Recommended: Preparing databases and secrets for your chosen capabilities by running a script
The cp4a-prerequisites.sh script is provided in the cert-kubernetes archive of the CASE package to help you prepare for an installation of Cloud Pak for Business Automation. The script generates property files for the selected capabilities in your deployment and must be run before your deployment is installed.
Before you begin
Before you use the cp4a-prerequisites.sh script to generate the property files, make sure that you review the requirements for the capabilities that you want to install together with your target database. This information is normally found in the preparing sections for each capability, where you can find the steps to manually create the databases. Consider your intended workload and the number of users that you want to access the services. For operational and performance reasons, it is important that network latency between the applications and the database server is as small as possible. For deployments that need to operate continuously with no interruptions in service, enable the databases for high availability (HA).
property
" mode to create the property files for your selected capabilities and
database. Then, take a note of the properties in these files so that you can match up these values
with the configuration of your database services.The cp4a-prerequisites.sh script uses the following utility tools and needs them to be installed on your client machine. If the script finds that any of these tools are missing on the client, it reports which tools are missing and provides a choice to install the tool.
- kubectl (the version that matches your OpenShift cluster version)
If you prepared your client machine for an online deployment, you already installed kubectl. For more information, see Preparing a client to connect to the cluster.
- Java Runtime Environment (JRE 8.x is needed, and is installed by the script if it is not found)
- Java
- keytool
To run keytool, you need to add it to your system PATH.
- OpenSSL version 1.1.1 or higher
About this task
Instead of going through the many documented steps to create the databases and secrets for the capabilities in your Cloud Pak for Business Automation deployment, you can use the script to generate the SQL statement files (scripts) and YAML template files for the secrets.
The cp4a-prerequisites.sh script has three modes.
- property
-
The
property
mode supports the generation of property files for multiple database servers. The script uses a "DB_SERVER_LIST" key in the cp4ba_db_server.property file to list the number of instances, and creates the user property files (cp4ba_user_profile.property
, cp4ba_db_name_user.property, cp4ba_db_server.property, and cp4ba_LDAP.property). You must review and modify these files to match your infrastructure. You must add values for the database server name, database names, database schema, LDAP server name, and LDAP attributes. - generate
- The
generate
mode uses the modified property files to generate the DB SQL statement file and the YAML template for the secret. - validate
- The
validate
mode checks whether the generated databases and the secrets are correct and ready to use in a CP4BA deployment.
After you downloaded the CASE package and extracted the cert-kubernetes archive, change directory to the scripts folder under ibm-cp-automation/inventory/cp4aOperatorSdk/files/deploy/crs/cert-kubernetes. For more information about downloading cert-kubernetes, see Preparing a client to connect to the cluster.
The script can be run from this location and has the following options:
./cp4a-prerequisites.sh
Usage: cp4a-prerequisites.sh -m [modetype]
Options:
-h Display help
-m The valid mode types are: [property], [generate], or [validate]
STEP 1: Run the script in [property] mode. Creates property files (DB/LDAP property file) with default values (database name/user).
STEP 2: Modify the DB/LDAP/user property files with your values.
STEP 3: Run the script in [generate] mode. Generates the DB SQL statement files and YAML templates for the secrets based on the values in the property files.
STEP 4: Create the databases and secrets by using the modified DB SQL statement files and YAML templates.
STEP 5: Run the script in [validate] mode. Checks whether the databases and the secrets are created before you install CP4BA.
All three modes can be run on the same client machine, but you can also run the
property
and generate
modes on different clients. If you want to
use different clients, then copy the temporary property file from the property
mode
along with the output folder to the other client. Make a copy of the following files and put them
into the downloaded cert-kubernetes folder on the other client:
cert-kubernetes/scripts/.tmp/.TEMPORARY.property
cert-kubernetes/cp4ba-prerequisites
The values of the following properties need to be modified after you copy the cp4ba-prerequisites folder to a different client.
********cp4ba_db_server.property*************
<DB_PREFIX_NAME>.DATABASE_SSL_CERT_FILE_FOLDER
********cp4ba_LDAP_server.property*************
LDAP_SSL_CERT_FILE_FOLDER
************cp4ba_user_profile.property******************
APP_ENGINE.SESSION_REDIS_SSL_CERT_FILE_FOLDER
If you ran the
cp4a-prerequisites.sh -m generate
command on the original client, you must run the
command again after you modified the property files to re-create the SSL secret templates with the
updated absolute paths.
Procedure
Results
You can rerun the script in the "property
" mode to create new property
files. When the script detects it ran before, the previous property folder is renamed into a new
time-stamped folder. The name of the backed-up folder is
cert-kubernetes/scripts/cp4ba-prerequisites-backup/propertyfile_%Y-%m-%d-%H:%M:%S.
Use the following steps to update your property files to include your updated capabilities:
- Copy the file .tmp/.TEMPORARY.property into a back up file, for example .TEMPORARY.property.backup.
- Rerun the cp4a-prerequisites.sh script in the "
property
" mode, and choose a different selection of capabilities. - Restore the cp4ba_LDAP.property and cp4ba_External_LDAP.property files from the backup folder by copying and pasting them into the new folder.
- Compare the cp4ba_db_server.property file from the backup folder and merge it where necessary with the new cp4ba_db_server.property file.
- Merge the new cp4ba_db_name_user.property and cp4ba_user_profile.property files with the backed-up property files.
- Rerun the cp4a-prerequisites.sh script in the "
generate
" mode to update the database SQL statements and YAML templates for the secrets. - Compare and merge the .TEMPORARY.property.backup file with the .tmp/.TEMPORARY.property file for the new capabilities.
- Run the database SQL statements for the new capabilities.
- Create the secrets for the new capabilities.
If you already installed a CP4BA deployment and want to update it with the new databases and
secrets for the new capabilities, you must run the cp4a-deployment.sh again to
update the custom resource. Do not forget to verify the custom resource YAML before you scale down
the deployment, apply the new custom resource with the --overwrite=true
parameter,
and scale the deployment back up. For more information, see Stopping your
deployment and Applying the upgraded custom resource.
What to do next
The next task to complete depends on the capabilities that you selected for your deployment. You must prepare all of these capabilities and any dependencies. Go to the next task Optional: Preparing to monitor your containers or jump to the capability in the table of contents or from Preparing your chosen capabilities.