Ricky Moorhouse

Blog

Isle of Wight

We decided to take a short family break on the Isle of Wight dung the school Easter holidays. We found accommodation in Yarmouth through Airbnb at a lovely spot overlooking the River Yar.

Panorama from cottage

On Thursday morning we took the WightLink ferry over to the island in the morning and as we got there early they put us on the earlier ferry so we arrived to the Isle of Wight just after ten o'clock. We decided to head to Alum Bay and spend the day there. We first went to the viewpoint to see the Needles and then took the stairs down to the bay as dogs weren't allowed on the chair lift we knew we had to do this both ways!

We found a nice spot on the beach to sit and have our picnic and relax. Nova had a good time exploring around us and found her comfiest spot to sit was on Jess.

After a relaxing time on the beach we headed back up to the cliff top - Nova managed the just set of stairs but wanted to be carried up the bigger set. At the top we browsed the shops and had ice creams whilst listening to the live music. We then took the bus across to the Needles battery where we explored the headland and enjoyed the views all around before heading in to see the battery itself. From there you cold see exactly it why was a strategic point to be armed as it overlooked the entrance to the Solent - noone was getting in without passing into its range. We got drinks from the cafe before heading for the bus stop to return to Alum Bay.

We then checked into our cottage, had fish and chips and enjoyed the sunset - of course Nova managed to be the first one to try out the outdoor shower as she found something smelly to roll in.

The next day we explored from where we were staying down the route of the old railway line along the side of the river - we got to the End of the Line Cafe and then headed back and had a relaxing afternnon at the boat house - making use of the sauna and garden to enjoy the fantastic weather. In the afternoon Laura and I headed out for another wander along the railway path along to the end and back along the coast, stopping at Off the Rails for a drink along the way. Then in the evening we headed up into Yarmouth and out on the pier before collecting pizzas to take back to the boathouse to enjoy in the garden.

Time with the team in Kochi

I was fortunate to finally get a chance to visit my team in Kochi and had a fantastic few days with them, it was so great to be able to spend some time face to face after working together remotely for several years. I travelled to Kochi via Chennai with British Airways. In Chennai this meant I arrived through the international terminal and then had to clear immigration and head over to the domestic terminal next door. Immigration all went smoothly but then at the domestic terminal they didn't recognise my boarding pass for the Indigo codeshare that British Airways had given me, so I had to get help at the check in desks. Once this was all resolved I had to pass through security again and all went smoothly, efficient boarding and a short flight later I arrived in Kochi around 9 in the morning and was met by Akhil and Midhun at the airport to take me to the office.

I didn't have very much time to explore Kochi, with arriving on Monday morning and heading back over to Chennai on the Thursday night to spend a day with the team there on Friday but we managed to get away earlier one afternoon and head to the coast - then on the way it poured with rain so we ended up at a nice spot, Old Lighthouse Lounge, overlooking the coast where we could get some food and drink.

I tried a lot of different foods (whilst sticking to the less spicy options) heading to different places with the team each day I was there - I think my favourite was the local fish wrapped with spices and baked in a banana leaf followed closely by parotta (a flakey layered flatbread) and some of the different paneer based dishes.

There was a real buzz in the office there and it was fantastic seeing the sense of community there and the collaboration that went on within the teams. I managed to have a lot of conversations with different groups across the team, a few one on ones and a couple of full team meetings, but there's lots more that could easily taken another week as the time flew by too quickly. I hope to see them all again soon!

TheCompoChallenge - Photography

For 5 weeks, Hiro ran a photography challenge series with the aim to focus on different techniques in photographic composition each week. I joined in from the start and found it really insightful to try and use the particular techniques during the week as I took photos. Some of these were much harder to find opportunities for than others and it was interesting to see other peoples photos shared on social media during the challenge as well.

Here are the photos I took with each technique during the challenge (and a couple I added in subsequently)

1. The Rule of Thirds

The Rule of Thirds challenge is all about getting your subject out of the middle of the frame.

2. Lines

Leading lines are lines within the frame of your shot that naturally draw the viewer’s eye to your subject.

Diagonal lines accomplish something similar but don’t always have to point directly at your subject

3. Frames

This technique asks you to find ways to create a frame around your subject in your composition. This might be a doorway, a trellis, trees hanging over a path, a window, shadows around a patch of light, and so on.

I struggled with this one - whilst I found possible frames - there wasn't a subject around to frame them with! After the week I managed to get this one with the blossom framing the building at the University of Birmingham:

4. Subject Isolation + Contrast

Contrast is a really cool element of photography that can be used a lot of different ways. It could be very visual by putting a brightly lit subject against a dark background, or color based by contrasting a bright red rose against green foliage, or even conceptual with something like capturing someone who is clearly quite happy on a bus surrounded by dour fellow passengers.

5. The Golden Spiral

The Golden Spiral technique is all about leveraging the elements in your photo to draw your viewer's eyes around the frame en route to settling on your principal subject.

Again I didn't manage to get any photos for this one but am hoping to try in the future.

Remote Gateway on Openshift

This post should guide you through the steps on how to deploy a datapower gateway to use as a remote gateway with API Connect Reserved instance, optionally configuring the inbound management traffic through IBM Cloud Satellite Connector.

Overview diagram

Installing the Operators

To install the operators in your cluster, the steps are as described in the documentation on how to install the operators

Set up certificates

Again follow the steps for creating certificates in the documentation.

Deploy the Gateway Cluster

Deploying the gateway cluster into Openshift is just a case of creating the GatewayCluster CR - you can start from this template.

  • Create a pull-secret with access to download the datapower images and reference it under imagePullSecrets. You can download the image to mirror to your registry from the 'Download Gateway' button in the reserved instance Config Manager.

  • Create a secret containing the password for the datapower admin user and ensure it is referenced under adminUser - you can use the following command to create this:

    oc create secret generic admin-secret --from-literal=password={SET-PASSWORD-HERE!}

  • Update imageRegistry to point to your image registry.

  • Update the jwksUrl for your reserved instance, this needs to be the platform api endpoint for the reserved instance followed by /api/cloud/oauth2/certs - you can find the platform api endpoint url from the 'Download Clients' link in the API Manager interface.

  • Select and configure the appropriate profile for your cluster.

  • Create a secret with the CA the reserved instance endpoints are signed by - Let's Encrypt X2 Root CA (Download from the Let's Encrypt site) and ensure the secretName for mgmtPlatformEndpointCASecret points to this.

    curl https://letsencrypt.org/certs/isrg-root-x2.pem -o isrg-root-x2.pem oc create secret generic isrg-root-x2 --from-file=ca.crt=isrg-root-x2.pem

  • [Optional] If you are routing the inbound traffic through IBM Cloud Satellite Connector, you will need to configure the hostname for the gatewayManagerEndpoint to match the private cloud endpoint hostname for your connector - typically c-01.private.{region}.link.satellite.cloud.ibm.com.

  • Apply the gateway cluster yaml

  • You can check the status of the cluster using oc get gatewaycluster. If you see any issues you can use oc describe gatewaycluster for more details.

Set up Satellite Connector [optional]

Optionally, deploy a satellite connector agent on the same cluster as the remote gateway

  • Create a Satellite Connector
  • Deploy the agent
  • Create a Connector Endpoint for the gateway management interface docs. For the Gateway management endpoint you will need the following details:
    • Destination FQDN: {gateway-cluster-name}-datapower.{namespace}.svc e.g. api-gateway-datapower.apicri-gateway.svc
    • Destination Port: 3000
    • TCP

Register gateway with Reserved Instance

Create TLS Client Profile so that the manager can trust the CA that signs the certificate for the gateway management endpoint. This can be done through the RI Config manager under TLS.

  • Create a Trust Store containing the CA Certificate which can be obtained by copying out the ca.crt from the gateway-manager-endpoint-secret and putting it in a file named ca.pem (API Connect needs the .pem extension for the upload to be accepted.)
  • Create TLS Client Profile referencing the Trust store created

Create TLS Server profiles to present to clients invoking the APIs:

  • Create TLS Key Store containing the certificate and private key to present - typically these would be obtained through an external Certificate Authority.
  • Create a Server profile referencing the key store created.

To register the gateway on the 'Gateways' tab you will need the following details:

  • URL of management endpoint: If using Satellite, this is the link endpoint URL including the port number. If not, this will be the hostname from the gatewayManagerEndpoint in the gateway cluster CR.
  • TLS Client Profile: profile created above
  • Base URL of API Invocation endpoint: The host from the gatewayEndpoint in the CR that inbound clients will use
    • TLS Server Profile: profile created above