Planning the pattern configuration and pattern prerequisites

The IBM® SOA Policy Gateway Pattern provides a means to quickly and reliably provision an environment for governing service definitions and policies, and enforcing those policies. Determine the governance requirements and resources required.

In order to deploy the environment, prepare the DataPower® appliance for remote administration and collect the assets required to securely communicate with the appliance. Testing the environment can be accomplished by deploying the SOA Policy Gateway Basic Runtime Sample, this confirms the environment is correctly configured for deployment and demonstrates the enforcement of the policies. After validation of the environment, the desired IBM SOA Policy Gateway Pattern governance and runtime configuration is decided using WSRR best practices. Deployment of the pattern starts with the Governance Master, followed by the Runtime patterns matched to desired configuration.

Preparing and deploying the IBM SOA Policy Gateway Pattern

Prepare DataPower and collect the security files:
  1. Prepare the DataPower appliance for remote administration. For more information, see Configuring DataPower for the IBM SOA Policy Gateway Patterns.
  2. If the DataPower appliance is secured, read the security section for DataPower, then collect the DataPower security files needed to communicate with it.
  3. Confirm that a system DataPower in the cloud environment can communicate with the appliance and that the appliance can communicate with a deployed system.
The SOA Policy Gateway Basic Runtime Sample can be used to demonstrate the capabilities of the pattern before you create a production deployment. If the use of the Basic Runtime Sample is required, complete the following steps:
  1. Provide an SCP server on Linux accessible from a deployed system within the cloud. SCP is the secure copy command. The SCP server provides a means to host the security files external to the pattern so the pattern will not need to be altered for every security configuration.
  2. Provide an LDAP server to host the security IDs used by the sample application implemented in DataPower. For more information, see Configuring the LDAP for the sample.
  3. Deploy the SOA Policy Gateway Basic Runtime Sample pattern to validate the infrastructure. For more information, see Deploying the SOA Policy Gateway Basic Runtime Sample pattern.
  4. When use of the sample is complete, the LDAP server is not needed.
Prepare for production deployment:
  1. Decide the scale needed for the deployment. Decide the cluster sizes for the Governance Master and the runtimes deployments.
    Note: When a cluster is deployed it cannot be extended with another cluster member.
  2. Define the cell name and administrative user ID and password of the Governance Master.
  3. Host the DataPower security DomainZipFile.zip file on an SCP server. For more information, see Creating the Security DomainZipFile.zip.
Deploy the Governance Master for the production environment:
  1. Deploy a SOA Policy Gateway Governance Master pattern. Wait for the deployment to complete before deploying production environment runtime patterns. For more information, see Deploying the SOA Policy Gateway Governance Master pattern.
Deploy the production environment runtime patterns:
  1. Decide whether a clustered or standalone environment is needed.
  2. If more than one DataPower domain is required, clone the Basic Runtime pattern or Advanced Runtime pattern and add DataPower script packages to the clone for each domain needed.
    Note: Additional DataPower domains can not be added after this configuration has been completed.
    For more information, see Deploying with multiple DataPower domains.
  3. Configure the runtime pattern with the Governance Master pattern information. For more information, see SOA Policy Gateway Governance Master deployment information.
  4. Decide whether the runtime will be staging, production, or other.
  5. Deploy the Basic Runtime or Advanced Runtime pattern. For more information, see Deploying the SOA Policy Gateway Advanced Runtime pattern or Deploying the SOA Policy Gateway Basic Runtime pattern.
  6. Wait until fully deployed before deploying another runtime
.
When deployment of the runtimes is completed:
  1. The SCP file server is no longer required.
  2. WSRR and WebSphere® security can be updated from the default security configuration. For more information, see Security management.
  3. The DataPower domain is ready for gateway configuration.

Concept Concept

Feedback

Timestamp icon Last updated: Thursday, 3 July 2014
http://publib.boulder.ibm.com/infocenter/prodconn/v1r0m0/topic/com.ibm.scenarios.soawdpwsrr.doc/topics/csoa2_planning.htm