Node side network configuration
Before you begin
The YAML file with network configuration details is stored in /opt/ibm/appliance/platform/apos-comms/customer_network_config/ansible. Each system is provided with a template to be filled in. There must be only one .yml file apart from the template in the /opt/ibm/appliance/platform/apos-comms/customer_network_config/ansible directory, otherwise you might face issues when configuring the network.
In the following sections, the YAML file is referred to as System_Name.yml.
The following sections provide detailed information on each section in the YAML file. They also provide instructions for common tasks, and some examples of filled-in files.
The system will be up and ready while the YAML file is updated. You may encounter some time of inaccessibility while IPs, VLANs, etc are updated. You may also encounter some outages if you have not entered the information correctly in the YAML file. You can expect a 2 hour period of downtime on the system.
- If your system has Netezza Performance Server installed, you must run nzstop
on the NPS containers before running the Ansible playbook in all of the cases.
Run nzstart after you have validated the changes have been successfully updated.
Do not run nzstart if you are changing
custom_hostnamefor a Kerberos setup on Netezza Performance Server. There is a downtime during docker restart to reflect the newly changed
custom_hostnameinside the container.
- Before updating your YAML file, save a copy as <customer_config>.yml.backup for safe-keeping.
- When editing your System_Name.yml file, you must use spaces. Do not use Tab.
- It is not recommended to have Cisco MACsec enabled on ports facing Cloud Pak for Data System. It might interfere with the system configuration and block communication.
All of the address information in this section is required to complete Cloud Pak for Data System installation. These values are available in the site survey for IBM installation team. If this is incomplete, the installation will not result in a running, customer-ready system.
After the installation is complete, a customer is given a Welcome xls sheet that contains all the IP addresses, users and passwords. Refer to that document to find out the details of your system setup.
Values in the example code that should be replaced by customer values are in bold.
To determine the network prefix from a network mask, count the number of bits that are set in the network mask. For example, a network mask of 255.255.0.0 has 16 bits set, and 255.255.255.0 has 24 bits set.
- Collect node management IP addresses.
- Collect the IP address and prefix for each node. The node addresses must be on the same network. The examples in this document use 126.96.36.199, 188.8.131.52, and 184.108.40.206. The network that is used in these examples is 220.127.116.11, and the prefix is 24.
- Collect the IP address and prefix (or network mask) for the bare metal floating address that is used by the platform manager. This is a single address per system. The floating address must be on the same network as the node-specific addresses. The examples in this document use 18.104.22.168 as the floating address.
- Collect the upstream DNS IP addresses.
The examples in this document use 22.214.171.124 as the IP address of the DNS. The DNS network that is used in these examples is 126.96.36.199, and the prefix is 17.
- Optional: Collect the names of the upstream Time servers.Note: Adding an upstream time source is optional and discouraged. Loss of connectivity with upstream time source will cause full system failure. The system is capable of keeping time in sync without the need for an upstream time source.
These names are used in the time configuration, but the addresses are necessary for management routing configuration. Determine the IP addresses of the upstream Time servers. The Time server address, network, and prefix that are used in these examples are 188.8.131.52, 184.108.40.206, and 24, respectively.
- Collect the default gateway for the management network.
The IP address of the default gateway that is used in these examples is 220.127.116.11.