graphman bundles work for me. I will use graphman bundles.
Original Message:
Sent: Feb 21, 2025 03:04 AM
From: Mesut Yalcin
Subject: How to use a bundle to bootstrap a Layer7 Ephemeral Gateway in Container?
Hello,
I have a similar thing running in my demo environment. I have the following section in the values.yaml file.
existingBundle:
enabled: true
configMaps:
- name: service-echo
- name: service-tests
- name: oidc-demo
- name: service-favicon
I use kustomize to create configMaps, kustomization.yaml contains the following content.
generatorOptions:
disableNameSuffixHash: true
configMapGenerator:
- name: service-echo
files:
- bundles/service-echo.bundle
- name: service-tests
files:
- bundles/service-tests.bundle
- name: oidc-demo
files:
- bundles/oidc-demo.bundle
- name: service-favicon
files:
- bundles/service-favicon.bundle
- name: oidc-demo-otk-customizations
files:
- bundles/oidc-demo-otk-customizations.bundle
secretGenerator:
- name: ssg-license
files:
- "license"
As you can image *.bundle files are XML content generated by restman.
------------------------------
Mesut Yalcin
Senior Solution Architect
MAXXYS AG - http://www.maxxys.de
Original Message:
Sent: Feb 19, 2025 04:32 PM
From: Wei18001249
Subject: How to use a bundle to bootstrap a Layer7 Ephemeral Gateway in Container?
I created a Layer7 Ephemeral Gateway in Container like this
1. In the values.yaml file, updated the database properties with the following values:
database:
enabled: false
create: false
2. I enabled restman and graphman in values.yaml
management:
enabled: true
# Enable Restman, if DBbacked this setting will persist until manually deleted via Policy Manager.
restman:
enabled: true
# Enable Graphman (placeholder)
graphman:
enabled: true
3. I ran the helm installation, I got a empty Ephemeral Gateway up and running
4. I created a configmap using my bundle
kubectl create configmap mycontainer-allbundle --from-file ./restman-bundle.xml
This bundle was created using restman API
curl -o restman-bundle.xml -k -H "Authorization: Basic xxxxxxx" https://layer7v11-pocpm.xxx.com/restman/1.0/bundle?all=true
5. Then I updated the values.yaml file in this section
# Bundles that contain sensitive information can be mounted using the Kubernetes CSI Driver
existingBundle:
enabled: true
configMaps:
- name: mycontainer-allbundle
configMap:
defaultMode: 420
optional: false
name: mycontainer-allbundle
6. I ran the helm update and the new POD was started and old one was deleted. But It was seemed that mycontainer-allbundle was not loaded because I didn't see any changes in Layer7 Policy at all. I logged into the new POD and saw the mycontainer-allbundle was in the folder
/opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle
sh-5.1$ ls -l
total 8
-rw-r--r--. 1 gateway_runner gateway 1509 Feb 19 01:07 001_update_admin_user.xml.req.bundle
-rw-r--r--. 1 gateway_runner gateway 987 Feb 19 01:07 010_update_cluster_host.xml.req.bundle
drwxrwxrwx. 3 root root 77 Feb 19 01:07 cwp
drwxrwxrwx. 3 root root 84 Feb 19 01:07 listenports
drwxrwxrwx. 3 root root 86 Feb 19 01:07 mycontainer-allbundle
sh-5.1$ cd mycontainer-allbundle/
sh-5.1$ ls -l
total 0
lrwxrwxrwx. 1 root root 25 Feb 19 01:07 restman-bundle.xml -> ..data/restman-bundle.xml
sh-5.1$
The content of restman-bundle.xml is what I loaded
Did I miss any step on using a bundle to bootstrap a Layer7 Ephemeral Gateway in Container?