Connecting probes and gateways on Red Hat OpenShift
This section describes how to configure probes and gateways on Red Hat® OpenShift®.
Connecting the probe to IBM Cloud Pak® for AIOps in the same namespace
- Select the project where AIOps is installed. Go to Installed Operators.
- Choose IBM Netcool Operations Insight Event Integrations.
- Create an Instance in the namespace, for example: Probe for Prometheus Integration.
- Go to Yaml view. Example settings are shown below. view and configure the
object server parameters under the
netcoolparameter according to the connection types described below.
Default Connection
- To identify the ObjectServer service details, run the following
command:
kubectl get services | grep evtmanager | grep -e 'objserv-agg' | grep -v 'nodeport' | awk '{printf "%s\t%s\n", $1, $5}' evtmanager-objserv-agg-backup 4100/TCP,4300/TCP evtmanager-objserv-agg-primary 4100/TCP - Configure your probe ObjectServer configuration in the CR as shown in the example
below:
netcool: backupHost: evtmanager-objserv-agg-backup backupPort: 4300 backupServer: AGG_B connectionMode: default primaryHost: evtmanager-objserv-agg-primary primaryPort: 4100 primaryServer: AGG_P
SSLAndAuth Connection
SSLAndAuthconnection requires a secret with a key database file containing the TLS certificate and credentials to authenticate with the ObjectServer. This secret must be pre-created and the name of the secret is set as thespec.netcool.secretNamevalue.- Run the create-noi-secret.sh script to create the secret. Get this script
from the CASE bundle as described
below:
cloudctl case save --case https://github.com/IBM/cloud-pak/blob/master/repo/case/ibm-netcool-integrations/1.2.0/ibm-netcool-integrations-1.2.0.tgz?raw=true -t 1 --outputdir /root/casedir gunzip ibm-netcool-integrations-1.2.0.tgz tar -xvf ibm-netcool-integrations-1.2.0.tar cd ibm-netcool-integrations/inventory/ibmNetcoolGatewayCEMSetup/files - Fill up the appropriate values in the create-noi-secret.config
file:
IMAGE_NAME : # Either specify full path to netcool probe image name or pull the image manually in your server before running the script NAMESPACE = # specify your namespace KEY_DATABASE_PASSWORD = #Specify any password TLS_ENABLED = set to true SECRET_NAME = specify the secretname which will be created in your namespace which will be filled up at spec.netcool.secretName e.g SECRET_NAME = aiopssecret (for illustration purposes) AUTH_USERNAME=root AUTH_PASSWORD= # check the password using the command below kubectl get secret evtmanager-omni-secret -o json -n yournamespace | grep OMNIBUS_ROOT_PASSWORD | cut -d : -f2 | cut -d '"' -f2 | base64 -d; NOI_RELEASE_NAME=evtmanager NOI_NAMESPACE= # your namespace - Run the script
./create-noi-secret.sh - Check whether your secret from
SECRET_NAMEfrom Step 3 was created in your chosen namespace. - To identify the ObjectServer service details, run the following
command:
kubectl get services | grep evtmanager | grep 'proxy' | awk '{printf "%s\t%s\n", $1, $5}' evtmanager-proxy 6001:30455/TCP,6002:31823/TCP - Configure your probe ObjectServer configuration in the CR as shown in the example
below:
netcool: connectionMode: SSLAndAuth primaryPort: 30455 # Proxy primary Nodeport number backupPort: 31823 # Proxy secondary Nodeport port primaryServer: AGG_P backupServer: AGG_B primaryHost: 10.17.73.66 # Master node IP backupHost: 10.17.73.66 # Master node IP secretName: aiopssecret probe: sslServerCommonName: evtmanager-proxy.yournamespace.svc
Connecting the gateway to IBM Cloud Pak for AIOps in the same namespace
SSLAndAuth Connection
SSLAndAuthconnection requires a secret with a key database file containing the TLS certificate and credentials to authenticate with the ObjectServer. This secret must be pre-created and the name of the secret is set as thespec.netcool.secretNamevalue.- Run the create-noi-secret.sh script to create the secret. Get this script
from the CASE bundle as described
below:
cloudctl case save --case https://github.com/IBM/cloud-pak/blob/master/repo/case/ibm-netcool-integrations/1.2.0/ibm-netcool-integrations-1.2.0.tgz?raw=true -t 1 --outputdir /root/casedir gunzip ibm-netcool-integrations-1.2.0.tgz tar -xvf ibm-netcool-integrations-1.2.0.tar cd ibm-netcool-integrations/inventory/ibmNetcoolGatewayCEMSetup/files - Fill up the appropriate values in create-noi-secret.config
file:
IMAGE_NAME : # Either specify full path to netcool gateway image name or pull the image manually in your server before running the script NAMESPACE = # specify your namespace KEY_DATABASE_PASSWORD = #Specify any password TLS_ENABLED = set to true SECRET_NAME = specify the secretname which will be created in your namespace which will be filled up at spec.netcool.secretName e.g SECRET_NAME = aiopssecret (for illustration purposes) AUTH_USERNAME=root AUTH_PASSWORD= # check the password using the command below kubectl get secret evtmanager-omni-secret -o json -n yournamespace | grep OMNIBUS_ROOT_PASSWORD | cut -d : -f2 | cut -d '"' -f2 | base64 -d; NOI_RELEASE_NAME=evtmanager NOI_NAMESPACE= # your namespace - Run the script
./create-noi-secret.sh - Check whether your secret from
SECRET_NAMEfrom Step 3 was created in your desired namespace. - To identify the ObjectServer service details, run the following
command:
kubectl get services | grep evtmanager | grep -e 'node\|proxy' | awk '{printf "%s\t%s\n", $1, $5}' evtmanager-objserv-agg-backup-nodeport 4100:30255/TCP,30165:30165/TCP evtmanager-objserv-agg-primary-nodeport 4100:32343/TCP,31297:31297/TCP evtmanager-proxy 6001:30455/TCP,6002:31823/TCP - Configure the gateway ObjectServer connection details as shown in the example
below:
netcool: connectionMode: SSLAndAuth primaryPort: 30455 # Proxy primary Nodeport number backupPort: 31823 # Proxy secondary Nodeport port primaryServer: AGG_P backupServer: AGG_B primaryIP: 10.17.73.66 # Master node IP backupIP: 10.17.73.66 # Master node IP primaryHost: evtmanager-proxy.yournamespace.svc backupHost: evtmanager-proxy.yournamespace.svc primaryIDUCHost: evtmanager-objserv-agg-primary-nodeport backupIDUCHost: evtmanager-objserv-agg-backup-nodeport secretName: aiopssecret1