Cloud application developer certification preparation

Course Features
Language: English
Course Details
This course provides a review of key concepts to help you prepare to pass the IBM® Cloud Platform Application Development V2 exam. It is structured as a series of video lectures accompanied by demonstrations, hands-on labs, and quizzes. Completing this course will give you experience with IBM Bluemix® and show you how to build applications for the cloud that are scalable, reliable, and secure. After completing this course, visit the IBM Professional Certification Program website to learn how to obtain the “IBM Certified Application Developer – Cloud Platform” certification.
IBM® Cloud provides an innovative and advanced service platform for enterprises and organizations to save time, save money, and reduce risk. IBM® Bluemix® is a developer platform for cloud solutions that offers a seamless integration between public and private cloud environments. The IBM Cloud infrastructure is secure, scalable, and flexible and supports:
- Open technologies
- Hybrid integration
- Data and analytics
- Cognitive services
- DevOps for continuous delivery and integration
How this course is organized
This course includes three parts. Parts 2 and 3 will be released in mid-July 2017. Part 1: Create applications on IBM Cloud Understand cloud service models and benefits, IBM Cloud architecture, and specific capabilities of Bluemix. In this part, you also learn about best practices in cloud application design through the Twelve-factor app methodology and IBM Cloud reference architectures. Part 2: Enhance cloud applications with services and security In this part, you learn about different services available from the IBM Bluemix catalog including cognitive, messaging, and data. You learn about steps that you can take to secure your applications, credentials for services, and application data. Part 3: Apply continuous delivery and use Bluemix to manage cloud apps Learn how Bluemix supports DevOps for your applications by using Continuous Delivery toolchains. In this last part of the course, you also learn about techniques to monitor applications, manage the scaling of applications, and debug application issues. You will need to complete all 3 parts to earn a badge.
Get started
Part 1 objectives
Hosting cloud applications
Planning Cloud applications on Bluemix
Lab 1: use the Bluemix CLI to deploy and manage apps
Designing and developing cloud applications
Part 1 wrap up
Part 2
Enhance applications with services and security
Enhance cloud applications by using messaging services
Lab 2: messaging in the cloud
Enhance applications with cognitive APIs
Lab 3: set up an app with Natural Language Understanding
Object storage services in IBM Bluemix
Lab 4: add object storage services in Bluemix
Data service types in Bluemix
Lab 5: manage instances of Cloudant
IBM Data Connect
Lab 6: migrating database data by using IBM Data Connect
Secure your cloud applications with single sign-on
Lab 7: secure an app by using IBM Single Sign-on
Custom domains and SSL
Part 2 wrap up
Part 3
IBM Bluemix DevOps
Lab 8: create your first toolchain
Source code management (SCM) for Continuous Delivery toolchains
Lab 9: source control management using Git commands
Code editing for Continuous Delivery toolchains
Lab 10: code editing and deployment with the Web IDE
Managing CI and CD with Delivery Pipeline
Lab 11: manage CI and CD by using Delivery Pipeline
Application scaling
Lab 12: scaling applications
Load testing
Lab 13: load testing cloud applications
Application monitoring
Lab 14: application monitoring
Debugging in IBM Bluemix
Lab 15: debug applications in IBM Bluemix
Wrap up
FREE
Bluemix Cloud Foundry runtimes and application staging
3 of 6
Runtimes and buildpacks IBM Bluemix Cloud Foundry runtimes are based on Cloud Foundry buildpacks. Understanding buildpacks, how they are selected and managing settings and defaults of buildpacks is important to deploying Cloud Foundry applications on Bluemix. Cloud Foundry components In a Cloud Foundry based PaaS environment there are a number of components that coordinate the deployment, management and access to applications. Applications run inside containers that are hosted on Diego Cells. The deployment of applications is coordinated through the Cloud Controller. Incoming traffic goes to the Router which forwards traffic to the appropriate component in the environment. Application staging and deployment The process of taking an application from the code assets and supporting artifacts to a running application is called the staging process. The following steps are followed to stage and deploy an application: At the command line, the developer enters the directory containing her application and uses the Bluemix Command Line Interface (bx CLI) to issue a push command. The bx CLI tells the Cloud Controller to create a record for the application. The Cloud Controller stores the application metadata. Application metadata can include the app name, number of instances the user specified, and the buildpack, and other information about the application. Before uploading all the application files, the bx CLI issues a resource match request to the Cloud Controller to determine if any of the application files already exist in the resource cache. When the application files are uploaded, the bx CLI omits files that exist in the resource cache by supplying the result of the resource match request. The uploaded application files are combined with the files from the resource cache to create the application package. The Cloud Controller stores the application package in the blobstore. The bx CLI issues an app start command. The Cloud Controller issues a staging request to Diego, which...
Continue Reading
Continue Reading
FREE
Managing organizations, spaces, domains, and regions
5 of 6
Spaces, users, domains, and quota The organization is the key grouping concept in IBM Bluemix. Each organization is composed of several elements. Spaces Spaces provide a mechanism to collect related applications, services, and users. Every organization contains at least one space. All applications and services are associated with a single space. Users Users participate in organizations and have varying capabilities based on their assigned roles. Users can be members of multiple organizations and can be changed from one organization to another through the Bluemix dashboard. Users might have different roles in different spaces in an organization. Domains Domains provide the base component of a route on the Internet for the organization. An application route is composed of both a host name that defaults to the application name plus the domain name. Creating a custom domain for an organization requires that the user register the domain name with the public DNS registry, configure the custom domain on Bluemix using the CLI or Web UI, and mapping requests to the domain through a CNAME to the desired Bluemix region secure endpoint. Quota Quota defines resource limits for the organization. Quota represents and controls the number of services and the amount of memory available for Cloud Foundry applications in all spaces of the organization. User Roles Users are assigned roles at the Bluemix account, organization, and space level. At the account level, there is an account owner and account members. At the organization level, there are manager, billing manager, and auditor roles. At the space level there are manager, developer, and auditor roles. Users with the manager or developer space role can access the VCAP_SERVICES environment variable for an application within the space. Users with the Auditor role can’t access VCAP_SERVICES. Regions A Bluemix region is a defined geographical territory where applications are deployed. Regions allow applications to be deployed closer to customers to...
