Teaching How to use Nginx to frontend your backend services with Trusted CA certificates on HTTPS

Now days with the adoption of Serverless architectures, microservices are becoming a great way to breakdown problem into smaller pieces. One situation that is common to find, is multiple backend services running on technologies like NodeJS, Python, Go, etc. that need to be accessible via HTTPS. It is possible to enable these internal microservices directly with SSL over HTTPS, but a cleaner approach is to use a reverse proxy that front ends these microservices and provides a single HTTPS access channel, allowing a simple internal routing.

In this blog, I am showing how simple it is to create this front end with Nginx and leveraging “Let’s encrypt” to generate trusted certificates attached to it, with strong security policies, so that our website can score an A+ on cryptographic SSL tests conducted by third party organizations.

Continue reading “Teaching How to use Nginx to frontend your backend services with Trusted CA certificates on HTTPS”

Advertisement

Teaching How to Use Alexa to Take Off your Drone using NodeJS

Recently I was in Auckland, New Zealand running an Integration in Action workshop and I used Alexa to trigger some of my APIs, including some NodeJS APIs that I built to take off a drone. Some people found this interesting and asked me to write this blog to explain in detail how it works… So, here it is, I hope you find it useful.

There are multiple ways in which you can make Alexa to call your own APIs. Perhaps the most versatile way is by adding a new skill (see: blog 1, 2). However I found an even easier way to do so, and in order to achieve the MVP approach I have been attempting to practice in my day-to-day life, I took this simpler option, which is simulating a Phillips Hue HA bridge. By doing  so, Alexa detects a new Home Automation (HA) device in “her” network range and accepts voice commands to easily “turn it on” or “turn it off” which you can then leverage to call your own APIs.

Continue reading “Teaching How to Use Alexa to Take Off your Drone using NodeJS”

Teaching how to integrate Salesforce and Sales Cloud with Oracle Integration Cloud Service

In this blog, I am going to show you how to integrate Salesforce and Sales Cloud with Oracle Integration Cloud Service (ICS). I am going to cover in detail how to configure ICS to subscribe for events to Salesforce and synchronise both SaaS applications without having to poll any of the endpoints. Salesforce is going to notify ICS when a specific event occurs, such as when Contacts who belong to a specific Account are added or edited.

This blog is a sequel of a previous blog, where I explain how to integrate Sales Cloud using ICS. If you haven’t reviewed it yet, I invite you to do so. Here is the link

Since this guide extends the Sales Cloud integration blog, I assume that you have created a simple CRUD set of REST APIs that interact with Sales Cloud Contacts. We will simply reuse these REST APIs to integrate into Sales Cloud. However, instead of the REST enabled API to CRUD Contacts into Sales Cloud, we could have decided to use an ICS “Invoke-based” Sales Cloud connector and achieve the same.

Continue reading “Teaching how to integrate Salesforce and Sales Cloud with Oracle Integration Cloud Service”

Teaching how to DevOps automate the provisioning of external APIs using Oracle API Platform and Developer Cloud Service

Modern Integrations require touching lots of different APIs coming from multiple “systems”. These “systems” can be big enterprise backend applications, such as: E-Business Suite, SAP, JDE, Siebel, etc. As well as modern SaaS Applications, such as: Service Cloud, ERP Cloud, Salesforce, Netsuite, Workday, etc. These “systems” can also be other smaller or custom applications running either on premise or in the cloud exposing either SOAP or REST services.

Rarely any of these “systems” can provide solid abilities to remotely expose APIs in a way that are tailored for a specific business case. Commonly, to achieve this, we need a separate integration layer that orchestrates APIs from multiple “systems” and easily obtain the desired business outcome, in a way that they are also reusable APIs to be utilise in other business scenarios. Furthermore, in order to properly apply security measures and effectively protect these APIs and safely expose them to external consumers (potentially in the public Internet), normally we need to use an API Gateway (see this blog to learn how).

