Simplifying the Management of the IBM WebSphere DataPower Appliance Environment
IBM Redbooks Solution Guide
Published 19 March 2013, updated 20 March 2013
Authors: Deb Landon, Ashley Earl, Fernando Ewald, Dr. Chris Poole, Pablo Sanchez
IBM® WebSphere® Appliance Management Center for WebSphere Appliances simplifies the management and monitoring of environments that consist of multiple IBM WebSphere DataPower® Appliances. WebSphere Appliance Management Center for WebSphere Appliances is a web-based application that provides centralized multi-appliance administration to support daily WebSphere DataPower Appliance operation. It includes the following functions:
- Centralized firmware management
- Disaster recovery
- Domain and service configuration
- Configuration lifecycle deployment
- Monitoring multiple WebSphere DataPower Appliances, collecting key metrics, and presenting them in a central location
This IBM Redbooks® solution guide describes how WebSphere Appliance Management Center can help system administrators to efficiently manage their WebSphere DataPower Appliance environment.
IBM® WebSphere® Appliance Management Center for WebSphere Appliances is a no-charge, downloadable offering that simplifies the management and monitoring of environments that have multiple IBM WebSphere DataPower® SOA appliances. The management component of WebSphere Appliance Management Center is a web application that provides multibox operational management for WebSphere DataPower Appliances. By using the management component, system administrators can easily and quickly perform WebSphere DataPower Appliance administration tasks, which include the following tasks:
- Managing firmware across multiple WebSphere DataPower Appliances
- Performing backup and restore operations
- Managing domain and service configuration
WebSphere Appliance Management Center also includes IBM Tivoli® Composite Application Manager (ITCAM) Agent for WebSphere DataPower Appliances, which can be used to monitor multiple WebSphere DataPower Appliances, to collect key metrics, and to present them in a central location. Figure 1 shows the graphical user interface for WebSphere Application Management Center.
Figure 1. WebSphere Appliance Management Center graphical user interface
Did you know?
WebSphere Appliance Management Center saves system administrators time by streamlining often repeated tasks so that they can focus on developing their environment instead of maintaining it.
WebSphere Appliance Management Center helps to simplify the management of a WebSphere DataPower Appliance infrastructure by introducing a centralized point of administration. This way, system administrators can handle most common administrative tasks, including the following tasks:
- Quick overview of status at the appliance, application domain, and service level
- Disaster recovery by using secure backup and restore
- Firmware management, which allows for firmware operations on multiple WebSphere DataPower Appliances in a single action
- Management of traffic processing with quiesce and unquiesce operations at the appliance, application domain, and service level
- The ability to create, update, and delete application domains across multiple appliances
- The ability to create, update, and delete services on application domains
- The ability to upload a file to a domain
- The ability to restart appliances and restart application domains
WebSphere Appliance Management Center also provides real-time monitoring of the health and usage of WebSphere DataPower Appliances. System administrators can target their activities and proactively make changes to their environment in response to usage patterns. The reports and charts that are presented by WebSphere Appliance Management Center can help you to better target spending on new hardware based on these usage patterns. If your company has multiple departments that use the same WebSphere DataPower Appliance, the monitoring reports can help to split the charges from this equipment according to usage to allow for better accounting of costs.
WebSphere Appliance Management Center consists of two components:
- Management component
Often referred to as WebSphere Appliance Management Center, with the management component, WebSphere DataPower Appliances can be administered from a single, web browser-based GUI.
- Monitoring component
Tivoli Enterprise Monitoring Server, Tivoli Enterprise Portal Server, and the ITCAM Agent for WebSphere DataPower Appliances make up the monitoring component of WebSphere Appliance Management Center.
The management component is installed on a server machine that becomes the host for a web application. Users of WebSphere Appliance Management Center connect to the web application by using one of the supported web browsers from their client machine. The server communicates directly with multiple WebSphere DataPower Appliances by using the XML management interface of the appliances. WebSphere DataPower XC10 Appliances are managed through their management console by using an SSH connection.