Continue Reading
Continue Reading
FREE
Bluemix CLI Overview
1 of 8
You can manage applications in IBM Bluemix PaaS by using the Bluemix command-line interface (bx CLI) tool. To manage applications by using the bx CLI, do the following main tasks: Specify the region through the API endpoint.Set the region by using either the bx api API_URL option or by using the –a API_URL option to the login command where API_URL is the API endpoint of the region that you want to log in to. Log in to an organization and space by using the bx command.Use the following command syntax for the bx login command: bx login [-a API_URL] [-u USERNAME] [-p PASSWORD] [-o ORG] [-s SPACE] API_URL is the API endpoint of the region that you want to log in to. USERNAME is the user. PASSWORD is the specified user’s password. ORG is the organization name. SPACE is the space name. Any needed argument that’s not provided on the command line will be prompted. For example, you might provide the password interactively at the terminal by omitting the –p option on the command line. Push an application by using the bx command and provide applicable options.Use the following command and syntax to push an application: bx app push [APP] [-b URL] [-c COMMAND] [-d DOMAIN] [-i NUM_INSTANCES] [-m MEMORY] [-n HOST] [-p PATH] [-s STACK] [--no-hostname] [--no-route] [--no-start] APP is the application name, if not specified, the entry from the application manifest file will be used. Run this command from the top-level directory that contains the application and a copy of the manifest.yml file. Some common options for the push command: -c to specify a startup command. -i to specify number of instances at startup. -m to specify the memory that is used by the application instance at startup. --no-route to prevent connecting a route to the application. View logging information by using the bx command.To view logs from an application, run this command: bx app logs APP [--recent] APP is the application name....
Continue Reading
Continue Reading
FREE
2. Understand your Bluemix account
5 of 8
In this section, you will use the Bluemix command-line interface tool to work with Bluemix and understand your Bluemix account, organization, and spaces for applications. You use this tool in a terminal on your workstation. Start a command terminal or Git Bash shell window. The Bluemix command-line tool is not supported by Cygwin and the windows command prompt should be used instead of the Cygwin bash shell. The examples shown are from a Mac OS X bash command prompt. Verify your CLI release by running this command: bx –v Select the Bluemix region for your login by providing the API endpoint to the bx api command. This table shows the regions and associated API endpoints. Region API endpoint US South https://api.ng.bluemix.net United Kingdom https://api.eu-gb.bluemix.net Sydney https://api.au-syd.bluemix.net Germany https://api.eu-de.bluemix.net For examle, to select the US South region, enter: bx api https://api.ng.bluemix.net Log in to Bluemix after setting the endpoint: bx login -u user_name -o org_name -s space_name Then, enter your Bluemix password that you use to sign in to the Bluemix web UI. If you skip any options, the command will prompt for you to provide them to complete the login. If you see a warning or failed login with a message like “You are using a federated user ID, please use one time passcode,” add the --sso option to the login command to be provided with a URL for creating a one-time passcode for the login. The login sequence shown gives an example of a user that has a federated ID and needs to use a one-time passcode. When your Bluemix account is initially created, you get an opportunity to customize the name of the organization and set a space name. Organization names must be unique across Bluemix. Space names do not need to be unique List your current spaces in Bluemix by using the bx...
Continue Reading
Continue Reading
FREE
3. Deploy an application from a project by using the Bluemix command line tool
6 of 8
Now that you have an introduction to the Bluemix CLI, it is time to use it to deploy a sample application to Bluemix. The application is written in Node.js and uses the Express web application framework. Download the application zip file from https://github.com/ibmecod/watson-parrot-nodejs/archive/master.zip. Unpack the zip file into a folder on your workstation. Start a command terminal and change the current directory to the folder of the application. Examine the files in the top level of the directory. Two important files are package.json and manifest.yml. The package.json file outlines the dependencies needed for the application and also specifies the command to start the application. The manifest.yml defines the resource allocations and the application name in Bluemix and the host name for the deployed application. Before deploying, change the host for the application because each application must have a unique name in Bluemix. The host name must be a legal Internet host name, so you can use only letters (upper- or lowercase and the hyphen (-) character in the name. Open the manifest.yml file in your favorite text editor and change the application name and add a matching host name for the deployment. One way to make the host name unique is to add your initials and the current date. Change random-route to false to disable adding extra text to the application name on deployment. After you update the file, save it. Use the application name to replace <your-app-name> in the rest of the lab. Log in to Bluemix and select the space where you want to deploy the application by using commands you learned in the previous section. Issue the bx app push command and follow the messages in the terminal as the application is deployed and started in Bluemix. After a few minutes, the application will finish starting, and the status will be shown as running and show the URL for the application. There are two ways to check...
Continue Reading
Continue Reading
FREE
4. Add a service to an application using the Cloud Foundry cli
7 of 8
In this section, you learn how to find a service from the catalog by using the command line and then bind the service to the sample application. This application has code to recognize the bound service and extend its functionality through the API that is added with the service. Use the bx service offerings command to list all available services for your Bluemix region, ID, and organization privileges. This command requires some patience as it takes quite a while to complete. You can redirect the output to a file or use a pager like more (or less) to make the output easier to read. For this application, you will add the Watson Language Translator service. To add the service, you need to know the service name in the catalog and the available plans to use. For this deployment, use the standard plan. Add this service to your current space: bx service create language_translator lite "Language Translator-x1" Verify the service and also get a list of other services in the current space by using the bx service list command. Bind this service to your application: bx service bind <your-app-name> "Language Translator-x1" After binding the application, you are reminded to restage your application. Restaging is needed to add the API credentials for the service to the application runtime environment and restart the application with them. Restage the application: bx app restage <your-app-name> When the command completes, go back to your application again and enter a sentence and click Send. The application displays the language to the left of the message. Try a sentence in another language. For example, you can enter “Aller anfang ist schwer.” which is a German saying similar to “all beginnings are hard.” Deeper dive You can learn how this application is exploiting the Watson Language Translator service to identify languages by examining the routes/index.js file....