Also, in previous blogs, John Graves showed us how to automate the creation and deployment of existing “internal Integration APIs” and expose them as secured external APIs using Oracle API Platform. (See ICS to API Platform and Oracle Service Bus to API Platform).

If we take the same automation concept, we can then apply it in a DevOps scenario, where we want to achieve the following:

Continue reading “Teaching how to DevOps automate the provisioning of external APIs using Oracle API Platform and Developer Cloud Service”

Building a Smart Contract with Oracle Blockchain Cloud Service @ #WinterHack2018

Last weekend, I was at the Code Network Winter Hackathon event in Brisbane – https://codenetwork.co/winter-hackathon-2018/. I was there as a sponsor, workshop presenter, mentor and just a general supporter. As such there was some down-time between different activities. So, what a great time to sit down and work on something that I have no idea about (technically) – #Blockchain and Hyperledger. So, as a normal person does – I went searching for relevant content to help. Here’s a couple of the searches that I did.

Unfortunately, through many different searches and reading lots of things it became apparent that I didn’t know much and there was lots to learn. There seemed to a massive amount information that looked great. There was content that talked about what a Blockchain is. There was content that talked about the business use cases and examples of why you use a Blockchain technology. There was code that built a Blockchain. I found plenty smart contract examples on github. I learnt more about what I needed to know but it didn’t get me to the place that I wanted to be.

So – how do I develop and play with a Smart Contract?

The main learning for me through this process was the fact that my literacy around Blockchain was not very good. And as hard as I tried, “my search as only as good as my question”. Here’s my attempt of simplifying the landscape so as a developer, you can get started with the valuable bit of blockchain – ie building apps.

For the purposes of the Winter Hackathon, I was inspired by 3 relevant occurences – the Coles promotion called My Little Shopper – https://shop.coles.com.au/a/a-national/promo/little-shop-online (it’s amazing what people and parents would do); Tixel which is a safe and legit way to buy and sell tickets – https://tixel.com.au/Queensland (recently finished their tour of the CEA’s Collider accelerator program for creative tech); and CargoSmart which simplifies the global shipping industry to improve planning and on-time deliveries https://www.cargosmart.com/en/default.htm (and recently working with us on their Blockchain implementation).

WRITING YOUR SMART CONTRACT

When first looking into the implementation and specifically for HyperLedger, it felt like a Smart Contract was this mythical being that protected all intruders and evil spirits from tampering with the legendary Ledger. Oh was I mistaken.

Hey. I see what you truly are. You’re just a Data Access Object with some validation, integrity and
transformation logic with three types of bitbucket calls – GetState, PutState and wait for it …
DeleteState (which doesn’t delete it but only removes the lookup but keeps the transaction history).

With the mystical aura removed and a few different patterns emerging, it has become pretty simple. Here’s a few snapshots of what makes up the Smart Contract. Oh … most implementations are based upon Go. Some other implementations are now in NodeJS.

This is the start of the source file. The main imports are the Fabric Shim and Peer that relate to the Fabric Go SDK. The other imports are more about data manipulation.

This is the main structure of the state being managed. The json reference is a mapping to the attribute as described in JSON.

The index string is used as a key into data that is stored in the ledger.

This is the main function that is called by the exposed REST API. The payload itself has references to the chaincode (the Smart Contract implementation) as well as the function to execute and the arguments to pass to the function.

The references to t.read(), t.delete() or t.write()function calls are to delegate functions that implement the underlying GetState, PutState and DelState calls.

This is an example of a GetState call. Notice that data comes back as a byte array.

There are shim.Error() and shim.Success() functions to return failure and success states.

This is an example of a PutState call. Notice that data comes back as a byte array.

This is an example of a DelState call.
(Not much to it)

Once I wrote the basic CRUD Chaincode, then it needed to be packaged for Oracle Autonomous Blockchain Cloud Service which was my target platform for the purposes of what I was doing at the hackathon. It is quite easy. Zip up the one .go file. And now it was ready for me to install and instantiate on the Blockchain Cloud Service.

