The IBM® SOA
Policy Gateway Pattern provides
a means to quickly and reliably provision an environment for governing
service definitions and policies, and enforcing those policies. Determine
the governance requirements and resources required.
In order to deploy the environment, prepare the DataPower® appliance for remote
administration and collect the assets required to securely communicate
with the appliance. Testing the environment can be accomplished by
deploying the SOA Policy Gateway Basic Runtime
Sample,
this confirms the environment is correctly configured for deployment
and demonstrates the enforcement of the policies. After validation
of the environment, the desired IBM SOA
Policy Gateway Pattern governance
and runtime configuration is decided using WSRR best practices. Deployment
of the pattern starts with the Governance Master, followed by the
Runtime patterns matched to desired configuration.
Preparing and deploying the IBM SOA
Policy Gateway Pattern
Prepare DataPower and collect the
security files:
- Prepare the DataPower appliance
for remote administration. For more information, see Configuring DataPower for the IBM SOA Policy Gateway Patterns.
- If the DataPower appliance
is secured, read the security section for DataPower, then collect the DataPower security files needed to communicate
with it.
- Confirm that a system DataPower in
the cloud environment can communicate with the appliance and that
the appliance can communicate with a deployed system.
The
SOA Policy Gateway Basic Runtime
Sample can
be used to demonstrate the capabilities of the pattern before you
create a production deployment. If the use of the Basic Runtime Sample
is required, complete the following steps:
- Provide an SCP server on Linux accessible
from a deployed system within the cloud. SCP is the secure copy command.
The SCP server provides a means to host the security files external
to the pattern so the pattern will not need to be altered for every
security configuration.
- Provide an LDAP server to host the security IDs used by the sample
application implemented in DataPower.
For more information, see Configuring the LDAP for the sample.
- Deploy the SOA Policy Gateway Basic Runtime
Sample pattern
to validate the infrastructure. For more information, see Deploying the SOA Policy Gateway Basic Runtime Sample pattern.
- When use of the sample is complete, the LDAP server is not needed.
Prepare for production deployment:
- Decide the scale needed for the deployment. Decide the cluster
sizes for the Governance Master and the runtimes deployments.
Note: When
a cluster is deployed it cannot be extended with another cluster member.
- Define the cell name and administrative user ID and password of
the Governance Master.
- Host the DataPower security DomainZipFile.zip file
on an SCP server. For more information, see Creating the Security DomainZipFile.zip.
Deploy the Governance Master for the production environment:
- Deploy a SOA Policy Gateway Governance
Master pattern.
Wait for the deployment to complete before deploying production environment
runtime patterns. For more information, see Deploying the SOA Policy Gateway Governance Master pattern.
When deployment of the runtimes is completed:
- The SCP file server is no longer required.
- WSRR and WebSphere® security
can be updated from the default security configuration. For more information,
see Security management.
- The DataPower domain
is ready for gateway configuration.