Appendix: Configuring Access to the CloudBlue Connect API Through a Proxy Server
The PLM component must be able to communicate with the CloudBlue Connect API, whose endpoint is located on the Internet. If access to the Internet is restricted in your environment and the CloudBlue Connect API is not accessible from your Kubernetes cluster, you must perform additional configuration steps for the component to be able to communicate with that API:
-
Configure a proxy server:
-
Prepare a server that meets these requirements:
-
It is accessible from your Kubernetes cluster.
-
The CloudBlue Connect API is accessible from this server.
-
The Apache HTTP Server is installed and is configured to start automatically.
-
-
On the server that you prepared, create
/etc/httpd/conf.d/connect-reverseproxy.conf
with the following content:Listen IP_ADDRESS_OF_PROXY_SERVER:PORT_OF_PROXY_SERVER <VirtualHost IP_ADDRESS_OF_PROXY_SERVER:PORT_OF_PROXY_SERVER> SSLProxyEngine on ProxyPass "/" "https://api.connect.cloud.im/" ProxyPassReverse "/" "https://api.connect.cloud.im/" <IfModule reqtimeout_module> RequestReadTimeout header=0 body=0 </IfModule> ErrorLog /var/log/httpd/connect.error.log CustomLog /var/log/httpd/connect.access.log common </VirtualHost>
-
Execute this command:
systemctl restart httpd
-
Check that the configuration of the proxy server is correct:
-
Make a test call to the CloudBlue Connect API:
curl -H'Authorization: ApiKey SU-...' 'http://IP_ADDRESS_OF_PROXY_SERVER:PORT_OF_PROXY_SERVER/public/v1/products?eq(status,published),eq(visibility.listing,true),ordering(-events.created.at),limit=1000'
-
Check that the call is successful:
tail -n1 /var/log/httpd/connect.access.log ... - - [28/Jan/2022:11:16:40 +0300] "GET /public/v1/products?eq(status,published),eq(visibility.listing,true),ordering(-events.created.at),limit=1000 HTTP/1.1" 200 379383
-
-
-
Configure the component to use that proxy server for communication with the CloudBlue Connect API by specifying the http://IP_ADDRESS_OF_PROXY_SERVER:PORT_OF_PROXY_SERVER/public/v1 URL in the connect_apibaseurl setting:
-
The component is not deployed yet. In this case, specify the http://IP_ADDRESS_OF_PROXY_SERVER:PORT_OF_PROXY_SERVER/public/v1 value in the connect_apibaseurl setting during the component's deployment.
-
The component is already deployed. In this case, perform these steps:
-
Set the new value of the setting:
helm upgrade inhouse-products a8n/inhouse-products --version CURRENT_COMPONENT_VERSION --reuse-values --set 'connect_apibaseurl=http://IP_ADDRESS_OF_PROXY_SERVER:PORT_OF_PROXY_SERVER/public/v1'
-
Check that the new value is applied:
helm get values inhouse-products
-
Restart the component:
kubectl rollout restart deployment inhouse-products
-
-