GETTING IT TO RUN

With the fun bit over, I needed to create the network that the chaincode would be installed and instantiated. There can 3 main steps:

  1. Create the network (ie. the environment in which the code is run) and organisations (ie. the participants of the interaction)
  2. Configure the network (ie. exchange keys and configuration)
  3. Deploy the chaincode and Run the chaincode via a REST API

Before I started provisioning this service, I went through a fair number blogs, articles, youtube clips and stack overflow questions about how to configure up the Blockchain infrastructure. There were a million and one ways to do it. All of them were detailed and more than what I wanted to do. So, I got an instance of Oracle Autonomous Blockchain Cloud Service and started working on it. The following sections will guide through this process.

1. Creating the Network and Organisations

For this example, I created one network and two organisations. That’s the first thing that I did. What happens is that the different blockchain services are provisioned for the network and organisations. In the default configuration, there’s a Blockchain Management console started to manage the network and organisations. This in default scenarios is deployed on port 3000 so go to http://<host&gt;:3000.

I create one network and two participant organisations each with their own REST Proxy and Console.
Specifically for the network configuration, there is an additional port for the Orderer.

The result of this was the network and organisations are created and are started.

2. Configuring the Network

With the network and organisations operational, the next step is to configure the network and associate the different participating organisations. What this means is that there is configuration and keys that are shared between these entities.

a) Export Orderer Settings

We’ll click on the link for the network (and in this case it’s Coles) and this opens a new console for managing the Blockchain network. Under the Network tab, the different organisations exist. The Orderer settings are extracted to be shared with the participant organisations. This process downloads a JSON file with some configuration.

b) Participants Joining the Network

Going back to the http://<host&gt;:3000 console, we’ll click on the link for managing a Blockchain organisation (and this is repeated for each organisation). Each participant organisation requires to export a set of certificates and import the network Orderer settings. Once completing the import process, we are operational.

Here’s a screenshot of the workflow to export the certificates which exports a JSON file and import the Orderer settings.

Once everything is complete, we can either go back to the network configuration (ie Blockchain Network console)
or repeat the process for another participant organisation.

Here’s a screenshot of the existing Orderer network configuration as shown in the Blockchain Network console.

By adding organisations to the network, we upload the JSON files exported from the participating organisations
(using the Blockchain Organisation consoles). In this scenario, we have two different organisations Jones and Smith.

Here’s a screenshot of the existing Orderer network configuration with the newly imported participant organisations.


This is another view of the relationship between the organisations and the network. We are now ready to deploy the chaincode.

3. Deploy the Chaincode

We are now just moments away from the true task we wanted to get it – running the chaincode. With the zip file of our Go code, we can install and instantiate it to be exposed through the REST API of the network.

We navigate to the Chaincode tab in the Blockchain Network console. This is where we see the different chaincodes deployed including different versions.

There are a couple of different ways to deploy – Quick and Advanced. I’ve just chosen Quick Deploy to keep the process simple.

The configuration that is required to deploy a chaincode includes: version, which peers to install and instantiate,
uploading the zip file and adding endorsement policies which leads to signing of different transactions.

With a few seconds (less than minutes), the chaincode is deployed to the network.
The next part to this is to run it. To save time, I’ve used postman to execute the REST APIs.

Here we go. The chaincode is deployed and operational. The REST API resources and formats are available here –
https://docs.oracle.com/en/cloud/paas/blockchain-cloud/rest-api/rest-endpoints.html

Having a look at the Blockchain Network console and under the Channels tab, I can look at the state of the ledger and other statistics.

We are now done. We’ve built the chaincode (ala the Smart Contract), we’ve spent a little time
configuring the network and organisations that participated in the network
and then we deployed the chaincode (as a zip file) and ran it.

If you want to try this out yourself, you can get trial from https://cloud.oracle.com/tryit and provision an Autonomous Blockchain Cloud Service for yourself.

