Following my earlier post: -
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b46395546542 ibmcom/datapower "/bin/drouter" 35 minutes ago Up 35 minutes k8s_ibm-datapower-dev_davehayidg-ibm-datapower-dev-585554d78c-pzbcj_default_211ade0c-efe0-11e7-93d6-000c29651885_0
7a81a4f421ab ibmcom/pause:3.0 "/pause" 35 minutes ago Up 35 minutes k8s_POD_davehayidg-ibm-datapower-dev-585554d78c-pzbcj_default_211ade0c-efe0-11e7-93d6-000c29651885_0
1a9a6536444e websphere-liberty "/opt/ibm/docker/doc…" About an hour ago Up About an hour k8s_ibm-websphere-liberty_davehaywlp-ibm-websphere-689cfdbb6c-ffq75_default_a8e5ac8e-efdb-11e7-93d6-000c29651885_0
0e8f9dbb49b9 ibmcom/pause:3.0 "/pause" About an hour ago Up About an hour k8s_POD_davehaywlp-ibm-websphere-689cfdbb6c-ffq75_default_a8e5ac8e-efdb-11e7-93d6-000c29651885_0
a77aee47c7fb bb4a6b774658 "/bin/node_exporter …" 3 days ago Up 3 days k8s_nodeexporter_monitoring-prometheus-nodeexporter-amd64-x5268_kube-system_ce4afa9c-ecc7-11e7-93d6-000c29651885_0
4494b0042b5d ibmcom/pause:3.0 "/pause" 3 days ago Up 3 days k8s_POD_monitoring-prometheus-nodeexporter-amd64-x5268_kube-system_ce4afa9c-ecc7-11e7-93d6-000c29651885_0
4ef59603592a 56354bef6b82 "/bin/sh -c /startup…" 3 days ago Up 3 days k8s_metering-reader-amd64_metering-reader-amd64-qf472_kube-system_8697c507-ecc7-11e7-93d6-000c29651885_0
852b06a7a54c ibmcom/pause:3.0 "/pause" 3 days ago Up 3 days k8s_POD_metering-reader-amd64-qf472_kube-system_8697c507-ecc7-11e7-93d6-000c29651885_0
261e111c20c2 af80995a4fcf "filebeat -e" 3 days ago Up 3 days k8s_filebeat_filebeat-ds-amd64-x5bsp_kube-system_6e494fa5-ecc7-11e7-93d6-000c29651885_0
40767f0230db ibmcom/pause:3.0 "/pause" 3 days ago Up 3 days k8s_POD_filebeat-ds-amd64-x5bsp_kube-system_6e494fa5-ecc7-11e7-93d6-000c29651885_0
fee15f1d965a 88ca805c8ddd "/install-cni.sh" 3 days ago Up 3 days k8s_install-cni_calico-node-amd64-2d2hk_kube-system_95bdffaa-ecc6-11e7-93d6-000c29651885_0
2b89043639c3 7643422fdf0f "start_runit" 3 days ago Up 3 days k8s_calico-node-amd64_calico-node-amd64-2d2hk_kube-system_95bdffaa-ecc6-11e7-93d6-000c29651885_0
2fbc29422aa7 ibmcom/pause:3.0 "/pause" 3 days ago Up 3 days k8s_POD_calico-node-amd64-2d2hk_kube-system_95bdffaa-ecc6-11e7-93d6-000c29651885_0
dac6368cc3f9 924aee0d6910 "/hyperkube proxy --…" 3 days ago Up 3 days k8s_proxy_k8s-proxy-192.168.1.201_kube-system_8312bd0a1d5cee59daf19f2df2bdf2fe_0
631f76b15478 ibmcom/pause:3.0 "/pause" 3 days ago Up 3 days k8s_POD_k8s-proxy-192.168.1.201_kube-system_8312bd0a1d5cee59daf19f2df2bdf2fe_0
via the two Helm releases: -
I'm having MORE fun with the IBM DataPower Gateway (IDG) pattern on IBM Cloud Private (ICP).
Having finally managed to instantiate my container ( I had to drop the resources.requests.cpu and resources.requests.memory values down, as I'm running on a relatively small estate, with a single Worker node with 1 CPU and 8 GB RAM ) : -
I waited for the container to start ( there's quite a bit going on, including the bit where the Worker node has to pulled the IDG Docker image ).
Once it was running, I followed the guidance to get back the endpoint details: -
export NODE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}" services davidhay-ibm-datapower-dev)
export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}")
echo https://$NODE_IP:$NODE_PORT
export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}")
echo https://$NODE_IP:$NODE_PORT
and hit the endpoint
and……
got the IBM website.
So I appeared to be proxying IBM.COM, which was somewhat worrying.
I cleaned my configuration, and tried again, and then saw this: -
Yes, you've guessed it, the default behaviour ( within the Helm chart ) is to act as a Web Application Proxy for …. IBM.COM :-)
There's even a clue: -
in the Helm chart.
So I deployed another Helm chart, to spin up a container instance of WebSphere Liberty Profile, deployed the Ferret app to it: -
docker ps -a|grep -i websphere-liberty
1a9a6536444e websphere-liberty "/opt/ibm/docker/doc…" 20 minutes ago Up 20 minutes k8s_ibm-websphere-liberty_davehaywlp-ibm-websphere-689cfdbb6c-ffq75_default_a8e5ac8e-efdb-11e7-93d6-000c29651885_0
docker exec -i -t 1a9a6536444e /bin/bash
docker cp ferret-1.2.war 1a9a6536444e://opt/ibm/wlp/usr/servers/defaultServer/dropins
docker logs 1a9a6536444e -f
…
1a9a6536444e websphere-liberty "/opt/ibm/docker/doc…" 20 minutes ago Up 20 minutes k8s_ibm-websphere-liberty_davehaywlp-ibm-websphere-689cfdbb6c-ffq75_default_a8e5ac8e-efdb-11e7-93d6-000c29651885_0
docker exec -i -t 1a9a6536444e /bin/bash
docker cp ferret-1.2.war 1a9a6536444e://opt/ibm/wlp/usr/servers/defaultServer/dropins
docker logs 1a9a6536444e -f
…
[AUDIT ] CWWKF0011I: The server defaultServer is ready to run a smarter planet.
