The latest version of ActiveControl’s UI is distributed as a container.

This allows us to run the same artifact in many containerised environment using a single, like docker, btp cloudfoundry, btp kyma and many others.

When running in BTP we usually need to connect to on-premise systems with cloud connector, which is trivial and well documented in cloudfoundry runtime.

Has been more of a journey in Kyma, partly because I know next to nothing about it or kubernetes, partly because there’s much fewer knowledge about it in the wild, and I found parts of the documentation a bit confusing (i.e. referring to menu entries who were renamed or need some configuration to appear)

This is basically a sumbed-down version of this blog from Jamie Cawley and related documentation, with additional notes/tips from me.

Will definitely be less accurate, but might help other novices.

This was trivial.

Just download the kubernetes configuration from that link in your btp configuration:

install kubectl and copy the downloaded file to yout kubernetes cpnfiguration:

# for linux/bash
cp ~/Downloads/kubeconfig.yaml ~/.kube/config

Create a deployment for your application, including a namespace for convenience.

This is a YAML file with many resources separated by a single line containing — , will include a simplified example later.

Looks like this:

and as long as the application only needs to talk with cloud services and other Kubernetes resources we’re hunky dory

But I usually need to connect to locked down, on premises systems.

This gets significantly more complex. On my deployment file I only need to add a connectivity proxy service and binding. But I also need:

• api gateway instance on kyma-service namespace (I believe Kyma magically created this for me)
• btp-operator instance on kyma-service namespace
• connectivity service on cloudfoundry (I believe Kyma magically created this for me)
• sap cloud connector instance on my network (running on my laptop)

The full diagram looks like this:

I found the sample code and instructions in the connectivity-proxy folder of the Kyma Runtime Extension Sample repo pretty easy to understand, except the bits on setting up things in kyma

Setting up cloud connector

This works as usual as long as you leave the location ID blank. I didn’t figure out how to use a non-blank one

Also, I didn’t try principal propagation (yet)

Enabling a Kyma module

The documentation explains how to do that in the Kyma console, but refers to menu entries I can’t find

Luckily also explains how to do it with the CLI, and this did the trick:

kyma alpha enable module btp-operator -c fast --kyma-name default --wait

Enabling it took longer than expected and I got a timeout error in CLI, but finally found the entry in kyma dashboard and just waited there

Finally I was able to deploy  the application and connect to it

# deploy the application
kubectl apply -f ./activecontrol-cloudconn.yaml

# getthe application url (using the namespace created in the yaml file)
kubectl get virtualservices --namespace activecontrol-cloudconn

# get the application logs as they're created
kubectl logs -l app=activecontrolcc --namespace activecontrol-cloudconn -f

This will create an application in kyma and an instance and binding in btp:

… and I can now log in via my sap cloud connector:

PS: at some point stopped working, had to kill the connectivity pod

kubectl delete pod connectivity-proxy-0 -n kyma-system

This is my full YAML fine, for reference

kind: Namespace
apiVersion: v1
metadata:
  name: activecontrol-cloudconn
  labels:
    name: activecontrol-cloudconn
    istio-injection: enabled
---
apiVersion: services.cloud.sap.com/v1
kind: ServiceInstance
metadata:
  name: connectivity-proxy
  namespace: activecontrol-cloudconn
spec:
  serviceOfferingName: connectivity
  servicePlanName: connectivity_proxy
  externalName: connectivity-proxy
---
apiVersion: services.cloud.sap.com/v1
kind: ServiceBinding
metadata:
  name: ccbinding
  namespace: activecontrol-cloudconn
spec:
  serviceInstanceName: connectivity-proxy
  externalName: ccbinding
  secretName: ccbinding
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: activecontrolcc
  namespace: activecontrol-cloudconn
  labels:
    app: activecontrolcc
spec:
  replicas: 1
  selector:
    matchLabels:
      app: activecontrolcc
  template:
    metadata:
      labels:
        app: activecontrolcc
    spec:
      containers:
        - name: activecontrolgui
          image: dockerregistry.basistechnologies.info/activecontrolgui:AC-992-add-proxy-support
          imagePullPolicy: Always
          resources: 
            limits:
              cpu: 1000m
              memory: 1Gi          
          ports:
            - name: http
              containerPort: 9200
          env:
            - name: SAPSYSTEM_URI_ACD
              value: "http://acd:8000"
            - name: BTIWP_PROXY
              value: '{"host": "connectivity-proxy.kyma-system.svc.cluster.local","port": 20003 }'
---
apiVersion: v1
kind: Service
metadata:
  name: activecontrolcc
  namespace: activecontrol-cloudconn
  labels:
    app: activecontrolcc
spec:
  ports:
    - name: http
      port: 9200
  selector:
    app: activecontrolcc
---
apiVersion: gateway.kyma-project.io/v1beta1
kind: APIRule
metadata:
  name: activecontrolcc
  namespace: activecontrol-cloudconn
spec:
  gateway: kyma-gateway.kyma-system.svc.cluster.local
  host: activecontrolcc
  service:
    name: activecontrolcc
    port: 9200
  rules:
    - path: /.*
      accessStrategies:
        - config: {}
          handler: noop
      methods: ["DELETE","HEAD","GET","PATCH","POST","PUT"]