At the end, as I was looking for search results for this article, I found exactly what I was wanting to find (within seconds) “Blockchain chaincode examples”. Here’s a couple of references that I have found to be useful and simple to get your head around without delving into the depths of the Blockchain infrastructure:

First Experience Provisioning SOACS – Integration Analytics

Oracle introduced the Real Time Integration Business Insight product as part of its Integration offering in 2016. For a 2 minute overview check out Insight Overview Video .

The good news is that this capability is now available in the Oracle Public Cloud as part of the SOA Cloud Service and can be provisioned using the Integration Analytics Cluster service type.

In this blog I plan to do the following;

  • Briefly introduce Integration Analytics and Real Time Integration Business Insight (Insight)
  • Walk through the Provisioning Steps
  • Walk through the Post Provisioning Steps

In a related blog post I will cover how to interact with the Integration Analytics capability via REST.

Continue reading “First Experience Provisioning SOACS – Integration Analytics”

Teaching how to secure access to on-premise Applications with Oracle API Platform

In this blog, I am going to show you how to use the API gateway from the Oracle API Platform, to secure the access to backend Applications. These internal applications might already be exposing REST APIs, but given these are internal APIs, being exposed by backend applications themselves, we simply don’t want to directly expose them into the public Internet.

There are many reasons for this, for example, the backend application might not have the right ability to fully secure its APIs for external use, nor to have the right ability to control access authorisation, throttle requests, apply different policies, validate custom headers, apply API-KEYs, run analytics, etc. Normally only an API Gateway can do all these different things.

I can think of the 3 most common ways to securely get access to backend applications behind a corporate firewall.

  1. Using secured APIs exposed externally
  2. Connecting through a secured VPN tunnel
  3. Using a messaging pattern, like with the Oracle Integration Cloud Service Agents deployed locally and then gathering access externally via Integration Cloud Service console or APIs

In this blog, we are going to explore option number 1.

Continue reading “Teaching how to secure access to on-premise Applications with Oracle API Platform”

Teaching how to use Bitnami to deploy any Image into Oracle Public Cloud

Recently, I was challenged at work, to make my drone take off, using a simple voice command via “Alexa”. Given this challenge came from my boss, I decided to happily accept it. I ended up writing some simple NodeJS code that interfaces with my drone and used a series of new Echo skills and a Home Assistant bridge to easily command my drone to take off and follow simple orders, something like “Alexa, please take off my drone and make it back flip twice“.

After some hours and many coffees, I got to the point that I was done and ready to show my working demo. However, I needed to take my NodeJS code and put it somewhere in the cloud to run it. I had a few options, like deploying my code into Oracle Application Container Cloud Service, which runs NodeJS natively over docker containers, but given that I have done this in the past and I was in an “adventurous mode”, I decided to try something new.

I wondered how simple would it be to use Bitnami to spin up a new NodeJS VM in Oracle Public Cloud… Well, I was amazed how pleasant the experience was, so I decided to capture this excitement in a quick blog for you to try as well.

Continue reading “Teaching how to use Bitnami to deploy any Image into Oracle Public Cloud”

Teaching how to use MongoDB and expose it via NodeJS APIs

 

Hi, we are starting to use different technologies to build complex scenarios around APIs. It’s getting common to use popular NoSQL DBs like MongoDB.

For this reason, I decided to build this very easy to follow blog that will help you get started with MongoDB and build simple REST APIs using NodeJS via the Express module.

The use case is simple, we are going to build a MongoDB to store users information that eventually (in a future blog) we are going to use to send SMS and Voice call notifications… But for now we are keeping things simple, we are starting by demystifying the use of MongoDB with NodeJS.

The code that sends the SMS/Voice call notifications in NodeJS via Twilio is out of the scope of this blog, but if you want to use it, you can find it here.

Pre-requisites

 

This blog is about simplicity, so we are going to build a simple HelloWorld sample that starts from scratch and interacts (GET and POST) with a MongoDB via Express APIs.

