In previous posts I talk about bootstrapping bundles of policies and services for container gateways. But how do you build these bundles in the first place. This blog post talks about how to use the Container Gateway to build bundles of gateway policies and services. Part 2 of this post will go into more details of how to improve the exports from the gateway and commit those to a version control system.
Setting up the Development Environment
The first thing you need to do is build your docker-compose file. This will enable you to easily start and stop your development gateway. Below is a docker-compose file to start from.
- source: license
You can also download the docker compose file here.
Some notable details on the docker-compose file:
- The restman volume: /opt/SecureSpan/Gateway/node/default/etc/bootstrap/services/restman
- This creates a volume mounted to the above location. When the gateway is starting up when it see that a file exists at that location it will make restman available on the gateway.
- The license secret
- The Gateway license file is loaded as a secret. This is the preferred way to provide licenses to a gateway.
If you now run:
This will start a CA API Gateway. The gateway will have restman available on it and you could login to it with policy manager using 'admin' as the username and 'password' as the password.
Exporting from the Development Gateway
The next step would be to write some policy and services. In order to make the export simpler create a folder and put all the policies and services you write into that folder. For example you folder structure could look something like this where the root folder is OTK and all the other services and policies are underneath it:
Export your folder using the following command:
curl -k -u admin:password "https://gateway-dev:8443/restman/1.0/bundle?encassAsPolicyDependency=true&folder=<folderID>" | tail -n +9 | tail -r | tail -n +3 | tail -r | sed '1i<l7:Bundle xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">' > bundle.bundle
Where <folderID> is the ID of the folder that your policies are in. You can get this ID from the policy manager by right clicking on the folder and selecting Folder Properties
Once the curl command is run you will have a file called bundle.bundle that contains the exported policies and services you have created along with any other dependencies they reference.
Note, the tail commands at the end of the export command are used to clean up the export so that it can be mounted to the container and imported properly. The next blog post will look at improving this command.
Re-Deploying with new Configuration
To make sure that the exported policies and services are available next time you restart your development Gateway update your docker-compose file to add the following volume mount:
Now if you restart your development Gateway the policies and services you worked on will be loaded.
As you are working on your policies and service make sure you continuously export in order to backup and save your changes.
In the next post I will discuss improving the export command and committing the exported bundle to a version control system.