Exposing IBM API Connect Developer Portal using custom hostname
When deploying API Connect with a Developer portal we need to specify the end point that end users must to connect. However, some deployments require a subset of the developer portal sites to be accessible from a different hostname.
First thing that we need to do is, duplicate the existing ingress router, and then customize the custom router using our own hostname.
Find the default portal-web ingress router that we need
oc get route -n cp4i[root@OCPBJBBASTIODC2 router]# oc get route -n cp4i | grep portal-web
NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD
apiconnect-e7a4c765-portal-web apiconnect-e7a4c765-portal-web-cp4i.apps.drc.ocp.bankabc.co.id apiconnect-e7a4c765-e7a4c765-www 4443 reencrypt/Redirect NoneFrom this router we found some important information, you need to pay attention to this
- Host : apiconnect-e7a4c765-portal-web-cp4i.apps.drc.ocp.bankabc.co.id
- Service : apiconnect-e7a4c765-e7a4c765-www
- Port : 4443
Extract original ingress router
To duplicate the router we need to extract the original ingress and then modify it. In this case we are targeting to duplicate “apiconnect-e7a4c765-portal-web”.
Make sure the name of original ingress router “apiconnect-e7a4c765-portal-web” and our new custom router “apiconnect-e7a4c765-portal-web-custom”.
The sample code below will extract the relevant parts of the original ingress. Open terminal, then paste code below. This script will generate one json file, you can change the name of file “ingressjson.json”.
cat > ingressjson.json <<EOF
{
"apiVersion": "route.openshift.io/v1",
"kind": "Route",
"metadata": {
"name": "apiconnect-e7a4c765-portal-web-custom",
"namespace": "cp4i"
}, "spec":
EOF
oc get route apiconnect-e7a4c765-portal-web -ojson | jq ".spec" >> ingressjson.json
cat >>ingressjson.json <<EOF
}
EOFIf you cat the ingressjson.json the file will be look likes this.
[root@OCPBJBBASTIODC2 router]# cat ingressjson.json
{
"apiVersion": "route.openshift.io/v1",
"kind": "Route",
"metadata": {
"name": "apiconnect-e7a4c765-portal-web",
"namespace": "cp4i"
}, "spec":
{
"host": "apiconnect-e7a4c765-portal-web-cp4i.apps.drc.ocp.bankabc.co.id",
"port": {
"targetPort": 4443
},
"tls": {
"caCertificate": "-----BEGIN CERTIFICATE-----\...\-----END CERTIFICATE-----\n",
"certificate": "-----BEGIN CERTIFICATE-----\...\-----END CERTIFICATE-----\n",
"destinationCACertificate": "-----BEGIN CERTIFICATE-----\...\-----END CERTIFICATE-----\n",
"insecureEdgeTerminationPolicy": "Redirect",
"key": "-----BEGIN RSA PRIVATE KEY-----\...\-----END RSA PRIVATE KEY-----\n",
"termination": "reencrypt"
},
"to": {
"kind": "Service",
"name": "apiconnect-e7a4c765-e7a4c765-www",
"weight": 100
},
"wildcardPolicy": "None"
}
}Then edit the json file that has been extracted, update the following values :
- metadata.name = apiconnect-e7a4c765-portal-web-custom
- metadata.namespace = cp4i
- spec.host = custom.bankabc.co.id
Then apply the ingress json
Now we can apply the ingress json, this json will create new router with name “apiconnect-e7a4c765-portal-web-custom”
{
"apiVersion": "route.openshift.io/v1",
"kind": "Route",
"metadata": {
"name": "apiconnect-e7a4c765-portal-web-custom",
"namespace": "cp4i"
}, "spec":
{
"host": "custom.bankabc.co.id",
"port": {
"targetPort": 4443
},
"tls": {
"caCertificate": "-----BEGIN CERTIFICATE-----\...\-----END CERTIFICATE-----\n",
"certificate": "-----BEGIN CERTIFICATE-----\...\-----END CERTIFICATE-----\n",
"destinationCACertificate": "-----BEGIN CERTIFICATE-----\...\-----END CERTIFICATE-----\n",
"insecureEdgeTerminationPolicy": "Redirect",
"key": "-----BEGIN RSA PRIVATE KEY-----\...\-----END RSA PRIVATE KEY-----\n",
"termination": "reencrypt"
},
"to": {
"kind": "Service",
"name": "apiconnect-e7a4c765-e7a4c765-www",
"weight": 100
},
"wildcardPolicy": "None"
}
}[root@OCPBASTION router]# oc apply -f ingressjson.json
route.route.openshift.io/apiconnect-e7a4c765-portal-web-custom created[root@OCPBJBBASTIODC2 router]# oc get route -n cp4i | grep portal-web
NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD
apiconnect-e7a4c765-portal-web apiconnect-e7a4c765-portal-web-cp4i.apps.drc.ocp.bankbjb.co.id apiconnect-e7a4c765-e7a4c765-www 4443 reencrypt/Redirect None
apiconnect-e7a4c765-portal-web-custom custom.bankbjb.co.id apiconnect-e7a4c765-e7a4c765-www 4443 reencrypt/Redirect NoneMakesure your custom ingress router is work
To make sure our own router is work, we need to compare result of the default router, with our own ingress router. Those two router should be generate the same result. Simply just open those two url.
Open the router location
Default : apiconnect-e7a4c765-portal-web-cp4i.apps.drc.ocp.bankabc.co.id
Custom : custom.bankabc.co.id
Change the IBM API Connect Portal URL
From this
To this
Or you can only using the https://custom.bankabc.co.id/ without path url /bank- abc/production this approach is supported by IBM APIC.
Then wait the process is done
Now access the developer portal
Now we can access our developer portal using our custom hostname.
https://custom.bankabc.co.id/bank-abc/production