 

Installing and playing with MongoDB

 

In this section, I am going to show you how to install and get your MongoDB up and running. This is going to be the DB that we are going to use in a future blog to send SMS and voice call notifications to people.

Note: I am using Ubuntu, adjust if using other OS (e.g. yum if using OEL/RH):

sudo apt-get install mongodb

  • Validate the installation by running mongo client – This should connect to the running MongoDB Server

  • In the mongo client prompt, create a simple test database called myTestDB:

    use myTestDB


  • The database doesn’t really exist until we add some data. The best thing of MongoDB is that you store JSON payloads into it. This makes it very friendly when interacting with APIs.

     

    In our case, we want to build a notification service and we want to store the contact details of the recipients. Something like:

     

    {“name”:”Carlos”, “mobile”:”+615550505″, “msg”:”Hello World”}

     

    Note that we are not defining ids, mongoDB will take care of it.

     

  • Still within the mongo client db type the following inserts each followed by ab enter:

     

    db.usercollection.insert({ “name” : “Carlos”, “mobile” : “+615550505”, “msg” : “+Hello World”})

    db.usercollection.insert({ “name” : “Dave”, “mobile” : “+616660606”, “msg” : “+Hello World again”})

    db.usercollection.insert({ “name” : “Serene”, “mobile” : “+617770707”, “msg” : “+Hello World once more”})

     

     

  • Now, simply retrieve the inserted collection

    db.usercollection.find().pretty()


  • You can also add a JSON array of JSON payloads, so that you can insert a bulk of entries to MongoDB. For example:

     

    users = [{“name”:”Callan”, “mobile”:”+618880808″, “msg”:”More stuff”},{“name”:”Alessia”, “mobile”:”+612220202″, “msg”:”Stuff plus stuff”}]

     

    db.usercollection.insert(users);

     

  • Once again, retrieve the inserted collection:

    db.usercollection.find().pretty()


  • You can also use the usercollection object to remove individual entries by _id:

    db.usercollection.remove( {“_id”: ObjectId(“ID_GOES_HERE”)});

  • To completely clean up all your entries, you can simply use:

    db.usercollection.remove()

     

  • If you only want to use mong client to switch to a MongoDB and print a specific collection you can do this:

     

    • From Linux shell:             mongo [db_name]
    • Then, from within the mongo client:

      c = db.[collection_name];

      c.find().pretty()

  • To list all Collections in current db:

    db.getCollectionNames()

  • If you are using a MongoDB that requires authentication, you might need to create a specific user(s) under specific databases. For this follow the next steps:

     

  1. Using mongo client, login to admin db as administrator:

     

    mongo admin –username root –password [GIVEN_PASSWORD]

     

    Note: If using Bitnami, [GIVEN_PASSWORD] is the same as the OS root password.

     

  2. Switch to your MongoDB database:

     

    use [DATABASE]

     

  3. Create a new user(s)

     

    db.createUser(

    {

    user: “USER-GOES-HERE”,

    pwd: “PASSWORD-GOES-HERE”,

    roles: [ “readWrite”, “dbAdmin” ]

    }

    )

     

    Note: Substitute USER-GOES-HERE and PASSWORD-GOES-HERE with your own values.

     

  4. That’s it, you can now use that username and password to authenticate and grant read and write access to your db. If using monk in NodeJS as shown below in this blog, make sure to add the credentials in the connection string. A simple way to achieve this is by adding “USER:PASSWD@” before the server name.

     

    For example:

     

    var db = monk(USER + ‘:’ + PASSWD + ‘@’ + MONGODB_SERVER + ‘:’ + MONGODB_PORT + ‘/’ + DB_NAME);

 

 

For more information: https://docs.mongodb.com/manual/reference/mongo-shell/

 

Ok, our MongoDB is behaving well. Let’s run it together with our Express NodeJS code.

 

Building a simple Express JS API that interacts with a MongoDB

 

Now that we have a running MongoDB server running, let’s build a simple NodeJS code that will expose simple Express REST APIs to interact with your MongoDB.