The management component allows for multiple WebSphere DataPower Appliances to be managed. WebSphere DataPower Appliances are added to WebSphere Appliance Management Center so that a user can see the properties and status for each appliance. An administrator can drill down into a WebSphere DataPower Appliance and see a view of all of the application domains on that appliance. For WebSphere DataPower Appliances that run with firmware versions of 18.104.22.168 or later, it is possible to drill down further and see the services that are part of an application domain.
Figure 2 shows an overview of the management component.
Figure 2. Management component that shows the WebSphere DataPower Appliances, domains, and services
The monitoring component of WebSphere Appliance Management Center monitors the behavior and status of WebSphere DataPower Appliances, provides useful performance metrics, and can be helpful when you are diagnosing a problem. It can display such information as HTTP transaction rate, processor usage, and system load. Included in the monitoring component is IBM Tivoli Monitoring and ITCAM Agent for WebSphere DataPower Appliances. IBM Tivoli Monitoring consists of Tivoli Enterprise Monitoring Server and Tivoli Enterprise Portal Server.
One or more WebSphere DataPower Appliances can be monitored by an instance of the ITCAM Agent, which polls the WebSphere DataPower Appliance and forwards the data to a Tivoli Enterprise Monitoring Server host. The Tivoli Enterprise Portal Server then pulls data from Tivoli Enterprise Monitoring Server. The ITCAM agent uses SOAP Configuration Management (SOMA) or syslog to monitor most WebSphere DataPower Appliances. The exception is the WebSphere DataPower XC10 Appliance, for which it uses Simple Network Monitoring Protocol (SNMP).
Figure 3 shows the complete architecture of a WebSphere Appliance Management Center deployment.
Figure 3. WebSphere Appliance Management Center system architecture
A fictional telecommunications company, Redbooks Telecoms, recently purchased more WebSphere DataPower Appliances. The company wants to streamline the management of these WebSphere DataPower Appliances by reducing the amount of time that is spent on administrative tasks.
Redbooks Telecoms owns the following WebSphere DataPower Appliances:
- itso-xi52: WebSphere DataPower XI52 Appliance that operates as the production server for a web service proxy and an XML firewall service.
- itso-xi52-a: WebSphere DataPower XI52 Appliance that operates as the development server for the development team. This appliance is used to create services when new applications are developed.
- itso-xi52-b: WebSphere DataPower XI52 Appliance that operates as the test server for the quality assurance and test teams. This WebSphere DataPower Appliance is used to test the newly created services so that they can be confirmed as working correctly before they are moved into the production environment.
After installing WebSphere Appliance Management Center, including the management and monitoring components, the system administrator adds the three WebSphere DataPower Appliances to the management component of WebSphere Appliance Management Center. The system administrator starts a web browser and browses to the URL of the WebSphere Appliance Management Center server. The system administrator uses the add appliance function to add WebSphere DataPower Appliances to WebSphere Appliance Management Center. The system administrator can quickly add the company's three WebSphere DataPower XI52 Appliances to WebSphere Appliance Management Center.
Figure 1 shows the three WebSphere DataPower Appliances in the Appliances grid. The itso-xi52 WebSphere DataPower Appliance is selected, and the Properties area on the right side of the window shows the properties of this appliance.
The system administrator then decides to ensure that the current configuration of the three WebSphere DataPower Appliances can be restored, which is a best practice before modifying the configuration of an appliance. By using WebSphere Appliance Management Center, the system administrator takes a secure backup of each WebSphere DataPower Appliance. These backups are stored in a central, secure, regularly backed up location as defined by Redbooks Telecoms standard operating procedures. The backup destination can also be set as an FTP server if backups are to be stored remotely.
Figure 4 shows the Backup Appliance window on which the system administrator defines where to save the backup.
Figure 4. Selecting the destination location for a backup
If problems occur that lead to a situation where the WebSphere DataPower Appliance configuration needs to be restored, the system administrator can use the secure restore function that is provided.