Continue Reading
Continue Reading
FREE
Twelve-factor app methodology
1 of 4
To effectively design and build applications for the cloud, you should understand the Twelve-Factor App methodology. Factor 1: One codebase tracked in revision control with multiple deployments Use one codebase for tracking and revision control, and from that codebase, you can deploy many times. Use IBM Bluemix DevOps Services or Cloud Foundry deployment tools with tools such as IBM UrbanCode Deploy, Jenkins, Gradle, or an equivalent. Factor 2: Explicitly declare and isolate dependencies Use IBM Bluemix deployable units such as Java Liberty and Node.js buildpacks to manage runtime dependencies. For example, the package.json file for a Node.js application lists all external dependencies. Factor 3: Store configuration in the environment Provide any additional configuration information through the VCAP_SERVICES environment variable. Services that are bound to an application also populate the VCAP_SERVICES variable with their configuration attributes. Factor 4: Treat backing services as attached resources Bind services to applications by using the Bluemix web UI dashboard or use the bx service create and bx service bind commands to attach services to an application. Factor 5: Strictly separate build and run stages In IBM Bluemix, when you use the bx app push command to deploy, the application is staged, assembled, and then stored as an immutable object in the build phase. Then, the object is copied to a container and started in the run phase. Factor 6: Execute the app as one or more stateless processes When you design applications, use multiple processes or services as needed. IBM Bluemix application instances are stateless and do not have persistent file storage. Avoid dependencies on sticky sessions and keep session data in a persistent store to ensure traffic can be routed to other processes without service disruption. Factor 7: Export services by using port binding IBM Bluemix provides a process or service with a port for...
Continue Reading
Continue Reading
FREE
Messaging in the cloud
1 of 2
Messaging is a technology that enables high-speed, asynchronous, program-to-program communication with reliable delivery. Programs communicate by sending packets of data called messages to each other. You can enable loosely coupled integration for IBM Bluemix PaaS applications and components by using messaging services. Messaging use cases and available APIs in the Message Hub service Messaging services provide loose coupling between components of an application in several use cases. A common case is asynchronous worker offload of complex tasks that allows the processes handling these tasks to be scaled independently. Messaging provides a natural event-driven service model and avoids polling inefficiencies. Messaging provides a way to delay processing, for example, to run a report at a specific time. Messaging can provide responsiveness in an application when integrating with third-party or external services by queueing requests. Across many of these use cases, components that use messaging services can be deployed in distributed locations to create hybrid cloud scenarios. The IBM Message Hub service is based on Apache Kafka and supports the use of multiple APIs for messaging. Applications can use the Kafka API, Kafka REST API, and MQ Light APIs with this service. Using publish-subscribe and queue models in Message Hub In a publish-subscribe model, every message receiver (or consumer) gets a copy of messages published by the sender (or producer). In a queue model, messages are distributed among a pool of receivers (or consumers). When you use the MQ Light API to create a queue model, each receiver will join a destination with sharing enabled. When you use the Kafka API (or Kafka REST API) to configure a queue, each consumer should subscribe by using the same consumer group, and the number of partitions on the topic should be greater than or equal to the maximum number of consumers. Rationale of the cf...
Continue Reading
Continue Reading
FREE
Object storage
1 of 2
You can store and retrieve files by using the Object Storage service in IBM Bluemix. Object storage is an electronic storage that is highly scalable, easy to use, cost-effective, provides huge capacity, and is a distributed system that spans regions and even countries. It is commonly used for storing pictures, documents, audio, video, system backups, and database dumps. IBM Bluemix offers a range of object storage services. Bluemix infrastructure provides the Cloud Object Storage service that has two service types: Cross-region service This service provides resiliency across three geographic regions and encryption of data at rest and in flight. Data is accessible via an S3-compatible API. Regional service This service is available in 20 IBM Cloud data centers worldwide and implements an OpenStack Object Storage API. The Bluemix PaaS catalog Object Storage service also provides an OpenStack Object Storage API. Create a container in the Object Storage service Before you use any API services of Bluemix PaaS OpenStack-based object storage, an authentication token must be obtained by using Keystone. Perform Keystone authentication by POST of the credentials provided in the VCAP_SERVICES to https://identity.open.softlayer.com/v3/auth/tokens. After the token is obtained, containers and objects can be managed through REST API calls to the storage URL that is returned with the token. After authentication is complete, create a container in object storage with a PUT request to the storage URL, appending the new container name in the request. curl -i -H "X-Auth-Token: AUTH_tk924cd97c2af7475c8e6cb25d2adaccf8" -X PUT https://dal05.objectstorage.softlayer.net/v1/AUTH_0c6bf5d5-b5e4-43aa-93f1-ea7065837fb8/myNewContainer Run create, upload, and list operations on an object by using containers After you create the container, objects are manipulated by HTTP requests. To create a file or upload with new data to an existing file, use the PUT command by specifying the container in the path. (This command is simplified by omitting the –H option.) curl -X...
Continue Reading
Continue Reading
FREE
4. Use the Swift API to manage containers and objects
5 of 5
In this section, you’ll run through some typical Swift API operations by using the Postman Chrome application. In Postman, click the + icon to open a new tab. Copy the url value that you saved in the previous section into the URL Append /mycontainer to the URL. Change the HTTP verb from GET to PUT to create a new container. Click Headers(0) and create a header with the label X-Auth-Token and value set to the value of the X-Subject-Token that you saved in the previous section. Click Send to verify that the returned Status is 201 Created. Change the HTTP verb from PUT to HEAD to get the metadata for the new container. Then, click Note that you are reusing the same header value from the previous request. Verify that the returned Status is 204 No Content and that several metadata values are in the returned HTTP header. Change the HTTP verb from HEAD to PUT to do an upload operation. Click the Body tab and then select binary. Click Choose File and select a file on your local system. Go back to the URL field and append /filename to the URL where filename is the name of the file that you selected. For example if you selected foo.txt, then you append /foo.txt to the URL. Click Send and verify that Status 201 Created is returned. Change the HTTP verb from PUT to GET so that you can send a list request for the container. Remove the file name suffix from the URL. Click Send and verify that the name of the file that you just uploaded is returned. Append ?format=json to the URL and send the GET request again. Verify that information about the file that you uploaded is returned in JSON format. Remove the ?format=json suffix from the URL and append /filename to the URL where filename is the name of the file that you uploaded earlier. Click Send and verify that the content of the file is returned and that the status is 200 OK. Optional: Before you remove the file and container, return to the Object Storage service management page and investigate the container and file that you added....
