API CONNECT | |
| Filtering headers from the Analytics data on ingestion. |
Guest Post by Thomas Wilkinson Chris Phillips | |
If header logging is enabled all headers are logged into Analytics. However clients usualy do not want to have the client secret stored. |
|
|
|
API CONNECT | |
| Cross-Origin Resource Sharing (CORS) |
Recently I have had a lot of people asking me about why they are getting an error complaining of a unable to connect or a -1 connection error. This is often a Cross-Origin Resource Sharing (CORS) error. The role of CORS is to tell the client/browser what is allowed or not allowed on the HTTPs endpoint, it does not do enforcement itself. A client/browser makes an HTTP Options request to the endpoint to find out what it is allowed to do. Providing those headers (below) have been injected into the response this tells the client/browser what it is entitled to do. CORS is not there to add extra protection, it is there rather to provide extra information to the client/browser. Some http libraries such as NodeJS’s request do include an option call prior to the requested call to help enforce this, but it is a client-application decision. If the CORS headers stop the requested operation then a -1 is showing in the error. |
|
|
|
API CONNECT | |
| How many Gateway Services do you need? |
A Gateway Service in IBM API Connect is the runtime that sits inside DataPower. DataPower in containers is designed to have a single gateway service, however in other form factors (RPM, VM, Physical) it is simple to add multiple gateway services to provide a logical separation. However just because you can have one gateway service or ten gateway services (No known technical limits) for a single provider org what is the correct way. |
|
|
|
API CONNECT | |
| Replacing an API Gateway Service in a provider org |
Sometimes a client configures multiple provider orgs to share a single Gateway Service and then later on decides to change their mind. However this requires modifying every single API. This script will replace the currently configured gateway service for all APIs in a provider org and replace it with a new gateway service. |
|
|
|
CP4I | Installing IBM CloudPaks with a Nexus Proxy Docker Registry |
Nexus is a third party docker registry that allows users to configure it as a proxy. This means that when a request comes for an image it is downloaded directly and stored in nexus. If you are not wanting to use nexus as a proxy you can follow the instructions here. https://www.ibm.com/docs/es/cpfs?topic=plugin-bastion-host |
|
|
|
DAY2 OPERTATIONS | |
Day2-Ops | Always test your backups |
|
|
|
|
KUBERNETES | |
| Egress Block but allow intra cluster communication |
I needed to produce a network policy that would allow egress to a single server (for back ups) but otherwise restricted all egress traffic to staying in the cluster. |
|
|
|
KUBERNETES | |
| Egress Block but allow intra cluster communication |
I needed to produce a network policy that would allow egress to a single server (for back ups) but otherwise restricted all egress traffic to staying in the cluster. |
|
|
|
API | |
| Public API Monitization, Point of view. |
I get it, you need to find revenue from APIs to justify the investment costs. Every customer I have seen with plans for Public APIs has a dream of monetizing them. However what is the real cost of monetization? |
|
|