I am going to explain below those snippets that require explanation, however before continuing make sure that you have downloaded/cloned the NodeJS project found here: https://github.com/barackd222/s2v-iia-nodejs-mongodb-crud-demo

The bits that you need to pay special attention from the NodeJS code:

  • app.js – This is a very standard Express JS code that starts a service listening in a specific port. In terms of MongoDB, notice the following snippets:

     

    • You need to require mongodb module, as well as monk.

  • Monk is going to give you the ability to connect to a MongoDB running somewhere. Think of it as a JDBC connection, in the relational database world, if you like.

  • Configuring the Express app to add the Monk db as part of it, so that it can be accessed within the request variable in each REST API.

 

  • The rest is just adding the right headers for the requests and starting the listening service.

 

  • mongoDBCrudAPIs.js – This file is where I define my REST APIs. At the time of writing this blog I just added 2 APIs, one that GET all Users in the MongoDB and the other that POST a new user.

     

    • GET /users – This is a very
      typical Express GET API. Inside the body though that’s where we:
      • Retrieve the monk DB connection that points to the MongoDB
      • Builds the Collection object as we did in the MongoDB console before
      • Runs a Find ALL function on the collections object that it built in the previous step
      • Sends back the resulting JSON payload as the API response. Notice that you can iterate and do whatever you want with this result

  • POST /user – Once again, this is a very typical POST Express API that retrieves some JSON body elements from the request. In terms of MongoDB, the bits that are worthwhile showing are:
    • Retrieve the monk DB connection that points to the MongoDB

  • Builds the Collection object as we did in the MongoDB console before
  • Uses the collection to insert the new user in a JSON format
  • Then it just handles errors if any. Otherwise return a successful response


  • Package.json – Make sure to add the right modules, so that you can run your NodeJS Application without having to manually install dependencies. In this case I am using:
    • express – To build the REST APIs
    • mongodb – To bring internal MongoDB libraries
    • monk – To help establish the MongoDB db connection
    • body-parser – To parse the incoming JSON requests

 

Let’s test our NodeJS Application

If you have been following this blog, at this point you have a few users in your “myTestDB” MongoDB, that you enter via the mongo client command line earlier.

  • I am using Postman to call the APIs, you can use your preferred test REST client. Let’s first try to retrieve these users.

  • Great job, now invoke your POST API to create a new one. In my case this is the JSON that I am sending:

{“name”:”Jason”,

“mobile”:”+6115791010101″,

“msg”:”Hi. This message comes from POSTMAN “}

 

Note: Make sure to add your header Content-type set to application/json

 

 

  • Now call the GET
    /users API again and make sure your new user is retrieved

Congratulations, you just managed to do very basic, yet powerful tasks using MongoDB as the backstore and NodeJS to expose interactive REST APIs via Express JS

 

If you have any comment, feel free to contact any of the authors of solutionsanz.blog – We are here to help you!

Thanks,

 

 

 

 

 

 

 

 

 

 

 

Teaching how to use Developer Cloud Service to promote ICS Integrations into new Environments

Why not to have the best of the two worlds? That is, a simple web UI that allows you to easily integrate your SaaS and On-Premise applications, as well as a mature DevOps tooling, that allows you to store your integrations in a corporate version control repository and fully automate your deployments, continuous integration and continuous delivery of your integration projects.

Well, in this blog I am going to show you how simple it is to use Developer Cloud Service to manage your ICS Integrations in a DevOps fashion.

That is:

  1. DevOps person pushes a change in an ICS Integration into the corporate Git repository,
  2. A build task is triggered based on a Git code change being detected. Hudson will automatically trigger a build task,
  3. Hudson will build and package the ICS Integration and archive the result as a release for future deployment,
  4. A deployment task is triggered to deploy the ICS Integration into a configurable target ICS environment.
  5. Optionally, we could run tests and report status, to ensure the new code release is functional as expected.

Continue reading “Teaching how to use Developer Cloud Service to promote ICS Integrations into new Environments”

%d bloggers like this: