Help Center/ Application Performance Management/ Best Practices(1.0)/ Embedding the APM Topology Page to a Customer's Self-Built System
Updated on 2022-06-20 GMT+08:00

Embedding the APM Topology Page to a Customer's Self-Built System

Background

The Application Performance Management (APM) topology page can be embedded into a customer's self-built system. Specifically, customize an identity broker through the federation proxy mechanism of Identity and Access Management (IAM) and embed a login link to the customer's self-built system. The customer can then view the topology page on its self-built system without logging in to HUAWEI CLOUD websites.

Process

Procedure

Create an identity broker and a login address (FederationProxyUrl) according to steps 1 to 5. These steps are closely related to IAM. For details, see Custom Identity Broker. After performing operations on IAM, embed the topology page according to steps 6 to 7.

  1. Create an IAM user, for example, userB in DomainA and grant the Security Administrator and Agent Operator permissions (global service-global project) to the user.

    DomainA and userB are used as examples. In practice, use actual domain and user names.

  2. Set the username and password of userB in the configuration file of the customer's system to obtain the user authentication token and call APIs. You are advised to encrypt the password.
  3. Create an agency on the IAM console and grant permissions to the agency as required.
  4. In the enterprise system, create a user group with the same name as that of the agency created in the preceding step, add local users to the group, and grant the users permissions required for logging in to HUAWEI CLOUD through a federation proxy.
  5. Log in to the enterprise system and access the federation proxy. This proxy will create a cloud service login address, that is, FederationProxyUrl.

    Example of FederationProxyUrl:
    https://auth.huaweicloud.com/authui/federation/login?idp_login_url={enterprise_system_loginURL}&service={console_service_url}&logintoken={logintoken}

  6. Change the value of console_service_url in FederationProxyUrl to the address of the cloud service console.

    Example of console_service_url:

    https://console.huaweicloud.com/apm/?region=ap-southeast-1&locale=zh-cn&inFrame=true#/apm/atps/topology
    Table 1 console_service_url parameters

    Parameter

    Description

    region

    Region where you are located. You can obtain the value from the address box of the browser after logging in to a HUAWEI CLOUD service. For example, ap-southeast-1.

    locale

    Language. For example, zh-cn.

    inFrame

    Embedded page identifier. If the value is true, the header, footer, and menu bar of the HUAWEI CLOUD console page will be hidden.

  7. Use iframe to embed the APM topology page into the enterprise system. The example code is as follows:

    <!DOCTYPE html>
    <html>
    <head>
      <meta charset="UTF-8">
      <title>iframe test</title>
    </head>
    <body>
      <iframe id="apmTopo" src="${FederationProxyUrl}">
    </body>
    </html>