------ ---------- ------------ --------- ------------- ----------- ------- ------------- --------------- ------------- 
 APIMgmt_BF8B3A8C34 off        off          off       off           off                               ok              none          
 default            off        off          off       off           off                               ok              none          


switch domain APIMgmt_BF8B3A8C34

show loadbalancer-st

 Group        Host          Port Operational state Weight Administrative state 
 ------------ ------------- ---- ----------------- ------ -------------------- 
 analytics-lb 192.168.1.150 9443 up                20     enabled              
 mgmt-lb      192.168.1.150 0    up                20     enabled              




7 comments:

Unknown said...

after making the changes in Datapower , how we can import the same to APIM (i.e how to add APIM DP domain into APIM CMC)

Dave Hay said...

Morning Prudhvi

Thanks for your comment. You can add the DataPower Service via the Cloud Manager, under the Services tab.

So, open a browser to the CM URL e.g. https://192.168.1.150/cmc and then navigate to Services ( https://192.168.1.150/cmc/#/cloud/servers ).

This has an 'Add Server' button, where you can enter the details of the IBM DataPower Gateway (IDG), and also configure ( or delete ) any existing Gateway Service.

These URLs may be of some use: -

https://www.ibm.com/support/knowledgecenter/en/SSMNED_5.0.0/com.ibm.apic.cmc.doc/con_cmc_overview.html

https://www.ibm.com/support/knowledgecenter/en/SSMNED_5.0.0/com.ibm.apic.cmc.doc/env_manage.html

Cheers, Dave

Unknown said...

Dave - Thank you very much for your suggestion.
Just want to brief about my problem --
I am using APIM -5.0.8.1 and Data Power- 7.6.0.4 , When i am trying to add Data power gateway service in APIM CMC, it was Errored.

When i look at the Datapower logs, observed that the same issues you have explained in the blog. I have modified as per your suggestion.

I tried to edit the added server but still errored. Since its errored i cant able to restart or reboot DP Servers. When i choose the delete server option it was deleting the Domain in DP it was created for APIM.

Please suggest me how to import the modified version of APIM DP domain into CMC portal / Add DP servers / or any other way to get rid off those errors and add servers successfully/

Appreciate your help.

Dave Hay said...

Hi Prudhvi

Thanks for the comment.

As far as I'm aware, configuring the DP server/service within the APIC Cloud Manager publishes the resulting DP domain to the DP appliance itself.

Therefore, if needed, you can remove the domain(s) from the appliance, using the DP admin UI, and then create a new server/domain within APIC.

Cheers, Dave

Unknown said...

Dear, i too facing the same issue, tried to delete and add multiple times but no luck. I have assigned 8GB memory to each DPG and APIConneAp

Unknown said...

Issue resolved :-)

Dave Hay said...

Hi Unknown, good to hear !

Note to self - use kubectl to query images in a pod or deployment

In both cases, we use JSON ... For a deployment, we can do this: - kubectl get deployment foobar --namespace snafu --output jsonpath="{...