[AUDIT ] CWWKT0016I: Web application available (default_host): http://davehaywlp-ibm-websphere-689cfdbb6c-ffq75:9080/ferret/
[AUDIT ] CWWKZ0001I: Application ferret-1.2 started in 1.448 seconds.
…
[AUDIT ] CWWKT0016I: Web application available (default_host): http://davehaywlp-ibm-websphere-689cfdbb6c-ffq75:9080/ferret/
[AUDIT ] CWWKZ0001I: Application ferret-1.2 started in 1.448 seconds.
…
and confirmed that I could hit Ferret via the normal ICP proxy: -
https://192.168.1.200:31585/ferret/
https://192.168.1.200:31585/ferret/
and, finally, redeployed my DataPower container, but this time specifying the WLP URL: -
I used the same approach to get the proxied endpoint of the DataPower URL: -
export NODE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}" services davehaywlp-ibm-websphere)
export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}")
echo https://$NODE_IP:$NODE_PORT
export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}")
echo https://$NODE_IP:$NODE_PORT
and was then able to hit the Ferret servlet, via the IDG Web Application Proxy: -
So I've got DataPower running as a Web Application Proxy against Liberty, which is nice :-)
Finally, for reference, if I understand it correctly, I've got four additional containers running on my Worker node: -
docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b46395546542 ibmcom/datapower "/bin/drouter" 35 minutes ago Up 35 minutes k8s_ibm-datapower-dev_davehayidg-ibm-datapower-dev-585554d78c-pzbcj_default_211ade0c-efe0-11e7-93d6-000c29651885_0
7a81a4f421ab ibmcom/pause:3.0 "/pause" 35 minutes ago Up 35 minutes k8s_POD_davehayidg-ibm-datapower-dev-585554d78c-pzbcj_default_211ade0c-efe0-11e7-93d6-000c29651885_0
1a9a6536444e websphere-liberty "/opt/ibm/docker/doc…" About an hour ago Up About an hour k8s_ibm-websphere-liberty_davehaywlp-ibm-websphere-689cfdbb6c-ffq75_default_a8e5ac8e-efdb-11e7-93d6-000c29651885_0
0e8f9dbb49b9 ibmcom/pause:3.0 "/pause" About an hour ago Up About an hour k8s_POD_davehaywlp-ibm-websphere-689cfdbb6c-ffq75_default_a8e5ac8e-efdb-11e7-93d6-000c29651885_0
a77aee47c7fb bb4a6b774658 "/bin/node_exporter …" 3 days ago Up 3 days k8s_nodeexporter_monitoring-prometheus-nodeexporter-amd64-x5268_kube-system_ce4afa9c-ecc7-11e7-93d6-000c29651885_0
4494b0042b5d ibmcom/pause:3.0 "/pause" 3 days ago Up 3 days k8s_POD_monitoring-prometheus-nodeexporter-amd64-x5268_kube-system_ce4afa9c-ecc7-11e7-93d6-000c29651885_0
4ef59603592a 56354bef6b82 "/bin/sh -c /startup…" 3 days ago Up 3 days k8s_metering-reader-amd64_metering-reader-amd64-qf472_kube-system_8697c507-ecc7-11e7-93d6-000c29651885_0
852b06a7a54c ibmcom/pause:3.0 "/pause" 3 days ago Up 3 days k8s_POD_metering-reader-amd64-qf472_kube-system_8697c507-ecc7-11e7-93d6-000c29651885_0
261e111c20c2 af80995a4fcf "filebeat -e" 3 days ago Up 3 days k8s_filebeat_filebeat-ds-amd64-x5bsp_kube-system_6e494fa5-ecc7-11e7-93d6-000c29651885_0
40767f0230db ibmcom/pause:3.0 "/pause" 3 days ago Up 3 days k8s_POD_filebeat-ds-amd64-x5bsp_kube-system_6e494fa5-ecc7-11e7-93d6-000c29651885_0
fee15f1d965a 88ca805c8ddd "/install-cni.sh" 3 days ago Up 3 days k8s_install-cni_calico-node-amd64-2d2hk_kube-system_95bdffaa-ecc6-11e7-93d6-000c29651885_0
2b89043639c3 7643422fdf0f "start_runit" 3 days ago Up 3 days k8s_calico-node-amd64_calico-node-amd64-2d2hk_kube-system_95bdffaa-ecc6-11e7-93d6-000c29651885_0
2fbc29422aa7 ibmcom/pause:3.0 "/pause" 3 days ago Up 3 days k8s_POD_calico-node-amd64-2d2hk_kube-system_95bdffaa-ecc6-11e7-93d6-000c29651885_0
dac6368cc3f9 924aee0d6910 "/hyperkube proxy --…" 3 days ago Up 3 days k8s_proxy_k8s-proxy-192.168.1.201_kube-system_8312bd0a1d5cee59daf19f2df2bdf2fe_0
631f76b15478 ibmcom/pause:3.0 "/pause" 3 days ago Up 3 days k8s_POD_k8s-proxy-192.168.1.201_kube-system_8312bd0a1d5cee59daf19f2df2bdf2fe_0
via the two Helm releases: -