Kubernetes has been proven the best way that we have today to run microservices deployments, whether it is via a Serverless approach or by managing your own deployments in the cluster. This has solidified with the strong adoption of Kubernetes by all the major Cloud Vendors, as the strategic way to orchestrate containers and run serverless functions.
However, one of the situations that we need to be mindful, is that kubernetes creates by default a super powerful user that has full access to almost every resource in the cluster (accessible via kubectl or directly though APIs). This is very convenient for most dev & test scenarios, but it is imperative that for production workloads, we limit such power and use Role Base Access Control (RBAC), stable since version 1.8, for fine-grained authorisation access control to kubernetes cluster resources.
For the purpose of this demo, I am assuming some familiarity with Kubernetes and kubectl. I will mainly focus on the Authentication and Authorisation aspects that allow us to use Client certificates to get access to protected resources in a Kubernetes cluster.
In a nutshell this is what I am going to do:
- Create and use Client certificates to authenticate into a Kubernetes cluster
- Create a Role Base Access Control to fine grain authorise resources in the Kubernetes cluster
- Configure kubectl with the new security context, to properly limit access to resources in the Kubernetes cluster.
This is a super simplified visual representation:
Continue reading “OCI – Oracle Container Engine for Kubernetes (OKE) – Using Client Certificates and RBAC”
Recently, I came across one issue while working with one Customer where they were facing bit of challenges to update existing working Integration with new JSON field input.
So, in this use case, two integration orchestration process flow are involved, Master Integration and Child Integration both working well in production. However, time to time developer gets requirement from business to enrich this working flow by adding more fields into Child Integration which was interacting with Oracle Responsys System. The Master Integration getting data from NetSuite, passing Child Integration same data which was interacting with Responsys and completing business flow.
Here is flow diagram with existing working flow Vs flow with new requirements and highlighted problem area.
Once developer add new fields into Child OIC orchestration flow, saved, activated and tries to refresh the Parent OIC orchestration flow, it breaks existing mapping. Behind the scene obviously since Child Integration orchestration flow input payload got changed it has cascading impact on calling Integration flow and calling Integration flow fails to deduct those changes and breaks existing mapping and wiped out existing mapping. see the relevant snaps –
Continue reading “Advance XSL Mapping inside Oracle Integration Cloud !!!”
Oracle PaaS services are typically protected by Identity Cloud Service (IDCS), which provides unified access management for the Oracle Cloud. This protection extends to their exposed APIs, which usually require you to present a valid access token as part of your invocation. Unfortunately, the documentation for a number of the services tends to assume that the reader has an in-depth knowledge of OAuth concepts, and IDCS operations.
Typically my blog posts are around specific proof of concept things I have been working on, or go in-depth into more advanced IDCS concepts, but I have realised (mostly because people kept asking me…) that many developers using these services don’t have a strong practical understanding of OAuth, and struggle to interpret the documentation around the authentication requirements for the services. This blog post is designed to provide a step by step explanation of what is required from an IDCS perspective, as well as an explanation of the techniques to obtain a an access token to use the service APIs.
A non-exhaustive list of PaaS services for which these instructions
Continue reading “Invoking Oracle PaaS service APIs protected by OAuth”
- Oracle Integration Cloud
- Oracle Blockchain Platform
- Oracle API Platform Cloud Service
- Oracle Mobile Hub
- Oracle Digital Assistant
This blog is showcasing very specific use case related to NetSuite Custom Field retrieval and how we accomplish that using Oracle Integration Cloud NetSuite Adapter.
In this example we will be retrieving custom fields values e.g. birthDt from NetSuite by passing specific Customer Id. It may sound very easy but it was bit complex to deal with because the way how NetSuite was responding Custom Fields values using NetSuite Adapter.
Here is the use-case diagram –
In my previous blog I have already shown all the configuration which needs to be done to connect to NetSuite using Oracle Integration Cloud NetSuite Adapter and deal with NetSuite Custom fields. Hence, this blog will just focus on specific mapping challenges which I have faced initially during implementation.
Continue reading “Retrieve Custom Fields from NetSuite using Oracle Integration Cloud NetSuite Adapter !!!”
Customization is essential part of any SaaS implementation to capture unique business needs. In NetSuite SaaS application also, there could be several use-cases where user might need to create a new Custom Object or add custom fields into existing Standard Object such as Contact, Account and Organization etc. In this blog I will be showing how can we add Custom fields e.g. Degree name and Passing Year etc. into existing NetSuite Contact object and can update the same field using Oracle Integration Cloud (OIC) NetSuite adapter.
Please Note: NetSuite Adapter handles the Custom fields in very different way in compare to other adapters. Due to NetSuite API limitation, OIC Adapters not able to discovers Custom fields created in NetSuite which could be concern to many Customers. However, Oracle NetSuite Integration Adapter provide a way to specify manually all those Custom fields using InternalId and ScriptId and assign associated values coming from Source System to those fields and that’s the core objective of writing this blog to show to reader how we can manually add and assign values to NetSuite Custom fields using OIC NetSuite Adapter.
The use case scenarios –
Below are the high level steps user need to perform to achieve outcome.
- NetSuite – Create Custom Entity fields in NetSuite for Contact object
- OIC – Create NetSuite Adapter connection as Target System
- OIC – Create REST Connection as Source System
- OIC- Workout Request Response Payload for REST Adapter Input
- OIC – Create Integration, do mapping and Activate Integration
- OIC – Test Integration using POSTMAN
- NetSuite – Verify Contact object details
Continue reading “Manage Custom Fields in NetSuite using Oracle Integration Cloud NetSuite Adapter”
Sometimes it is necessary to monitor specific processes that are not in the provided OMC processes list and this is where CUSTOM METRIC come into the scene.
In this short post I will show how to create a CUSTOM METRIC and ALERT RULE to manage it.
So the challenge of the day:
Monitor custom windows / linux process and if it stops giving
signs of life alert to the support group.
Continue reading “OMC Custom Metric – empowering custom monitoring”
I recently had a requirement where the Common User in a Multitenant DB environment wanted to access application tables across Pluggable Databases (PDBs) but at the same time access dictionary views across all PDBs without the need to manually switch between containers.
This was because I had to setup a monitoring user account to monitor all PDBs performance as well as application workload.
In this example I will show you how the Common User (created at CDB level) can be configured to access the application tables (create at PDB level)
Continue reading “Multitenant Common Users Accessing Application Tables in PDBs”