Cast Iron v7.x - Global WebSphere Community
Download
Report
Transcript Cast Iron v7.x - Global WebSphere Community
Presenter: Sarath K Ambadas
Date: 26th June, 2014
What’s new in Cast Iron v7.0 and 7.0.0.1
© 2014 IBM
Corporation
Table of contents
1.
Introduction
2.
Studio and Connectors
3.
Web Management Console (WMC)
4.
Runtime (Appliance and Live)
5.
Java and Security
6.
Q&A
2
© 2014 IBM
Corporation
Introduction - WebSphere Cast Iron Cloud Integration
Rapidly integrate SaaS applications with on
premise applications
• Packaged applications like SAP, JDE, Siebel etc.
• Home grown apps running on DB2, SQL Server ,etc.
• Private cloud applications built using Web Services, etc.
• SaaS applications like Salesforce.com, NetSuite, etc.
Eliminate the “swivel chair” approach of
accessing multiple applications
Integration-as-a-Service
Integration on Premise
• Real-time visibility of data locked away in back office
applications
Physical Integration Appliances
Use a Configuration, Not Coding approach to
cloud integration
Virtual Integration Appliances
• Reusable templates called TIPS accelerate time to value
What Our Integration Solution Does
Choose from flexible deployment options:
• Physical appliances running on Data Power platform
• Virtual appliances
• Integration as a service (Cast Iron Live)
3
© 2014 IBM
Corporation
⦁ Studio and Connectors enhancements
4
© 2014 IBM
Corporation
Endpoints and Cast Iron in different networks
Problem : Managed Service Providers (MSP) want to host Cast Iron
appliance in a public cloud so that they can manage Cast Iron and
connect to different endpoints present in each their customer networks.
Currently before version 7, This scenario is supported only in Cast
Iron Live.
Solution : Supported in Cast Iron v7
Both Studio and Appliance can be used to connect to endpoints
present in different networks.
Achieved using Cast Iron secure connector which establishes a
secure channel between Cast Iron and endpoint
Studio and appliance must be in the same network (meaning
appliance should be accessible from studio)
5
© 2014 IBM
Corporation
Endpoints and Cast Iron in different networks (Contd…)
Customer A’s Network 2
On-Prem
Cast Iron appliance
hosted in Network A
Secure Channel
ERP
Firewall
Cast Iron
Firewall
Partner X’s network
1. User the Secure
connectors in CI to connect
to the ERP in customer A’s
network 2
Develops orchestrations
using studio that needs to
connect to Customer A’s
ERP endpoint, before
being deployed
Studio
6
© 2014 IBM
Corporation
PGP Encryption and Decryption
Support encryption and decryption of data using GPG protocol.
Files and other sensitive data can be encrypted and decrypted.
The input content should be base64 encoded.
Utility is provided to extract the certificates for PGP keystore and add to
the Cast Iron Key store in appliance and studio.
7
© 2014 IBM
Corporation
Field level encryption and decryption using mapping function
Support field level encryption and decryption during mapping of fields.
Sensitive data like SSN and credit card numbers can be encrypted and
decrypted.
The key used for encryption is Advanced Encryption Standard (AES)
algorithm with 128 bit strength. 128-bit encryption level requires an 8byte key, which must be a 32-character hexadecimal string.
8
© 2014 IBM
Corporation
STS (Secure Token Service) activity
Provide support for retrieving SAML version 2.0 tokens
Supports only providers which use web services with basic
authentication over http or https
This token can be used with other web service activitys as part
of SAML authentication (WS-Trust spec).
9
© 2014 IBM
Corporation
Other Studio features
Replace String mapping function
New in
7.0.0.1
The pattern to be searched can be a regular expression
Studio v 7.0.0.0 installer
Uses JRE 1.7
Has both 32 bit (uses 32 bit Java) and 64 bit (uses 64 bit java)
installers
Provide default read only password for accessing TIPs and plugin
connector repository
10
© 2014 IBM
Corporation
Service Max connector
Service Max is a field
management service software
built using Force.com platform
Supports custom objects and
custom fields
Supports SOQL
(Salesforce.com object query
language) and SOSL
(Salesforce.com object search
language)
Salesforce.com web service
API version supported is 26.0
11
© 2014 IBM
Corporation
Oracle E-Business Suite connector
Provides connectivity to Oracle EBusiness Suite applications.
V7 supports JDBC API to
access database tables.
Uses Oracle thin driver
(thirdparty library) for
connectivity
Supported versions : Oracle EBusiness Suite v11.5, v12 and
v12.5
In the road map : advanced queue
support and XML Gateway
support
12
© 2014 IBM
Corporation
SAP connector enhancements
Single Sign On (SSO) support
Secure Network Configuration
Passing connection parameters
dynamically as part of the request
Different combinations of using SAP
endpoint
Username password
SSO Token
Note : SNC can be used with
username/password or SSO token
1.when using SNC with
username/password, we can provide
username/password or give a value for
x-509 certificate or have both
configured
2.when using SNC with SSO, we can
provide SSO token or give a value for
x-509 certificate or have both
configured
13
© 2014 IBM
Corporation
HTTP connector enhancements
Basic authentication for Receive
Request activity
Note : basic authentication
also supported in Provide
Service activity of web
service connector
oAuth v 2.0 support for outbound
activity's only
14
© 2014 IBM
Corporation
Domino connector enhancements
Support Lotus Domino 9.0.1
Support Lotus Domino Calendar
service using ReST API
Supported from Domino 9.0.1
and above
New in
7.0.0.1
8 new activity's are added which use
the ReST based calendar service API.
Calendar Objects supported
Invitations
Notices
Events (Meetings,
Appointments, Remainders)
including recurring events
Perquisites : ReST service must be
enabled on the Domino server
15
© 2014 IBM
Corporation
Domino connector enhancements (Contd…)
Enhancements done in Cast Iron v 7.0.0.0
16
Query Views activity - new outbound activity that is used to query views from
the Lotus Domino database.
Sub forms (a form statically included in the main form during form design
time).
Handling dynamically added fields, which are part of the Domino document
but not generated in Map Inputs and Map Outputs.
Querying of data based on the last modified and created time stamps, in the
Query Documents activity.
Polling multiple databases in inbound activities.
Passing connection parameters dynamically as part of the request.
© 2014 IBM
Corporation
Other Connector enhancements
Force.com Bulk API connector
API version supported : 28.0
Make API calls using CSV format (major performance improvement)
JDE connector
Support JDE version 9.1 with Invoke Business Function activity
Salesforce.com connector :
Support API version 30.0 in Cast Iron
Netsuite connector
Support API version 2014_1 in Cast Iron
17
New in
7.0.0.1
New in
7.0.0.1
© 2014 IBM
Corporation
⦁ Web Management Console enhancements
18
© 2014 IBM
Corporation
Managing multiple appliances
Problem statement :
Customers do not have a unified user interface to manager multiple Cast Iron
appliances.
19
Administrators have to login to individual appliances to see what happening
and do maintenance updates.
More complex (multiple login credentials) to monitor projects and jobs being
processed in each appliance
Customers can use Management API to implement their own custom
application. But this requires additional IT infrastructure, engineering
resources, understanding of the API, code implementation and maintenance
of the code.
Invest in third-party commercial software to manage Cast Iron appliances
which requires additional expenditure.
There are certain limitations in the Management API (physical/virtual,
appliance upgrades, difficult to monitor how the appliance is working/loaded)
Difficult to track the versions for each of the individual appliance and also the
development, staging and production environments.
© 2014 IBM
Corporation
Managing multiple appliances - Solution
Solution :
Single Unified user interface to manage multiple
appliances in Web Management Console from Cast
Iron v7
20
Supports both physical and virtual appliances
Supports both Cast Iron v7 as well as older version
of Cast Iron appliance (v6 and above after installing
the ifix)
Supports appliances which need LDAP
authentication.
One appliance is designated as master appliance
and other appliances are added to this master.
Manage and monitor the master appliance as well
Enable/disable monitoring of the appliance.
Can be used with appliances configured with High
Availability
© 2014 IBM
Corporation
Managing multiple appliances – Features 1
Configuring the appliance (Register and unregister) :
Designate one appliance as the master appliance
Register each appliance to this master appliance using the register option
Option to enable/disable a registered appliance. Only enabled appliances can be monitored
Displays if the registered appliance is a physical or virtual appliance.
Displays the version of the registered appliance
Cannot add the same appliance more than once as part of registration
The master appliance can be added using register option to manage/monitor itself
Unregister an appliance from this master
Update details of registered appliance
Appliance registration rules :
An appliance which is already registered to another master cannot be made as a master
appliance.
21
Cannot register an appliance which is already a master to another master appliance.
Can register an appliance with multiple master appliances.
© 2014 IBM
Corporation
Managing multiple appliances – Features 1 Continued…
22
© 2014 IBM
Corporation
Managing multiple appliances – Features 2 (Appliance upgrade)
Appliance upgrade:
Option to upgrade one or more registered appliances from the master appliance.
23
Supports both virtual and physical appliance upgrade
When both scrypt2 (physical) and vcrypt2 (virtual) files are browsed:
Upgrade happens based on the form factor information (physical or
virtual) available for the appliance
If form factor information is not available (older version without ifix)
then these appliances are skipped as part of upgrade.
When only one file is browsed:
That file will be used as input for upgrade for all selected appliances
including for appliances which do not have form factor information.
When master appliance is also part of the upgrade list, that will be the last appliance
which will be upgraded.
Details of the upgrade for each of the appliance is displayed at the end of the
upgrade steps.
Version info is updated after the appliance is upgraded.
© 2014 IBM
Corporation
Managing multiple appliances – Features 2 (upgrade
appliance) Contd…
24
© 2014 IBM
Corporation
Managing multiple appliances – Features 2 (upgrade
appliance status) Contd…
25
© 2014 IBM
Corporation
Managing multiple appliances – Feature 3 (Monitor resource
Utilization)
Monitor resource utilization:
See the resource utilization graphs for all the registered appliances in a single unified
user interface
26
Option to maximize the resource utilization graphs and see more detailed view
The details displayed by the graph will be exactly same as the details available in the
actual appliance
Option to refresh the resource utilization graphs to get latest data.
For older versions of Cast Iron which do not have the ifix, a message “Data not
available” is displayed
The graph monitors 4 parameters:
Memory used in %
Disk usage in %
Number of running jobs in the appliance
Number of Garbage Collections from previous check point
© 2014 IBM
Corporation
Managing multiple appliances – Features 3 (resource
utilization ) Contd…
27
© 2014 IBM
Corporation
Managing multiple appliances – Feature 4
Display projects and configurations
Displays the published project/configuration and orchestration details
28
Displays status of each of the projects and orchestrations
Displays the job number at project/orchestration levels
Number of running jobs
Number of errored jobs
Number of completed jobs
Total number of jobs
Displays last published time of the project
Following actions can be performed on the projects remotely
Start projects
Stop projects
Pause projects
Undeploy projects
Delete projects
Clone projects
New in
7.0.0.1
© 2014 IBM
Corporation
Managing multiple appliances – Features 4 (view configurations ) Contd..
29
© 2014 IBM
Corporation
Managing multiple appliances – Feature 5 (Execute commands)
Support running the below commands on the remote appliance
Restart appliance
Reboot appliance
Remove job history
Remove projects and configurations
Remove all in progress jobs
30
New in
7.0.0.1
© 2014 IBM
Corporation
Other WMC features
Enhanced configuration details - The configuration details now display the name of the
publisher in the Summary section.
Enhanced configuration filter - Now you can view projects that are published exclusively by
you through the Configurations Filter on the Project Configurations page.
Published project details - The appliance administrator can now view all the projects, users
who published the projects, and the time the project was published.
Project permission - The appliance administrator can grant permissions to particular users
to access certain projects.
Login history - The appliance administrator can check the history of all the users, the
number of times they logged on, the logon time, and the time that they logged out.
System logs and Job Logs - You can now customize/edit columns in the System log and
Job log pages that you would like to view.
31
© 2014 IBM
Corporation
⦁ Appliance and Live enhancements
32
© 2014 IBM
Corporation
Appliance and Live enhancements
Appliance supports connecting to endpoints running in a different network behind a fire wall (using
secure connector)
Secure Connector client installer support for 64-bit machine (both Linux and Windows). Now, 32-bit and
64-bit Secure Connector installers are available.
A new management API to get the resource utilization details of the appliance, has been added.
Serviceability Improvements - Additional system logs get generated during orchestration deployment.
Non-orchestration-related events specific to users and groups, also get generated in the system logs.
New in
New Secure Connector installer that upgrades without having to uninstall the earlier version. 7.0.0.1
Large data volume support through Secure Connector
Issues with Cast Iron support on Xen platform are fixed in v7.0.0.1 (it was not working in v7)
33
New in
7.0.0.1
© 2014 IBM
Corporation
⦁ Java and security enhancements
34
© 2014 IBM
Corporation
Java and Security
Java support
Appliance and Live use Java 7 64 bit version
Studio and secure connector are available with both 32 and 64 bit of Java 7
Security changes as part of SP800-131a compliance
All passwords that are stored in Cast Iron are encoded using a stronger SHA256
hashing algorithm
Key and Certificate strength made greater than or equal to 112 bits, which means that
new RSA/DSA certificates that are generated by Cast Iron has a minimum key length
of 2048.
SP800-131a-compliant cipher suites are supported by Cast Iron
Support for TLSv1.2 protocol by Web Management Console (WMC), connectors, and
Studio
35
© 2014 IBM
Corporation
Thank you!
Questions?
For queries contact Sarath K Ambadas ([email protected])
36
© 2014 IBM
Corporation