| DATAPOWER | |
 | Global disabling of Certificate Expiry validation |
| Guest Post by R George Inness Chris Phillips | |
|
Recently a customer has asked how to disable certificate expiry validation. In short they wanted to be able to still use certificates if they had reached end of life. Though this is not something I would recommend I wanted to share the steps. |
|
|
|
|
| API CONNECT | |
|
| DataPower Quorums with two DataPowers - Update |
|
Ways to handle the DataPower quorum when there is only enough Licenses for two DataPowers. UPDATED 2022 - Since this article was originally published three years ago datapower has added a requirement that each domain should have the same name therefore to achieve the first design you must split your datapower with tenants. |
|
|
|
|
| API CONNECT | |
|
| Setting Payload limits to protect your apis in API Connect |
|
In API Connect a parsing policy can be used to protect your apis to ensure that large files are not malicious or accidentally clogging up system, by default the max size is 4MB. However clients frequently want to support files larger then the default size, this is not something I recommend (I will make a future post about). This post will show the steps to increase or decrease the document size limit. |
|
|
|
|
| OPENSHIFT | |
 | Debugging ICSP (Image Content Source Policies) |
|
In Openshift 4 ICSPs (Image Content Source Policies) are used to redirect crio in the worker nodes to retrieve images from a location that is different then the name of the image. |
|
|
|
|
| API CONNECT | |
|
| Rate Limiting an API that does not take a Consumer ID as a parameter. |
|
Applying a rate limit to an API is essential to protecting downstream systems. Usually this is done OOTB with plans in API Connect. However if the API does not require a Client ID to be passed in this system will not work. Luckily API Connect provides a facility to rate limit directly on the canvas. |
|
|
|
|
| API CONNECT | |
|
| Circuit Breaker in API Connect |
|
A Circuit breaker pattern is becoming a common pattern for remote calls today. The purpose of the circuit breaker is to detect when a series of errors are returned and block traffic for a time period, thus giving the backend system time to recover. |
|
|
|
|
| OPENSHIFT | |
|
| Waiting for a pod to start |
|
I often write shell scripts to do kick off tasks, wipe databases etc etc…. Im lazy and it means I can kick this off then walk the dog. I recently came across the oc wait command. This allows you to run a command that returns either when a timeout is hit or a kube object goes into a desired state. The default timeout is 30s
The above command waits for the pod named |
|
|
|
|
| DAY2 OPERTATIONS | |
|
Day2-Ops | SLA Budgetting - The 99.9999% Fallacy |
|
Often project owners state that their application needs an availability of 99.97%. Though I will be referring to API Connect in this article it is applicable to any application. 99.97% SLA matches on to 2h37m47s of total outage a year. Though this is useful it doesn’t provide quite enough information. |
|
|
|
|
|
| ABOUT | APICONNECT | API | DATAPOWER | OPENSHIFT | EVENTSTREAMS | INTEGRATION | DAY2-OPS | ACE |