Cast Iron v7.x - Global WebSphere Community

Download Report

Transcript Cast Iron v7.x - Global WebSphere Community 

Presenter: Sarath K Ambadas
Date: 26th June, 2014
What’s new in Cast Iron v7.0 and 7.0.0.1
© 2014 IBM
Corporation
Table of contents
1.
Introduction
2.
Studio and Connectors
3.
Web Management Console (WMC)
4.
Runtime (Appliance and Live)
5.
Java and Security
6.
Q&A
2
© 2014 IBM
Corporation
Introduction - WebSphere Cast Iron Cloud Integration
 Rapidly integrate SaaS applications with on
premise applications
• Packaged applications like SAP, JDE, Siebel etc.
• Home grown apps running on DB2, SQL Server ,etc.
• Private cloud applications built using Web Services, etc.
• SaaS applications like Salesforce.com, NetSuite, etc.
 Eliminate the “swivel chair” approach of
accessing multiple applications
Integration-as-a-Service
Integration on Premise
• Real-time visibility of data locked away in back office
applications
Physical Integration Appliances
 Use a Configuration, Not Coding approach to
cloud integration
Virtual Integration Appliances
• Reusable templates called TIPS accelerate time to value
What Our Integration Solution Does
 Choose from flexible deployment options:
• Physical appliances running on Data Power platform
• Virtual appliances
• Integration as a service (Cast Iron Live)
3
© 2014 IBM
Corporation
⦁ Studio and Connectors enhancements
4
© 2014 IBM
Corporation
Endpoints and Cast Iron in different networks
 Problem : Managed Service Providers (MSP) want to host Cast Iron
appliance in a public cloud so that they can manage Cast Iron and
connect to different endpoints present in each their customer networks.
 Currently before version 7, This scenario is supported only in Cast
Iron Live.
 Solution : Supported in Cast Iron v7
 Both Studio and Appliance can be used to connect to endpoints
present in different networks.
 Achieved using Cast Iron secure connector which establishes a
secure channel between Cast Iron and endpoint
 Studio and appliance must be in the same network (meaning
appliance should be accessible from studio)
5
© 2014 IBM
Corporation
Endpoints and Cast Iron in different networks (Contd…)
Customer A’s Network 2
On-Prem
Cast Iron appliance
hosted in Network A
Secure Channel
ERP
Firewall
Cast Iron
Firewall
Partner X’s network
1. User the Secure
connectors in CI to connect
to the ERP in customer A’s
network 2
Develops orchestrations
using studio that needs to
connect to Customer A’s
ERP endpoint, before
being deployed
Studio
6
© 2014 IBM
Corporation
PGP Encryption and Decryption
 Support encryption and decryption of data using GPG protocol.
 Files and other sensitive data can be encrypted and decrypted.
 The input content should be base64 encoded.
 Utility is provided to extract the certificates for PGP keystore and add to
the Cast Iron Key store in appliance and studio.
7
© 2014 IBM
Corporation
Field level encryption and decryption using mapping function
 Support field level encryption and decryption during mapping of fields.
 Sensitive data like SSN and credit card numbers can be encrypted and
decrypted.
 The key used for encryption is Advanced Encryption Standard (AES)
algorithm with 128 bit strength. 128-bit encryption level requires an 8byte key, which must be a 32-character hexadecimal string.
8
© 2014 IBM
Corporation
STS (Secure Token Service) activity
 Provide support for retrieving SAML version 2.0 tokens
 Supports only providers which use web services with basic
authentication over http or https
 This token can be used with other web service activitys as part
of SAML authentication (WS-Trust spec).
9
© 2014 IBM
Corporation
Other Studio features
 Replace String mapping function
New in
7.0.0.1
 The pattern to be searched can be a regular expression
 Studio v 7.0.0.0 installer
 Uses JRE 1.7
 Has both 32 bit (uses 32 bit Java) and 64 bit (uses 64 bit java)
installers
 Provide default read only password for accessing TIPs and plugin
connector repository
10
© 2014 IBM
Corporation
Service Max connector
 Service Max is a field
management service software
built using Force.com platform
 Supports custom objects and
custom fields
 Supports SOQL
(Salesforce.com object query
language) and SOSL
(Salesforce.com object search
language)
 Salesforce.com web service
API version supported is 26.0
11
© 2014 IBM
Corporation
Oracle E-Business Suite connector
 Provides connectivity to Oracle EBusiness Suite applications.
 V7 supports JDBC API to
access database tables.
 Uses Oracle thin driver
(thirdparty library) for
connectivity
 Supported versions : Oracle EBusiness Suite v11.5, v12 and
v12.5
In the road map : advanced queue
support and XML Gateway
support
12
© 2014 IBM
Corporation
SAP connector enhancements
 Single Sign On (SSO) support
 Secure Network Configuration
 Passing connection parameters
dynamically as part of the request
 Different combinations of using SAP
endpoint
 Username password
 SSO Token
Note : SNC can be used with
username/password or SSO token
1.when using SNC with
username/password, we can provide
username/password or give a value for
x-509 certificate or have both
configured
2.when using SNC with SSO, we can
provide SSO token or give a value for
x-509 certificate or have both
configured
13
© 2014 IBM
Corporation
HTTP connector enhancements
 Basic authentication for Receive
Request activity