Continue Reading
Continue Reading
FREE
Data services
1 of 5
The following types of data services are available in IBM Bluemix PaaS: NoSQL database service SQL database service In-memory columnar database service Key-value pair data service NoSQL database service NoSQL databases are managed data stores that use non-SQL query languages (or no query languages at all) and store data as a series of documents. Examples of NoSQL databases are Cloudant (an extension of Apache CouchDB) and MongoDB. NoSQL databases offer flexibility because there is no enforced schema for documents, and document structure can be changed at any time without having to modify existing data. NoSQL databases such as Apache CouchDB and Cloudant can scale horizontally on commodity hardware to provide low cost, scalable performance as data volumes grow. To support this type of scalability, Apache CouchDB and Cloudant prioritize database availability over distributed consistency. This is referred to as eventual consistency. SQL database service An SQL database service provides application access to relational databases that are queried by using SQL. The IBM DB2 on Cloud service in Bluemix is an example of an SQL data service that is powered by IBM DB2 and has a variety of features including high availability, automated backups, and data privacy. Other examples include Compose for PostrgeSQL and ClearDB MySQL. In-memory columnar database service An in-memory columnar database service provides optimized database access for analytic workloads. The dashDB for Analytics service in IBM Bluemix is an example of an in-memory columnar databases service. dashDB for Analytics is based on DB2 BLU and its columnar organizations favor analytic queries that access a large number of values from a subset of the columns and make heavy use of aggregations and joins. dashDB for Analytics also uses compression to allow larger amounts of data to reside in memory. Key-value pair data services Key-value pair data services allow the efficient...
Continue Reading
Continue Reading
FREE
Features of Cloudant NoSQL Database
3 of 5
IBM® Cloudant™ NoSQL DB for Bluemix™ is a NoSQL database as a service (DBaaS) that scales globally, runs nonstop, and handles a wide variety of data types such as JSON, full-text, and geospatial. Cloudant NoSQL Database is an operational data store that is optimized to handle concurrent reads and writes, and provides high availability and data durability. Cloudant provides a RESTful API to create, read, update, and delete documents. Reading a document The Cloudant RESTful API makes every document in your Cloudant database accessible as JSON through a URL, which makes Cloudant so powerful for web applications. Each document in Cloudant has a unique _id field that can be used to retrieve that document. To retrieve a document by using the API, simply append the document’s ID to the URL of the database. For example, for a document of _id foo in the mydb database, the GET URL to retrieve the document will look like this: GET https://[username].cloudant.com/mydb/foo Inserting a document Documents can be inserted into Cloudant individually or in bulk. To insert documents, you can provide a unique value for the _id .field. If the document to be inserted doesn’t define an _id value, a value is assigned to it during the insertion. If you initially define an _id for your document, you must ensure that the _id isn’t already being used. If it is, the insertion will fail. Inserting by using cURL Command: curl -d '{"season": "summer", "weather": "usually warm and sunny"}' -X POST https://[username].cloudant.com/crud/ -H "Content-Type:application/json" Response: {"ok":true,"id":"590e2bca76c09882e37dea534b000be3","rev":"1-0af5e64fe24d262db237b9f14046f490"} If you want to set the _id when you insert, you can do it in two ways: POST and PUT. Updating and deleting documents The _rev field is added to your documents by the server when you insert or modify them, and is included in the server response when you make changes or read a document. The _rev value is built from a crude counter and a hash of the document...
Continue Reading
Continue Reading
FREE
IBM Data Connect service for Bluemix
1 of 2
In the Command Data Shaping options area of the text description, is it possible to use a tabular format with a layout like: operation | description…. IBM Data Connect provides a lightweight, cloud-based set of data refinement and access services. In this section, you learn about: Capabilities of IBM Data Connect Common tasks that you can do with IBM Data Connect Enterprise connectivity with Secure Gateway IBM Data Connect capabilities The IBM Data Connect service in Bluemix allows you to identify relevant data, transform the data to suit your needs, and load it to a system for use. In IBM Data Connect, you begin by finding the data that you want to work with from data sources like IBM Cloudant NoSQL DB and IBM dashDB. You use metrics to better understand your data quality and identify areas to improve. To improve the data quality, you work with a sample of the data and apply shaping actions such as sorting, filtering, and joining. You can apply the actions to the full data set and load the data to destinations such as Cloudant NoSQL DB. Actions are defined and processed through Activities. After an Activity is created, it can be used to set up recurring shaping and copy actions and the Activity control panel includes a display of the current run status. Common data shaping operations After a data set is connected to, Data Connect operations can be applied at the table level or the column level. Several shaping operations are supported. Here are some of the supported operations: Blank out – Converts the string in the column to null. Ceiling of number – Returns a number’s nearest integer of greater value. Example: The ceiling of 2.31 is 3. The ceiling of -2.31 is -2. Change the timestamp value – Changes the timestamp in a...
