avato1/app

By avato1

Updated almost 4 years ago

The Avato Hybrid Integration Platform, a universal API adapter for highly-regulated organizations.

Image
0

421

Avato is a hybrid integration platform that provides business with a robust technology foundation that securely, quickly, and simply integrates previously fragmented and incompatible systems and data.

Developed for the most complex, regulated environments, Avato de-risks digital transformation and delivers unmatched value.

NOTE: Any use of Avato is subject to your master agreement with Avato if one exists, else the end user evaluation license at https://mobius.worldwest.ca/esb/about?url=/esb/eula/Avato-EULA-evaluation.pdf. You accept this agreement by installing or using the software.

For more information, visit us at https://avato.co. To create an Avato user account, used for fetching Avato images, packages and documentation, visit us at https://mobius.worldwest.ca/esb/new-user/create-user.

See full instructions at https://hub.docker.com/repository/docker/avato1/app.

Building Avato for Containers

To use Avato in Docker or Kubernetes, you will want to first customize these images. This allows you to specify the detailed properties and packages that will be used in your customization.

For a faster route to standing up Avato, use the following images instead, which are pre-built with a default Avato configuration.

  • avato1/sample-app
  • avato1/sample-db

These customizations include Avato automated security and WSDL tests, and are ready to go for experimenting with Avato on Kubernetes.

Alternately, to continue making use of Avato in full, you will want to customize your own images as described here.

Your Custom Avato Application Image

Create your own directory for properties and packages. Here, you'll use any packages you or your organization have developed or customized. At minimum, you'll want a properties/local/properties.xml file with your customized properties, and a properties/local/packages.txt file with your collection of packages for the image.

Default examples of these files can be obtained from the Avato bootstrap at https://mobius.worldwest.ca/esb/new-mobius-guest/new.

Customize your image using a Dockerfile file like the following YAML:

FROM avato1/app

WORKDIR /opt/wildfly/install
COPY properties properties
COPY packages packages

ENV ENV_NAME=local

EXPOSE 8443

CMD ["ant", "run"]

Build this image, using the command:

docker build . -t my_avato

Your Custom Avato Database Image

Create a db folder in the local directory, and an sql folder in there.

Secure and customize your installation by adding your own SQL to this db/sql folder. Be aware that the database is MariaDB, so MySQL syntax is expected. Normally, you will need to add inserts for interfaces, your organization, and your encryption key.

Note that the admin and anonymous passwords are hashed: you can use a running instance of Avato such as https://mobius.worldwest.ca/esb to generate these.

Example file: 03-data.sql

SET
	@avato.user.admin.password = 'dJ8Jut6KynVWYO6xd5LaiAIY1PvcTiX77Cedf+n2XXA='
	, @avato.user.anonymous.password = 'ovnKz2ON5FtXree36Qj3zVCtpMIQ/katyll/f3P75to='

	, @avato.org.id = 'd53d2458-eb0e-42f7-a5b8-b980f63f1226'
	, @avato.org.name = 'Sample Org.'
	, @avato.org.shortname = 'SampleCo'
	, @avato.org.website = 'https://avato.co'

	, @avato.security.encryption.key = 'f18038bca4f84dc180788f919caab239'
;

insert into User (ID, Email, Password, Locked) values ("1", "admin", @avato.user.admin.password, 0);
insert into Role (ID, User, Name, RoleGroup, ValidFrom, ValidTo) values ("1", "1", "ESBUser", NULL, NULL, NULL);
insert into Role (ID, User, Name, RoleGroup, ValidFrom, ValidTo) values ("2", "1", "ESBAdmin", NULL, NULL, NULL);

insert into User (ID, Email, Password) values ('8', 'anonymous', @avato.user.anonymous.password);
insert into Role (ID, User, Name, RoleGroup) values ('80', '8', 'ESBUser', 'ESBUser');

INSERT INTO Organization
(
	ID
	, Name
	, ShortName
	, Website
	, Type
	, Industry
	, Employees
	, AssignedTo
	, Created
	, CreatedBy
	, Modified
	, ModifiedBy
)
VALUES
(
	@avato.org.id
	, @avato.org.name
	, @avato.org.shortname
	, @avato.org.website
	, 'Other'
	, 'Technology'
	, '12'
	, '1'
	, NOW()
	, '1'
	, NOW()
	, '1'
);