Note : basic authentication
also supported in Provide
Service activity of web
service connector
 oAuth v 2.0 support for outbound
activity's only
14
© 2014 IBM
Corporation
Domino connector enhancements
 Support Lotus Domino 9.0.1
 Support Lotus Domino Calendar
service using ReST API
 Supported from Domino 9.0.1
and above
New in
7.0.0.1
 8 new activity's are added which use
the ReST based calendar service API.
 Calendar Objects supported
 Invitations
 Notices
 Events (Meetings,
Appointments, Remainders)
including recurring events
 Perquisites : ReST service must be
enabled on the Domino server
15
© 2014 IBM
Corporation
Domino connector enhancements (Contd…)
 Enhancements done in Cast Iron v 7.0.0.0
16

Query Views activity - new outbound activity that is used to query views from
the Lotus Domino database.

Sub forms (a form statically included in the main form during form design
time).

Handling dynamically added fields, which are part of the Domino document
but not generated in Map Inputs and Map Outputs.

Querying of data based on the last modified and created time stamps, in the
Query Documents activity.

Polling multiple databases in inbound activities.

Passing connection parameters dynamically as part of the request.
© 2014 IBM
Corporation
Other Connector enhancements
 Force.com Bulk API connector
 API version supported : 28.0
 Make API calls using CSV format (major performance improvement)
 JDE connector
 Support JDE version 9.1 with Invoke Business Function activity
 Salesforce.com connector :
 Support API version 30.0 in Cast Iron
Netsuite connector
 Support API version 2014_1 in Cast Iron
17
New in
7.0.0.1
New in
7.0.0.1
© 2014 IBM
Corporation
⦁ Web Management Console enhancements
18
© 2014 IBM
Corporation
Managing multiple appliances
 Problem statement :

Customers do not have a unified user interface to manager multiple Cast Iron
appliances.
19

Administrators have to login to individual appliances to see what happening
and do maintenance updates.

More complex (multiple login credentials) to monitor projects and jobs being
processed in each appliance

Customers can use Management API to implement their own custom
application. But this requires additional IT infrastructure, engineering
resources, understanding of the API, code implementation and maintenance
of the code.

Invest in third-party commercial software to manage Cast Iron appliances
which requires additional expenditure.

There are certain limitations in the Management API (physical/virtual,
appliance upgrades, difficult to monitor how the appliance is working/loaded)

Difficult to track the versions for each of the individual appliance and also the
development, staging and production environments.
© 2014 IBM
Corporation
Managing multiple appliances - Solution
 Solution :

Single Unified user interface to manage multiple
appliances in Web Management Console from Cast
Iron v7
20

Supports both physical and virtual appliances

Supports both Cast Iron v7 as well as older version
of Cast Iron appliance (v6 and above after installing
the ifix)

Supports appliances which need LDAP
authentication.

One appliance is designated as master appliance
and other appliances are added to this master.

Manage and monitor the master appliance as well

Enable/disable monitoring of the appliance.

Can be used with appliances configured with High
Availability
© 2014 IBM
Corporation
Managing multiple appliances – Features 1
 Configuring the appliance (Register and unregister) :
 Designate one appliance as the master appliance
 Register each appliance to this master appliance using the register option
 Option to enable/disable a registered appliance. Only enabled appliances can be monitored
 Displays if the registered appliance is a physical or virtual appliance.
 Displays the version of the registered appliance
 Cannot add the same appliance more than once as part of registration
 The master appliance can be added using register option to manage/monitor itself
 Unregister an appliance from this master
 Update details of registered appliance
 Appliance registration rules :

An appliance which is already registered to another master cannot be made as a master
appliance.
21

Cannot register an appliance which is already a master to another master appliance.

Can register an appliance with multiple master appliances.
© 2014 IBM
Corporation
Managing multiple appliances – Features 1 Continued…
22
© 2014 IBM
Corporation
Managing multiple appliances – Features 2 (Appliance upgrade)
 Appliance upgrade:

Option to upgrade one or more registered appliances from the master appliance.
23

Supports both virtual and physical appliance upgrade

When both scrypt2 (physical) and vcrypt2 (virtual) files are browsed:
 Upgrade happens based on the form factor information (physical or
virtual) available for the appliance
 If form factor information is not available (older version without ifix)
then these appliances are skipped as part of upgrade.