Continue Reading
Continue Reading
FREE
5. Move data from dashDB to Cloudant Database
6 of 8
In this section, you’ll move a subset of data in your dashDB instance to your instance of Cloudant NoSQL DB by using Data Connect. Return to the Bluemix Apps Dashboard. Scroll down to Services and click the row for your Data Connect service instance. Click LAUNCH to open the Data Connect dashboard in a new browser tab. Optional: review the Welcome panels describing high level steps of using Data Connect. Click Connections to begin creating a connection for your Db2 Warehouse on Cloud instance. Select IBM dashDB connection type to open the correct connection definition wizard for the service. Give the connection a name like myCloudWarehouse and enter in the hostname, name of database, username, and password from the credentials you copied for the Db2 Warehouse on Cloud instance. You’ll need the host, db, username, and password field values that you saved. Click Create Connection to create the database connection. The display will show the Connections panel where you will see the connection that was just added. Click on Create New to begin creating a connection for your Cloudant NoSQL DB instance. Select IBM Cloudant to open the connection definition wizard for Cloudant. Give the connection a name like myCloudant and enter in the url, username, and password from the credentials you copied for the Cloudant instance. You’ll need the url, username, and password field values that you saved. Click Create Connection to create the database connection. From the left pane, click Activities to open the Activities panel. Click on Create New to define an activity to move data from one connection to another. Select your Db2 Warehouse on Cloud connection item, then the GOSALES schema and the PRODUCT table. Click on Refine Data elect the PRODUCT_TYPE_CODE column and then from the Operations panel, expand the Cleanse item. Select Filter Rows. Select the value 961 and then click Apply to save the row filter. If you prefer, you can edit the activity name to change it. Click Next to continue to the target selection screen. Select your Cloudant database connection item. Click Save to save the activity and then click on...
Continue Reading
Continue Reading
FREE
Cloud applications and single sign-on
1 of 2
When you develop an application that supports multiple users, you need to decide how to authenticate them. It might seem like a simple approach to create a database table and populate it with credentials, but this quickly creates further challenges. For one, how will your application be able to integrate with existing applications and their authentication services? You can configure external authentication for Bluemix web applications with the Single Sign On (SSO) service. SSO requires the application to use an OpenID Connect client interface IBM Single Sign On for Bluemix is an authentication service that provides an easy to embed single sign on capability for web applications. The service can be bound to multiple Bluemix applications to provide a common authentication service. Applications call the SSO service through an OpenID Connect compatible client implementation. Applications using SSO can support cloud directories, social media sites, and enterprise directory as identity sources The SSO service acts as an authentication broker for multiple identity sources. Identity sources are collections of users and each collection is identified as a realm. The following identity services are supported: Cloud Directory This is a basic LDAP in the cloud that can be populated with simple user name and password authentication and several other user attributes. Social providers Facebook, LinkedIn, and Google are currently supported. These commonly used identity providers allow your application to authenticate users and obtain identity information including an email address. Enterprise directory identity repositories This integration uses SAML post single sign on. The on-premises website authenticates users (acting as the identity provider) and then uses SAML to securely transmit that identity information to the SSO service instance, which acts in the role of a SAML service provider. A virtual appliance is available to implement an authentication portal to an LDAP server if one is...
Continue Reading
Continue Reading
FREE
1. Create a Node.js starter application and add the Single Sign On service
2 of 10
Log in to Bluemix and click Apps > Cloud Foundry Apps. Then, click Create Cloud Foundry App. Select the SDK for Node.js runtime. Provide a unique application name. Each application in Bluemix public requires a unique name. To ensure that your app name is unique, add the date and your initials to the name. Then, click Create. Note: If you see an Upgrade button instead of the Create button, you are using a Bluemix account that does not have access to paid services. Review the remaining steps in the lab to understand how to use this service and consider upgrading your Bluemix account if you will need to use the SSO service in production. Bluemix will show the application’s Getting Started page with a message at the top about the application starting the staging process. If the Cloud Foundry CLI tool is not installed on your workstation, click Download CF Command Line Interface to download the current version for your workstation. It will be later than 6.9, but that is OK. After the download is complete, install the cf CLI tool. Scroll down on the same page to the series of numbered steps starting with the Download Starter Code button. Make a note of these steps: they might not match the picture and instead will be customized for your Bluemix ID, current Bluemix space, and application name.Complete steps 1 and 2 as shown to get a command prompt with a copy of your code. You will use this command prompt to add the node passport module to the starter application later. Next, you will add the Single Sign On service to the dashboard. Create an ID that will become the prefix of the URL for the service. This ID can be up to 32 characters and must start with an alphabetic character. Make a note of it. Click Catalog in the Bluemix navigation bar and then enter...
Continue Reading
Continue Reading
FREE
3. Bind the Single Sign On service to the application
4 of 10
Bind the Single Sign On service with the configured identity source to your application. Click Apps > Cloud Foundry Apps. Click the application icon in the App listing to open the application overview page. Then, click Connect existing from the Connections panel. Select your Single sign on service and confirm by clicking Connect. You will be prompted to restage the application. A restage is used to add the VCAP_SERVICES environment variables to the application so that it will be able to access the Single Sign On service bound to the application. Click Restage. The restaging and restarting of the application will complete quickly. However, you do not need to wait before proceeding. After the restage, you will be in the Connections panel for the application. Click the Single Sign On service item to open the configuration window for the service in the context of this application. When you access the configuration window from within an application, an INTEGRATE tab will also be shown. Click INTEGRATE to show the Application Configuration panel where you will add the callback URL for our application after a login attempt has been completed. Enter in the Callback URL for the SSO service to invoke after the authentication is completed in the Return-to URL box. The host part of this Callback URL must match the host name that you specified when you created the application. The rest of the host name should be the default Bluemix domain. Complete the URL with the route /auth/sso/callback. Also, update the code for this route in the Node.js starter application. In the examples shown in this lab, this is the correct URL: https://ssolab-20161207tor.mybluemix.net/auth/sso/callback Optional: Change the display name for the application from the default. This is the name used by the SSO service when prompting a user for consent to allow the retrieval of personal information from the identity source. After you enter the...