INSERT INTO EncryptionKey
(
	ID
	, OrganizationID
	, PrivateKey
	, PublicKey
	, Created
	, CreatedBy
	, Modified
	, ModifiedBy
)
VALUES
(
	'f587e8d8-ccce-4f36-96d2-0deef770a898'
	, @avato.org.id
	, @avato.security.encryption.key
	, NULL
	, NOW()
	, '1'
	, NOW()
	, '1'
);

# Add the Database Interface
INSERT INTO Interface
(
	ID
	, `Key`
	, ContextRoot
	, LoginURL
	, HealthLoginURL
	, HealthUserName
	, HealthPassword
	, SessionExpirySeconds
	, ServiceUserName
	, ServicePassword
	, OrganizationID
	, Created
	, CreatedBy
	, Modified
	, ModifiedBy
)
VALUES
(
	'92FC4AE2C0A80895158AF5378F6E52F8'
	, 'ca.worldwest.mobius.generic'
	, '*'
	, '/login'
	, NULL
	, NULL
	, NULL
	, '1600'
	, null
	, null
	, @avato.org.id
	, NOW()
	, '1'
	, NOW()
	, '1'
);

Create your custom database image in a Dockerfile inside your db folder, similar to the following:

FROM avato1/db

WORKDIR /docker-entrypoint-initdb.d
COPY sql/* ./

It's important that your SQL files start with "03-", and are numbered increasingly from there. SQL files beginning with 01- and -02 are reserved.

Then, build your customized version of the database with the following command:

docker build db/. -t my_avato_db

Running an Avato Cluster with Docker-Compose

The simplest Avato cluster has one database node and one application node.

To implement, create a docker-compose file in the root folder like the following (in YAML):

version: '3.5'
services:

  database:
	image: my_avato_db
	ports:
	 - 3308:3306
	environment:
	 - MYSQL_ROOT_PASSWORD=password
	 - MYSQL_DATABASE=esb
	 - MYSQL_USER=jboss
	 - MYSQL_PASSWORD=password
	networks:
		avato_network:
	volumes:
	 - my-db-data:/var/lib/mysql/data
	container_name: my_avato_db

  app:
	image: my_avato
	ports:
	- 8443:8443
	environment:
	 - AVATO_UPDATE_CORE_USERNAME=<YourAvatoUsername>
	 - AVATO_UPDATE_CORE_PASSWORD=<YourAvatoPassword>
	networks:
		avato_network:
	container_name: my_avato

networks:
  avato_network:
	ipam:
	  driver: default

volumes:
  my-db-data:
	driver: local

The database uses a named volume in our example. The database is initialized on first-run; subsequent runs do not execute the initialization SQL, and the data is persisted across container restarts.

Note the following:

  • the ports and container_name of the database container must reflect the <datasource>/<connection-url> specified in the properties.xml
  • the version of the Avato core to be utilized is specified in the properties/local/properties.xml. Thus, different version of the core may be pulled down into any container regardless of that image's version.
  • you must obtain an Avato username and password from https://mobius.worldwest.ca/ that will allow you to access the Avato core during build time. Only the bootstrap is shipped with the image.

Your Avato credentials are used to download the platform during container initialization, just prior to your customizations being added, which in turn occurs just prior to building the customized Avato integration platform at launch-time.

Use these credentials to allow access to the Avato core, as well as any custom properties or packages archives. The following environment variables can be set - those marked with an asterisk (*) are required.

  • AVATO_UPDATE_CORE_USERNAME*
  • AVATO_UPDATE_CORE_PASSWORD*
  • AVATO_UPDATE_PACKAGES_USERNAME
  • AVATO_UPDATE_PACKAGES_PASSWORD
  • AVATO_UPDATE_PROPERTIES_USERNAME
  • AVATO_UPDATE_PROPERTIES_PASSWORD

Avato will only attempt to download additional properties and packages if the <update><packages|properties>/<url> is set in properties.xml (i.e. the whole update/packages or update/properties sections are not commented out as they are by default).