The Redbooks Telecoms development team is starting development of a new web application. The team intends to use the WebSphere DataPower XI52 Appliance to host an XML firewall service. Before the team starts developing, it ensures that the WebSphere DataPower Appliance that it develops on is running the latest available firmware version. The system administrator downloads the latest WebSphere DataPower XI52 Appliance firmware from the IBM Support Fix Central site and saves the firmware image to a local file system. The firmware image is added to WebSphere Appliance Management Center by using the Repository tab.
Figure 5 shows the Repository tab and the firmware image that the system administrator added to the repository.
Figure 5. Repository tab that shows a firmware image for a WebSphere DataPower XI52 Appliance
The system administrator can now use the uploaded firmware image to upgrade the WebSphere DataPower XI52 Appliances. From the Appliance tab, the system administrator selects the WebSphere DataPower Appliances to upgrade. The system administrator can select and then upgrade multiple WebSphere DataPower Appliances at the same time.
For this scenario, only the development WebSphere DataPower Appliance is upgraded. The test and production WebSphere DataPower Appliances need to be scheduled for upgrading later. The system administrator selects the development appliance, itso-xi52-a, and chooses to deploy firmware to the appliance.
Figure 6 shows the Deploy Firmware window.
Figure 6. Deploying a firmware upgrade to a WebSphere DataPower XI52 Appliance
With the development WebSphere DataPower Appliance now at the correct firmware version, the developers begin writing their web application. They create an application domain on the itso-xi52-a appliance and create an XML firewall service within this domain by using the WebSphere DataPower Appliance GUI.
After the development activities are complete, the developers create an export of their domain configuration and send the export archive file to the test team. The test team requires the domain configuration to be deployed to an application domain on the WebSphere DataPower Appliance, itso-xi52-b. A user with the solution deployer role in WebSphere Appliance Management Center takes the domain configuration export and uses the Create Domain or Update Domain function to import the configuration into the test environment.
Figure 7 shows the Create Domain process where the domain configuration export is selected.
Figure 7. Creating a domain from a domain configuration export that is stored locally
After the domain is created, the solution deployer can drill down from the WebSphere DataPower Appliance to see a list of domains on the appliance. The solution deployer can then stop and start traffic that is flowing through the domain by using the quiesce and unquiesce functions. In addition, the solution deployer can restart the domain, update the configuration with new configuration from another export, and upload files to the domain.
It is possible to drill down further from the domain to see a view of the services that are deployed in the domain. The solution deployer can also manage these services and update their configuration. Service-level management allows the Redbooks Telecoms team to choose to handle configuration deployment at a more refined level than the domain level and to limit the impact to production services of configuration updates.
Figure 8 shows the view of services on a WebSphere DataPower Appliance in WebSphere Appliance Management Center.
Figure 8. Viewing services on a WebSphere DataPower Appliance
After a period of testing, the web application and the XML firewall service are promoted to the production environment and enter general use. To effectively monitor the flow of traffic through the production WebSphere DataPower Appliance, the domains on the appliance, and down to the service level, Redbooks Telecoms uses the monitoring component of WebSphere Appliance Management Center.
By using IBM Tivoli Monitoring, the system administrators can view usage statistics and system load information for their WebSphere DataPower Appliances and services.
Figure 9 shows a workspace in the Tivoli Enterprise Portal Server web browser client.
Figure 9. Monitoring WebSphere DataPower Appliances with WebSphere Appliance Management Center
The following operating systems and platforms are supported by WebSphere Appliance Management Center:
- IBM AIX®
- AIX 6.1 (64-bit)
- AIX 7.1 (64-bit)
- Microsoft Windows
- Windows Server 2008 Standard Edition (64-bit)
- Windows Server 2008 Enterprise Edition (64-bit)
- Windows Server 2008 DataCenter Edition (64-bit)
- Windows Server 2008 Standard Edition R2 (64-bit)
- Windows Server 2008 Enterprise Edition R2 (64-bit)
- Windows Server 2008 DataCenter Edition R2 (64-bit)
Exception: Installation of IBM Tivoli Monitoring is not supported on Microsoft Windows Server 2008 DataCenter Edition and Microsoft Windows Server 2008 DataCenter Edition R2.
