Installing the management subsystem
Install the management subsystem in your Kubernetes environment.
Before you begin
- Reviewed the Kubernetes requirements in Pre-installation requirements
- Completed Deploying operators and cert-manager
About this task
Edit the custom resource template for the management system, apply the resource, verify that the pods are up and running, and verify that you can connect to the API Connect Cloud Manager.
Procedure
- Edit the
management_cr
template CR, to replace the placeholders with values for your deployment.$APP_PRODUCT_VERSION
- API Connect application version for the subsystems.
version: <version_number>
Example version number: 10.0.8.1
$SECRET_NAME
- Use for image pull.
imagePullSecrets: - apic-registry-secret
$PROFILE
-
Specify your management subsystem profile, where
n
indicates number of replicas,c
number of cores, andm
is the minimum memory allocation in GB. For more information on profiles, see Deployment and component profiles. $DOCKER_REGISTRY
- The host name of the Docker Registry to which you uploaded the installation images. For
example:
my.docker.registry.domain.example.com.
- $INGRESS_CLASS
-
The ingress class that you want the endpoint to use. This property is optional and if not specified, the ingress class with annotation
ingressclass.kubernetes.io/is-default-class: true
is used. If such an ingress class does not exist in the Kubernetes environment, thennginx
is used. If you do set this value, it must refer to a valid ingress class configured in your Kubernetes system.Note: This property is commented out in the template CR file. If you set this value, make sure to also uncomment it. $STACK_HOST
- The desired ingress subdomain for the API Connect stack. Used when specifying endpoints. Domain
names that are used for endpoints cannot contain the underscore "_" character. You can do one of the
following:
- Subdomain customization only
Accept the prefixes predefined for the ingress host names to use and just replace all instances of
STACK_HOST
to be the desired ingress subdomain for the API Connect stack. For example, if your host ismyhost.subnet.example.com
:cloudManagerEndpoint: < ... > hosts: - name: admin.myhost.subnet.example.com secret: cm-endpoint apiManagerEndpoint: < ... > hosts: - name: manager.myhost.subnet.example.com secret: apim-endpoint platformAPIEndpoint: < ... > hosts: - name: api.myhost.subnet.example.com secret: api-endpoint consumerAPIEndpoint: < ... > hosts: - name: consumer.myhost.subnet.example.com secret: consumer-endpoint consumerCatalogEndpoint: < ... > hosts: - name: consumer-catalog.myhost.subnet.example.com secret: consumer-catalog-endpoint
- Complete hostname customization
Change both the predefined prefixes and the
STACK_HOST
subdomain to match your desired hostnames.For example, for
cloudManagerEndpoint
, you can replaceadmin.$STACK_HOST
withmy.cloudmgr.myhost.subnet.example.com
, wheremy.cloudmgr
replacesadmin
, andmyhost.subnet.example.com
replacesSTACK_HOST
. For example:cloudManagerEndpoint: < ... > hosts: - name: my.cloudmgr.myhost.subnet.example.com secret: cm-endpoint
You can do this for some or all of the host names, depending on your customization requirements.
- Subdomain customization only
$STORAGE_CLASS
- The Kubernetes storage class to be used for Persistent Volume Claims. Find the available storage
classes in the target cluster by running the following command:
kubectl get sc
.storageClassName: local-storage
- Edit the
license:
setting:- Set
accept:
totrue
to accept the license. Note that the default value isfalse
. If you do not accept the license, the Operator will not install the subsystem. - Set
metric:
to track your product usage. Enter the unit of measure that is used for your program license:- PROCESSOR_VALUE_UNIT - Default value. If you leave the field blank, this value is used.
- MONTHLY_API_CALL - Applies only to the IBM API Connect Hybrid Entitlement program.
For information on tracking monthly call volume, see Tracking API volume for auditing and compliance.
- Set
use:
to eitherproduction
ornonproduction
, to match the license you purchased. - Set
license:
to the License ID for the version of API Connect that you purchased. See API Connect licenses.
Example entry to accept the license for a production system:
license: accept: true metric: PROCESSOR_VALUE_UNIT use: production license: L-RJON-BZ5LSE
- Set
- If installing with custom internal certificates, specify a site name.
- The site name is used as the identifier for the PostgreSQL database cluster used by API Connect.
This name should already have been decided upon and used to update the
custom-certs-internal.yaml
file as described in Generating custom certificates using cert-manager. - You must now add your chosen site name to
management_cr.yaml
, by creating asiteName
property anywhere inside thespec
block, set to the chosen site name:siteName: <site_name>
Replace <site_name> with your chosen site name.
- The site name is used as the identifier for the PostgreSQL database cluster used by API Connect.
This name should already have been decided upon and used to update the
- It is recommended to allocate 100Gi for write-ahead logging
(WAL) storage.
The default storage is:
- One replica profile - 30Gi
- Three replica profile - 47Gi
For best performance, edit the CR to add the following entries, and set
volumeSize:
to 100Gi:spec: dbArchiveVolumeClaimTemplate: storageClassName: <storage-class> volumeSize: <volume-size>
- Optional: If you are installing as part of a two data center disaster recovery set up, complete the steps in Installing a two data center deployment on Kubernetes before you apply the edited file.
- Install the management Custom Resource, replacing
<namespace>
with the target installation namespace in the Kubernetes cluster.kubectl apply -f management_cr.yaml -n <namespace>
- Verify that the management subsystem is fully installed:
kubectl get ManagementCluster -n <namespace>
The installation has completed when the
READY
status isTrue
, and theSUMMARY
reports that all services are online (e.g.9/9
). For example:NAME READY SUMMARY VERSION RECONCILED VERSION AGE management True 16/16 <version> <version-build> 7m17s
- Check your connection to the Cloud Manager user interface on the
management subsystem on your Cloud Manager endpoint.
For example, if you accepted the default prefix of
admin
, and you set$STACK_HOST
tomyhost.subnet.example.com
, the Cloud Manager endpoint URL is:https://admin.myhost.subnet.example.com/admin
The first time that you access the Cloud Manager user interface, you enter admin for the user name and 7iron-hide for the password. You will be prompted to change the Cloud Administrator password and email address. For further details, see Accessing the Cloud Manager user interface.
- Backup your management subsystem database and infrastructure configuration: Backing up and restoring the management subsystem.
What to do next
If you are creating a new deployment of API Connect, install other subsystems as needed.
When you have completed the installation of all required API Connect subsystems, you can proceed to defining your API Connect configuration by using the API Connect Cloud Manager; refer to the Cloud Manager configuration checklist.