Deploying DataPower into IBM Cloud private

Learn how to deploy IBM DataPower Gateway in the IBM Kubernetes-based private cloud, by using Helm Charts.


Skill Level: Beginner
This recipe describes how to deploy IBM DataPower, IBM’s Gateway, into IBM Cloud private, our new Kubernetes-based private cloud, using helm charts and persistent volumes.


  • IBM Cloud private 2.1
  • Kubectl command line
  • DataPower Helm chart

To learn more about IBM DataPower Gateway, visit this link.


1. Install IBM Cloud Private v2.1

If IBM Cloud Private is already installed, make sure that the Kubectl command line is also installed, so you can target any Kubernetes cloud that you’d like.

OK, let’s continue…

2. Get to the DataPower Gateway Helm Chart

Next, install DataPower Gateway itself. With IBM Cloud private, you have two ways to install IBM DataPower Gateway:

  1. IBM Cloud private’s App Center UI
  2. From the command line using “Helm” commands

For this example, we will use the Catalog. However, if you want to use the command line, you can directly access the helm charts here: Either path is fine, and as we both know, if you love kubectl and helm commands, then using the helm charts directly is a great option (you can get helm command line here)

For the UI path, open IBM Cloud private 2.1, and navigate to the Catalog.

  1. From the navigation menu, click Catalog.
  2. Find the appropriate ibm-charts/ibm-datapower-<edition> for your environment and click on Charts.

~If you prefer to use the command line, you can access the Helm charts from the [IBM/charts GitHub repository](
Like most services, IBM DataPower Gateway has important settings that you must complete before you can install. After you accept the license agreement, you’ll be presented with advanced settings

3. Specify advanced settings.

Click on Configure to provide advanced settings. For the following settings, you must provide a value.

– **`crypto.frontsideCert`**
The base64 encoded certificate
– **`crypto.frontsideKey`**
The base64 encoded key
You can leave the other default values as they are except for the following setting.
  • webApplicationProxy.backendThe URL of the target server that DataPower will proxy.

4. Deploy the IBM DataPower Gateway Helm Chart.

Once you are ready (you have accepted the license, and filled in all the advanced installation details), click Install, and you are installing!

You can monitor the installation progress in the following ways.

  • From the management console
    1. Expand Workloads and click Applications.
    2. Select the IBM DataPower Gateway application (a deployment in Kubernetes terms).
    3. Locate the pod, select it, then select the Logs tab.
  • From the command line
    1. Find the pod name.
      kubectl get pods
    2. Monitor its log.
      kubectl logs <your_podname> -f

5. Using IBM DataPower Gateway

  1. Find the URLs to use with the following command, which returns a list of services
    kubectl get svc
  2. After you identify the service name, run the following command
    kubectl describe service <service_name>
  3. From an HTTP client, use https://<external ip>:<port> to access the DataPower application.(If you can’t access the external IP address, please do the following:

Select “Nodes”

You will be able to see the public facing IP address of your worker nodes. Make sure you select a worker node.

Use this IP address with the port number retrieved by the command:

kubectl get svc

in step 1.

Now you are ready to use the IP address and port of your DataPower Gateway Web Proxy pattern.

6 comments on"Deploying DataPower into IBM Cloud private"

  1. I was able to deploy DataPower, determine the IP address of the Node it’s running in, and identify its port. But, I can’t connect using a web browser.

    Seems like there’s a step missing here. Normally, your first connection to a DP appliance is via the command line where you first enable ports, services, and the Web GUI.

  2. I got to the DP command line as follows:

    $ kubectl get pods

    dpwcert1-ibm-datapower-dev-338799998-74tlk 0/1 Running 5 13m

    $ kubectl attach dpwcert1-ibm-datapower-dev-338799998-74tlk –stdin –tty

    login: admin
    Password: *****

    Welcome to IBM DataPower Gateway console configuration.
    Copyright IBM Corporation 1999-2017

    Version: IDG. build 294196 on Dec 2, 2017 10:42:23 AM
    Serial number: 0000001



  3. JasonHamilton February 06, 2018

    in the latest version to get to the login, rather than -stdin and -tty, replace with -i and -t For example:

    $ kubectl attach datapowerdev12321-ibm-datapower-dev-675458fbc7-rbprs -c ibm-datapower-dev -i -t

    If you don’t see a command prompt, try pressing enter.

    login: admin
    Password: *****

    Welcome to IBM DataPower Gateway console configuration.
    Copyright IBM Corporation 1999-2017

    Version: IDG. build 294196 on Dec 2, 2017 10:42:23 AM
    Serial number: 0000001

  4. Len McWilliams February 14, 2018

    How can I configure access to the DataPower WebGUI using ICP?

  5. FernandoBarsoba February 20, 2018

    Len, the helm chart implements the Web Proxy pattern, but does not give you access to the Web GUI since it’s not part of the use case.

Join The Discussion

Your email address will not be published. Required fields are marked *