- SUSE Enterprise Linux (SLES)
- SLES 10.0 for IBM System z® 64-bit
- SLES 10.0 for Intel
- SLES 11.0 for System z 64-bit
- SLES 11.0 for Intel
- Red Hat Enterprise Linux (RHEL)
- RHEL Advanced Platform 5.0 for System z 64-bit
- RHEL Advanced Platform 5.0 for Intel
- RHEL Advanced Platform 6.0 for System z 64-bit
- RHEL Advanced Platform 6.0 for Intel
The following web browsers are supported for use with WebSphere Appliance Management Center:
- Mozilla Firefox 3.6
- Mozilla Firefox 10 Extended Support Release (ESR)
- Internet Explorer 8
- Internet Explorer 9
WebSphere Appliance Management Center supports management of the following WebSphere DataPower Appliances:
- WebSphere DataPower Appliances at firmware version 3.8.0 or later:
- IBM WebSphere DataPower XML Accelerator XA35 (9235 model only)
- IBM WebSphere DataPower XML Security Gateway XS40 (9235 model only)
- IBM WebSphere DataPower Integration Appliance XI50 (9235 model only)
- IBM WebSphere DataPower Integration Blade XI50B
- IBM WebSphere DataPower Integration Appliance XI50 for zEnterprise®
- IBM WebSphere DataPower B2B Appliance XB60
- IBM WebSphere DataPower Low Latency Appliance XM70
- IBM WebSphere DataPower Service Gateway XG45
- IBM WebSphere DataPower Integration Appliance XI52
- IBM WebSphere DataPower B2B Appliance XB62
- WebSphere DataPower Appliances at firmware version 1.0 or later:
- IBM WebSphere DataPower Edge Appliance XE82
- WebSphere DataPower Appliances at firmware version 22.214.171.124 or later:
- IBM WebSphere DataPower XC10 Appliance
WebSphere Appliance Management Center for WebSphere Appliances is a supported offering and carries program defect service. For information about conditions of support, including how to request support, see the download website. You can download the latest version of WebSphere Appliance Management Center for WebSphere Appliances free of charge from the following website:
For more information about WebSphere Appliance Management Center, see the following websites:
- IBM Offering Information page (to search on announcement letters, sales manuals, or both):
On this page, enter WebSphere Appliance Management Center, select the information type, and then click Search. On the next page, narrow your search results by geography and language.
- IBM WebSphere Appliance Management Center for WebSphere Appliances home page
- IBM WebSphere Appliance Management Center for WebSphere Appliances Information Center
- WebSphere Appliance Management Center for WebSphere Appliances download site
For more information about IBM WebSphere DataPower Appliances, see the following IBM Redbooks® and IBM Redpaper™ publications:
- DataPower Architectural Design Patterns: Integrating and Securing Services Across Domains, SG24-7620
- DataPower SOA Appliance Administration, Deployment, and Best Practices, SG24-7901
- DataPower SOA Appliance Service Planning, Implementation, and Best Practices, SG24-7943
- IBM WebSphere DataPower SOA Appliances Part I: Overview and Getting Started, REDP-4327
- IBM WebSphere DataPower SOA Appliances Part IV: Management and Governance, REDP-4366
Others who read this publication also read
This material has not been submitted to any formal IBM test and is published AS IS. It has not been the subject of rigorous review. IBM assumes no responsibility for its accuracy or completeness. The use of this information or the implementation of any of these techniques is a client responsibility and depends upon the client's ability to evaluate and integrate them into the client's operational environment.
Follow IBM Redbooks
Follow IBM Redbooks