Continue Reading
Continue Reading
FREE
4. Update the Node.js starter application to use the Single Sign On service for external authentication
5 of 10
The application will require some additional node.js modules to use the Single Sign On service. Update the package.json file from the application code top directory with a text editor and add the following lines into the dependencies section:"passport": "0.3.2", "cookie-parser" : "1.4.x", "express-session" : "1.x", "passport-idaas-openidconnect": "2.x" The package.json file should look something like this when complete: Next, you will add some code to the application to use the Single Sign On service to manage authentication access to specified routes in the application. See the section at the end of this lab for the full source code for reference. Open the app.js file in the application top level directory with a text editor and add the highlighted code just below the var express = require('express'); statement. After the var app = express(); statement, add code to create session handling services in express and configure the passport module to use it with this highlighted code. Add some logic to process the entries in the VCAP_SERVICES environment variable.When the SSO service is bound to the application, the service instance details including the client ID, client secret, authorization URL, token URL, and issuer ID used in the OpenID Connect strategy for passport are set in the VCAP_SERVICES variable. In addition to these entries, add the string that is used for the callback URL in the INTEGRATE tab. These entries will be used in a constructor for a new OpenID Connect strategy that will then be provided to passport. The code to be added is highlighted and immediately follows the previous code: For this sample application, define a route in Express that will be used to initiate authentication for a session. Then, define a function that can be added to any Express route to ensure that a session web session accessing the route is authenticated. Define the authentication callback URL.This...
Continue Reading
Continue Reading
FREE
Code sample for app.js
8 of 10
This app.js file includes the additions from all of the main steps in this lab. If you want to copy and paste code to move through the steps faster and avoid possible typos, use this sample code. Be sure to update the callback_url variable to match your Bluemix application host name. /*eslint-env node*/ //------------------------------------------------------------------------------ // node.js starter application for Bluemix //------------------------------------------------------------------------------ // This application uses express as its web server // for more info, see: http://expressjs.com var express = require('express'); var passport = require('passport'); var cookieParser = require('cookie-parser'); var session = require('express-session'); // cfenv provides access to your Cloud Foundry environment // for more info, see: https://www.npmjs.com/package/cfenv var cfenv = require('cfenv'); // create a new express server var app = express(); app.use(cookieParser()); app.use(session({resave: 'true', saveUninitialized: 'true' , secret: 'keyboard cat'})); app.use(passport.initialize()); app.use(passport.session()); passport.serializeUser(function(user, done) { done(null, user); }); passport.deserializeUser(function(obj, done) { done(null, obj); }); // VCAP_SERVICES contains all the credentials of services bound to // this application. For details of its content, please refer to // the document or sample of each service. var services = JSON.parse(process.env.VCAP_SERVICES || "{}"); var ssoConfig = services.SingleSignOn[0]; var client_id = ssoConfig.credentials.clientId; var client_secret = ssoConfig.credentials.secret; var authorization_url = ssoConfig.credentials.authorizationEndpointUrl; var token_url = ssoConfig.credentials.tokenEndpointUrl; var issuer_id = ssoConfig.credentials.issuerIdentifier; var callback_url = 'https://CHANGE-ME.mybluemix.net/auth/sso/callback'; var OpenIDConnectStrategy = require('passport-idaas-openidconnect').IDaaSOIDCStrategy; var Strategy = new OpenIDConnectStrategy({ authorizationURL : authorization_url, tokenURL : token_url, clientID : client_id, scope: 'openid', response_type: 'code', clientSecret : client_secret, callbackURL : callback_url, skipUserProfile: true, issuer: issuer_id}, function(iss, sub, profile, accessToken, refreshToken, params, done) { process.nextTick(function() { profile.accessToken = accessToken; profile.refreshToken = refreshToken; done(null, profile); }) }); passport.use(Strategy); app.get('/login', passport.authenticate('openidconnect', {})); function ensureAuthenticated(req, res, next) { if(!req.isAuthenticated()) { req.session.originalUrl = req.originalUrl; res.redirect('/login'); } else { return next(); } } app.get('/auth/sso/callback',function(req,res,next) { var redirect_url = req.session.originalUrl; passport.authenticate('openidconnect', { successRedirect: redirect_url, failureRedirect: '/failure', })(req,res,next); }); app.get('/hello', ensureAuthenticated, function(req, res) { res.send('Hello,...
Continue Reading
Continue Reading
FREE
Edit the code using Eclipse Web IDE
2 of 3
In this lab, edit the code of the application deployed in the previous lab by using Eclipse Orion Web IDE. Learn about the test features available in the Web IDE to push the changes to the repository, and see that the deployment pipeline is triggered. Go back to your browser tab with the toolchain, and click the left arrow to return to the page for your toolchain.The Overview panel for the toolchain will be shown with the current tools displayed. Click the Eclipse Orion Web IDE icon to launch a web editor and code management environment hosted on Bluemix and running in the browser. Make note of the pencil icon in the upper left, next to the repository name. This is the edit mode for the IDE. Click the manifest.yml file in the left listing to open it in the editor. Update the memory value to 128M. The workspace contents are automatically saved, but you can click File > Save, if you prefer. Before committing this change to the repository, you can use a launch configuration to set up a test deployment of the application to ensure that it works as needed. Select the Create new launch configuration menu, then click the plus (+) icon to show a menu. Note that you can change almost every aspect of the application deployment, target region, organization, space, and also alter some settings from the manifest file. In the manifest file, change the Launch Config Name to sample-nodejs-cloudant-test. Change the Host name to nodejs-cloudant-test-<date>. Click Save. Click Deploy app. This creates a Bluemix deployment using the settings in the launch configuration selected, using the contents of the current workspace. There will be status updates in the launch configuration page while the application deploys. Deployment will take 2 – 3 minutes because it requires a full staging of the application. When the application is deployed for testing, the menu will update...
Continue Reading
Continue Reading
FREE
Working with the Delivery Pipeline
2 of 4
In this lab, associate a different route to the application using a CLI command inside of a deployment script in Delivery Pipeline. From the Bluemix App dashboard, click menu > Services > DevOps. Select your toolchain to get the toolchain overview, and then click the icon for Delivery Pipeline. This simple pipeline has two stages: a Build stage that runs a build job based on commits to a source code repository, and a Deploy stage that has a deploy job, which takes the build artifacts and deploys them as a Cloud Foundry application. There’s one more type of job (besides build and deploy) that can be configured in a stage, and that is a test job. You won’t need one of those today, but test jobs can be used, as you might expect, to run code tests, or to test an application deployed to a staging environment before continuing to run later stages that would deploy to production. To view the configuration of the build job script in the Build stage, click on the settings icon in the upper, right corner of the stage, and select Configure Stage. The JOB tab shows you the build configuration. The run conditions section allows you to stop the delivery pipeline in event of any failure in the job. Click the Input tab to view the input parameters for the build job. You do not need to change anything on this screen. However, note the stage trigger. By default, the build job will run on every commit in the Git repository. In case you need to turn off automated builds, you can select the run manually option in the stage trigger. Navigate back to the Delivery pipeline. To modify the deploy job script in the Deploy stage, click the settings icon in the upper right corner of the stage, and select Configure...
