Combining the power of ACE and NodeRED

#!/bin/bash## Change the project and credentials as needed
#### Create a new project namespace
echo “Create Project”
oc new-project ${PROJECT} \
— display-name=”ACE NodeRed” \
— description=”Add a Node-RED sidecard that can be called from ACE”
## Set up Serice Account to allow ACE to run as any UID
oc create serviceaccount ace-runasanyuid
oc adm policy add-scc-to-user anyuid -z ace-runasanyuid — as system:admin
#### Create the secret that will allow the builder to access github
echo “Create secret”
oc create secret generic tonyhickman-github \
— from-file=ssh-privatekey=ocp-access \
#### Build the new Node-RED component
echo “Create NodeRED new build”
ssh-agent bash -c ‘ssh-add ocp-access; /
oc new-build \
— source-secret=tonyhickman-github \
— name ace-nr’
echo “Sleep for a while”
sleep 120
#### build the app as a POD with TWO containers in it
# NB: No builder needed for ACE as pulling Image from Docker Hub. This may change going forward if want to insert BAR’s
echo “Create App”
oc new-app ibmcom/ace:latest+ace-nr:latest \
— env=LICENSE=”accept” \
— name ace-app
# Stop OCP from restarting the pod
oc set triggers dc ace — manual
## Patch app to run as any
echo “Patch”
oc patch dc/ace — patch ‘{“spec”:{“template”:{“spec”:{“serviceAccountName”: “ace-runasanyuid”}}}}’
# Allow OCP to restart the pod when changes are made
oc set triggers dc ace — auto
echo “Expose LoadBalancer Ingress”
oc expose dc ace — type=LoadBalancer — name ace-loadbalancer
### create a secure route
echo “Create Routes….”
echo “Expose NodeRED on HTTPS”
oc create route edge ace-node-red — service=ace — port=1880 — insecure-policy=Redirect
echo “Expose svc”
oc expose svc ace — name=ace-admin — port=7600 — protocol=”TCP”
exit 0
  1. Create a new project for the ACE/NodeRED environment
  2. Create a service id and set access policy so that the ACE container can run as any userid. This is needed as the ACE container uses a specific id so we have to make sure OpenShift doesn’t override this.
  3. Create the necessary secret for the git repository which holds the NodeRED files (as detailed in the earlier sections)
  4. Create a new-build for NodeRED. Note that here I run the command in an ssh-agent shell. This is because I create and manage the access SSH key outside if the .ssh configuration so I need to explicitly pick up the right key so the oc command can run as it needs to be able to access the git repository as part of its execution.
  5. Sleep for a while to allow the build to complete
  6. Create a new-app using the ACE container (ibmcom/ace) and the NodeRED build (ace-nr) [both picking up the latest version]
  7. Set the pod so that they wont auto update as we need to make some changes
  8. Patch the deployment config for the ace container so it picks up the service id to allow the container to run as any user id.
  9. Re enable the auto update of the pods so the patch is applied
  10. Create a Loadbalance to expose the services defined in the deployment config
  11. Expose the NodeRED editor via HTTPS using an edge route. This is useful to allow flows to be viewed and debugged but any changes to the flow will be lost when the pod is restarted. Changes to the flow need to be made via the Flow Editor environment so that they can be pushed to the git repository and once this is done the changes can be picked up by rebuilding this environment.
  12. Expose that ACE administration port to allow the ACE environment to be managed.
OpenShift configuration

Calling NodeRED from ACE Flow

Now that everything is in place we need to actually use both environments. Given I am using the developer edition of the ACE docker container I don’t have access to the cool new Designer Tooling but I can use the excellent App Connect Toolkit.

REST API wizard
Add resource
API with new resource
Model Creation
New Model
Update body schema
Create sub flow
postCall sub flow
Route node properties
Set Compute Mode
ACE management interface
ACE Management console
NodeRED flow
ACETest Template
ACETest2 Templace
“name”: “Some”,
“surname” : “OneElse”
“name”: “Tony”,
“surname” : “Hickman”


After all this where have I got to… Well I have an approach which does allow me to bring together the power of ACE and NodeRED within a single OpenShfit pod which offers me tighter control around the communication path and is a close as I can get to imbedding NodeRED in ACE. Going forward I want to experiment with bringing in the ACE Designer component as that further supports my drive for Low / No code, and I want to look at building a CI/CD pipeline for the ACE Flows.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Tony Hickman

Tony Hickman

I‘ve worked for IBM all of my career and am an avid technologist who is keen to get his hands dirty. My role affords me this opportunity and I share what I can