When you are satisfied with your docker-compose.yaml file, launch the Avato cluster with the following command:

docker-compose up

Avato can now be accessed at https://localhost:8443/esb. The server can be stopped by typing ctrl-c.

Running Customized Avato Containers on Kubernetes

To run your customized Avato images on Kubernetes, create three YAML files similar to the following. Note these examples will pull the avato1/sample-app and avato1/sample-db images, replace these strings with the name of your own customized images in the following YAML files.

Secrets

Place your Avato account credentials in a YAML file as follows.

apiVersion: v1
kind: Secret
metadata:
  name: avato-customization1-secrets
type: Opaque
data:
  mysql-root-password: amJvc3M=
  jboss-db-user: amJvc3M=
  jboss-db-password: cGFzc3dvcmQ=
  avato-update-username: <Your Base64-encoded avato username>
  avato-update-password: <Your Base64-encoded avato password>

Create an account at https://mobius.worldwest.ca/esb/new-user/create-user to receive an avato username and password.

Database

Configure your Avato database and database service in a YAML file like the following.

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
	app: avato-customization1-db-depl
  name: avato-customization1-db-depl
  namespace: default
spec:
  replicas: 1
  selector:
	matchLabels:
	  app: avato-customization1-db-depl
  template:
	metadata:
	  labels:
		app: avato-customization1-db-depl
	spec:
	  containers:
	  - image: avato1/sample-db
		name: db
		ports:
		 - containerPort: 3306
		env:
		- name: MYSQL_ROOT_PASSWORD
		  valueFrom:
			secretKeyRef:
			  name: avato-customization1-secrets
			  key: mysql-root-password
		- name: MYSQL_DATABASE
		  value: esb
		- name: MYSQL_USER
		  valueFrom:
			secretKeyRef:
			  name: avato-customization1-secrets
			  key: jboss-db-user
		- name: MYSQL_PASSWORD
		  valueFrom:
			secretKeyRef:
			  name: avato-customization1-secrets
			  key: jboss-db-password
	  imagePullSecrets:
	  - name: regcred
---
apiVersion: v1
kind: Service
metadata:
  name: my-avato-db
spec:
  selector:
	app: avato-customization1-db-depl
  ports:
	- protocol: TCP
	  port: 3306
	  targetPort: 3306

Application

Configure your Avato application and external service in a YAML file like the following.

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
	app: avato-customization1-depl
  name: avato-customization1-depl
  namespace: default
spec:
  replicas: 1
  selector:
	matchLabels:
	  app: avato-customization1-depl
  template:
	metadata:
	  labels:
		app: avato-customization1-depl
	spec:
	  containers:
	  - image: avato1/sample-app
		name: app
		ports:
		 - containerPort: 8443
		env:
		- name: update.core.username
		  valueFrom:
			secretKeyRef:
			  name: avato-customization1-secrets
			  key: avato-update-username
		- name: update.core.password
		  valueFrom:
			secretKeyRef:
			  name: avato-customization1-secrets
			  key: avato-update-password
	  imagePullSecrets:
	  - name: regcred
---
apiVersion: v1
kind: Service
metadata:
  name: avato-service
spec:
  selector:
	app: avato-customization1-depl
  type: LoadBalancer
  ports:
	- protocol: TCP
	  port: 443
	  targetPort: 8443
	  nodePort: 30000
	  

Start the Avato cluster with the following commands:

kubectl apply -f avato-secrets.yaml
kubectl apply -f avato-db.yaml 
kubectl apply -f avato-app.yaml

Avato comes by default with a self-signed certificate with the subject alternative names (SAN) of "localhost" and "avato", along with the name you have provided for the application installation. If you are using Minikube, add the IP address served up for the external service to your hosts file as follows;

92.168.64.2 avato

Then, access Avato on your local machine as follows;

https://avato:30000/esb

This will ensure that the Avato SSL certificate is correctly utilized by your browser and the Avato application itself.

Docker Pull Command

docker pull avato1/app