Continue Reading
Continue Reading
FREE
3. View auto-scaling metric statistics and history
3 of 3
You can examine the effects of the test on your auto-scaling policy rules. The metrics in this task show how effectively your auto-scaling policy worked. Return to the Bluemix Dashboard and click the application route to open the application. You can experiment with the application to create some sample workload before proceeding to the next step. It might take a bit of use and page reloading of the application to match the results shown below. If the application is scaled, you might see a brief message like this on the Bluemix console: After exercising the application for a few minutes, go back to the application Overview. In your application, click the Auto-Scalingservice shown in the Connections list. Click the Metric Statistics tab to see graphs of usage statistics over time for your Bluemix application. Scroll to see all the graphs. If you configure any scaling rules for a specific property, upper and lower threshold indicators show when your application will create or remove additional instances. The following image shows an example of throughput metrics: The following image shows an example of memory metrics, which shows three cases where there was a policy breach that resulted in a scaling action: If your application is stressed enough, you see that the scaling polices that you defined take effect. Depending on the conditions, you see that the applications scale out and scale in. You might find that placing a small amount of traffic to the Java Cloudant Web Starter by adding a few files and then reloading the application page and also displaying the files in browser tabs is sufficient to exceed the 30% memory threshold. In a real-world scenario, you should set this memory threshold higher to avoid unnecessary scaling activity. By increasing the cooldown period, you can delay the time before the service starts...
Continue Reading
Continue Reading
FREE
Load testing in the cloud
1 of 2
Load testing is the simplest form of performance testing. It helps you determine the ability of your apps to handle a certain number of users (load) on your cloud application. To do load tests, you need to understand what tools you can use, how to set up virtual scenarios, and how to analyze load testing results. Using Load Impact or BlazeMeter third-party load testing services in IBM Bluemix PaaS IBM Bluemix PaaS has services to assist you in characterizing how an application responds under a simulated user load. These tests provide insights on performance and can also show whether horizontal scaling is responding when the application is under stress. Creating user scenarios A virtual user scenario corresponds to a set of actions in the application and can be captured interactively or defined in a script language of the specific load testing tool. These should be based on a typical use case of a user who accesses the application. Defining virtual user load for a test You can focus the virtual user load that runs against an application so that you can investigate different issues with performance: Response time for the application for a specific number of active users For this type of test, the user workload is ramped to a steady state and then held for a period of time to gather response time statistics. Peak scalability of an application In this test, the workload is increased in gradual steps and held constant, or a series of test are performed each with a higher number of simulated users. A key metric such as the performance of a page such as user login or catalog display is monitored to ensure that it does not exceed required levels. Analyzing results from load tests When a load test completes, you can use tools...
Continue Reading
Continue Reading
FREE
Sample test code for the load impact scenario
7 of 7
The following sample code shows a load impact sample test. Because your web application uses a URL that differs from the URL in the script, you must modify the WEBSITE_URL code by setting the variable to your application’s Bluemix URL. Note that you can also download this code as a text file: http://ibm.biz/CertPrepLoadTest -- Variable determines appropriate website URL to test. -- EDIT this VARIABLE to test your application. -- Ensure there is NOT a trailing slash at the end. local WEBSITE_URL = "http://replace-me.mybluemix.net" -- User input we want to randomly generate. local KEY1 = string.char(math.random(32, 126)) local KEY2 = string.char(math.random(32, 126)) local KEY3 = string.char(math.random(32, 126)) local VAL1 = math.random(1, 31415926) local VAL2 = math.random(1, 31415926) local VAL3 = math.random(1, 31415926) -- Send PUT request to the app with random key-value pair. http.request_batch({ {"GET", WEBSITE_URL .. "/ecaas?operation=put&key=" .. KEY1 .. "&value=" .. VAL1 .. "&encrypt=false", auto_decompress=true} }) -- Simulate cache refresh by fetching all values. http.request_batch({ {"GET", WEBSITE_URL .. "/ecaas?operation=all&key=" .. KEY1 .. "&value=" .. VAL1 .. "&encrypt=false", auto_decompress=true} }) -- Send second PUT request to the app with random key-value pair. http.request_batch({ {"GET", WEBSITE_URL .. "/ecaas?operation=put&key=" .. KEY2 .. "&value=" .. VAL2 .. "&encrypt=false", auto_decompress=true}, {"GET", WEBSITE_URL .. "/ecaas?operation=all&key=" .. KEY2 .. "&value=" .. VAL2 .. "&encrypt=false", auto_decompress=true} }) http.request_batch({ {"GET", WEBSITE_URL .. "/ecaas?operation=put&key=" .. KEY3 .. "&value=" .. VAL3 .. "&encrypt=false", auto_decompress=true}, {"GET", WEBSITE_URL .. "/ecaas?operation=all&key=" .. KEY3 .. "&value=" .. VAL3 .. "&encrypt=false", auto_decompress=true} }) -- Send GET request to fetch the Value from Key. Then, refresh the data cache. http.request_batch({ {"GET", WEBSITE_URL .. "/ecaas?operation=get&key=" .. KEY1 .. "&value=&encrypt=false", auto_decompress=true}, {"GET", WEBSITE_URL .. "/ecaas?operation=all&key=" .. KEY1 .. "&value=" .. VAL1 .. "&encrypt=false", auto_decompress=true} }) http.request_batch({ {"GET", WEBSITE_URL .. "/ecaas?operation=get&key=" .. KEY2 .. "&value=&encrypt=false", auto_decompress=true}, {"GET", WEBSITE_URL .. "/ecaas?operation=all&key=" .. KEY2 .. "&value=" .. VAL2 .. "&encrypt=false", auto_decompress=true} })...