When only one file is browsed:
 That file will be used as input for upgrade for all selected appliances
including for appliances which do not have form factor information.

When master appliance is also part of the upgrade list, that will be the last appliance
which will be upgraded.

Details of the upgrade for each of the appliance is displayed at the end of the
upgrade steps.

Version info is updated after the appliance is upgraded.
© 2014 IBM
Corporation
Managing multiple appliances – Features 2 (upgrade
appliance) Contd…
24
© 2014 IBM
Corporation
Managing multiple appliances – Features 2 (upgrade
appliance status) Contd…
25
© 2014 IBM
Corporation
Managing multiple appliances – Feature 3 (Monitor resource
Utilization)
 Monitor resource utilization:

See the resource utilization graphs for all the registered appliances in a single unified
user interface
26

Option to maximize the resource utilization graphs and see more detailed view

The details displayed by the graph will be exactly same as the details available in the
actual appliance

Option to refresh the resource utilization graphs to get latest data.

For older versions of Cast Iron which do not have the ifix, a message “Data not
available” is displayed

The graph monitors 4 parameters:
 Memory used in %
 Disk usage in %
 Number of running jobs in the appliance
 Number of Garbage Collections from previous check point
© 2014 IBM
Corporation
Managing multiple appliances – Features 3 (resource
utilization ) Contd…
27
© 2014 IBM
Corporation
Managing multiple appliances – Feature 4
 Display projects and configurations

Displays the published project/configuration and orchestration details
28

Displays status of each of the projects and orchestrations

Displays the job number at project/orchestration levels
 Number of running jobs
 Number of errored jobs
 Number of completed jobs
 Total number of jobs

Displays last published time of the project

Following actions can be performed on the projects remotely

Start projects

Stop projects

Pause projects

Undeploy projects

Delete projects

Clone projects
New in
7.0.0.1
© 2014 IBM
Corporation
Managing multiple appliances – Features 4 (view configurations ) Contd..
29
© 2014 IBM
Corporation
Managing multiple appliances – Feature 5 (Execute commands)
 Support running the below commands on the remote appliance

Restart appliance

Reboot appliance

Remove job history

Remove projects and configurations

Remove all in progress jobs
30
New in
7.0.0.1
© 2014 IBM
Corporation
Other WMC features

Enhanced configuration details - The configuration details now display the name of the
publisher in the Summary section.

Enhanced configuration filter - Now you can view projects that are published exclusively by
you through the Configurations Filter on the Project Configurations page.

Published project details - The appliance administrator can now view all the projects, users
who published the projects, and the time the project was published.

Project permission - The appliance administrator can grant permissions to particular users
to access certain projects.

Login history - The appliance administrator can check the history of all the users, the
number of times they logged on, the logon time, and the time that they logged out.

System logs and Job Logs - You can now customize/edit columns in the System log and
Job log pages that you would like to view.
31
© 2014 IBM
Corporation
⦁ Appliance and Live enhancements
32
© 2014 IBM
Corporation
Appliance and Live enhancements

Appliance supports connecting to endpoints running in a different network behind a fire wall (using
secure connector)

Secure Connector client installer support for 64-bit machine (both Linux and Windows). Now, 32-bit and
64-bit Secure Connector installers are available.

A new management API to get the resource utilization details of the appliance, has been added.

Serviceability Improvements - Additional system logs get generated during orchestration deployment.
Non-orchestration-related events specific to users and groups, also get generated in the system logs.

New in
New Secure Connector installer that upgrades without having to uninstall the earlier version. 7.0.0.1

Large data volume support through Secure Connector

Issues with Cast Iron support on Xen platform are fixed in v7.0.0.1 (it was not working in v7)
33
New in
7.0.0.1
© 2014 IBM
Corporation
⦁ Java and security enhancements
34
© 2014 IBM
Corporation
Java and Security

Java support
 Appliance and Live use Java 7 64 bit version
 Studio and secure connector are available with both 32 and 64 bit of Java 7

Security changes as part of SP800-131a compliance
 All passwords that are stored in Cast Iron are encoded using a stronger SHA256
hashing algorithm
 Key and Certificate strength made greater than or equal to 112 bits, which means that
new RSA/DSA certificates that are generated by Cast Iron has a minimum key length
of 2048.
 SP800-131a-compliant cipher suites are supported by Cast Iron
 Support for TLSv1.2 protocol by Web Management Console (WMC), connectors, and
Studio
35
© 2014 IBM
Corporation
Thank you!
 Questions?
 For queries contact Sarath K Ambadas ([email protected])
36
© 2014 IBM
Corporation