Continue Reading
Continue Reading
FREE
4. Get started with Availability Monitoring on your application
4 of 5
Complete the following steps to open Availability Monitoring for your app, to create a webpage test to monitor another URL, and to set up notification alerts for your tests. In this section, you will add an additional URL for testing (in addition to the base app URL which is tested by default). If you are using the Java Cloudant Web boilerplate in this lab, the first step in this section will provide a way to get an additional URL for testing. Otherwise, select another URL from your application based on its implementation. To get an attachment URL to test if you are using the Java Cloudant Web boilerplate for this lab, upload a file to the application. Then click on the file to download into the browser and copy the URL from the browser navigation field. The URL will be of the form:https://<yourapp>.mybluemix.net/attach?id=1500918906735&key=myfile.jpg To monitor a Cloud Foundry application, click the app name in the All Applicationstable on theApps dashboard If you do not have an app yet, create it and the application card opens automatically. Click the Monitoring tab. Cloud Foundry applications are automatically bound with Availability Monitoring when you click the Monitoring tab. The Monitoring tab displays three gauges that show Average Test Availability in the last 24 hours, Current Test Status, and Usageof your current plan allocation. Click Add New Test to configure a monitoring test. The main application URL is monitored by default. Any other URLs and services that you monitor can be inside or outside of Bluemix and do not need to be related to the associated Cloud Foundry application. When you click Add New Test, the following Monitoring Setup page is displayed: Click Single Actionon the Monitoring Setup page, and then click Webpage on the Single Action page. Enter a meaningful name for your test in the Name field. Add a description of the purpose of your test to the Description field. Enter the URL of the web app that you want to test,...
Continue Reading
Continue Reading
FREE
5. Create a test script from uploaded script
5 of 5
Upload a Selenium script to create a script test that tests the availability and performance of your web app in response to simulated user behavior. Script tests require Selenium scripts to work. To create a script test, you must first create a Selenium script. For more information about creating Selenium scripts, see “Recording synthetic scripts” (IBM Knowledge Center). After you have created a script, continue with the steps below to create an Availability Monitoring test with the script. Optionally, you may skip creating the script and the rest of the steps of this section. If you are viewing the Monitoring Tab, click Add New Test. ClickScripted Behavioron the Monitoring Setup page. The Scripted Behavior Setup page is displayed. ClickUpload File. Enter a meaningful name for your test in the Name field. Add a description of the purpose of your test to the Description field. Click Browse to find and upload a script file. Click Next to configure your test settings. A summary of the test configuration is displayed. For example, the following message is displayed for the default settings: Test will occur: Every 15 minutes from 3 locations simultaneously to determine if test exceeds 5 seconds. The estimated usage and estimated number of tests per month are displayed based on your current test configuration. In the Settings pane, click Edit to display the current settings for your test. You can change the interval of the tests, the testing frequency, the threshold response times for the critical and warning thresholds, and the locations where the tests are sent from. ClickFinish. The Availability Monitoring dashboard displays a summary of all your tests, a map and table that display the severity and location of your alerts, all synthetic tests that are associated with your app, a table of your activities, and a line graph that depicts the response time and availability of your app and other...
Continue Reading
Continue Reading
FREE
2. Debug a Java application
3 of 4
When you develop an application for a cloud environment, sometimes there is no substitute for quickly updating a part of the application or interactively debugging it while running in the cloud. IBM provides Development Mode for Java Liberty and Node.js runtimes to help you debug cloud applications. You can switch an application instance in Bluemix to Development Mode to be able to: Initiate remote debug sessions with that application instance Push incremental file updates to that application instance and see the changes without redeploying the application Run and access additional tools inside the application container such as a shell, support for attaching a JMX client, or the node inspector as supported by each buildpack’s development mode You can use these steps with any Java application, but to get started with a common reference point, this lab will step through adding a new application to Bluemix by using a boilerplate and then adding the application to your copy of Eclipse. If you already have an application in Eclipse and deployed to Bluemix, you can skip or just review steps 1 – 9. To create a new application in Bluemix: From the Bluemix Catalog, click Boilerplates > Java Cloudant Web Starter boilerplate. Enter a unique name for the application. In these examples, you will see an application named cadc-javacloudant-1216. You should use a different name and also do not use an underscore in the name. Keep the remaining defaults in the boilerplate and click Create. From the Bluemix dashboard, navigate to the new application. To download the sample code to import into Eclipse, click Getting Started. Select Download Starter Code to download the application starter code to your workstation. Start Eclipse on your workstation and open the Java EE perspective for the rest of these steps. Go to the Servers tab by clicking Window > Show View and click to define a new...
Continue Reading
Continue Reading
FREE
3. Debug a Node.js application
4 of 4
In this section, you will repeat the previous steps with a similar application except that this application is running on the IBM SDK for Node.js in Bluemix. This example will show you how to enable debug and development mode by modifying the manifest file when you push an application to Bluemix. IBM Bluemix DevOps Services web user interface also provides another way to activate development mode for Node.js applications as shown in this diagram: For this section, you will focus on the basics: using a text editor, cloud foundry CLI, Bluemix Live Sync, and the node inspector running in Chrome. Again, you’ll see the steps to start from the beginning, but if you have an existing Node.js application to work with, you can skip or review steps 1 – 3. Go to the Bluemix Catalog, select Boilerplates, and then click the Node.js Cloudant DB Web Starter boilerplate. Enter a unique name for the application. In these examples, you will see an application named cadc-nodecloudant-ws16. You should use a different name and do not use an underscore in the name. Keep the remaining defaults in the boilerplate and click Create. From the Bluemix dashboard, navigate to the new application. To download the sample code for the application, click the Getting Started link. Scroll down and click Download Starter Code to download the application starter code to your workstation. Extract the starter code on your workstation to a directory. Work from this directory and edit the package.json file. Verify that this file contains a start command for the application so that the Bluemix application management utilities can be properly configured by the buildpack. Edit the manifest.yml file: add 128M to the memory for the application Clear any cached state of the application that might prevent the application management tools from starting by removing the application by using the Bluemix plugin...
Continue Reading
Continue Reading