Preparing a client to connect to the cluster

A Red Hat OpenShift Kubernetes Service (ROKS) cluster and a private OpenShift cluster have different requirements. Make sure that the client can connect to the cluster you want to use, and has the necessary CLI tools if you plan to run scripts. Install the appropriate tools from the following list.

• Client-side requirements
• What else is needed before you run the installation scripts

Client-side requirements

Table 1. Client-side requirements step by step

Requirement	More information
Kubernetes 1.16+ CLI	For more information, see https://kubernetes.io/docs/tasks/tools/install-kubectl/. You must use a kubectl version that is within one minor version difference of your cluster. Using the latest version of kubectl helps avoid unforeseen issues. Download the latest release with the command: export KUBECTL_VERSION=`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt` curl -LO "https://storage.googleapis.com/kubernetes-release/release/${KUBECTL_VERSION}/bin/linux/amd64/kubectl" Use the chmod command to give access to kubectl and make it executable for all users. chmod a+x kubectl To check the version, run the following command. kubectl version --client Place the kubectl binary in a directory that is on your PATH. To check your PATH, run the following command. echo $PATH
OCP CLI	For more information, see the OpenShift documentation and the download link. Download the latest version for your OCP cluster. The CLI has commands for managing your applications, and lower-level tools to interact with each component of your system. Place the oc binary in a directory that is on your PATH. To check your PATH, run the following command. echo $PATH When the CLI is in your PATH, it is available by running the oc command.
Podman CLI	If you plan to download the Cloud Pak images to a private registry, you must install the Podman CLI. You can install Podman by running the following command. yum -y install podman Note: The podman CLI is needed on an OCP registry, as OCP does not support a Docker login. If you plan to run the scripts on macOS or you want to stick with docker, you must install the Docker CLI and add the following line to the /etc/sysconfig/docker file. INSECURE_REGISTRY='--insecure-registry=route' Where route is the name of the route for your image registry. For example, INSECURE_REGISTRY='--insecure-registry=default-route-openshift-image-registry.apps.<hostname>'. Use this solution for isolated testing or in tightly controlled environments only. For more information, see Deploy a plain HTTP registry.
cert-kubernetes	Download the cert-kubernetes repository. Note: Releases with interim fixes are packaged in archives with a new minor version. The version numbers follow the release.major.minor standard. For example, the first interim fix for 21.0.3 is packaged in the archive ibm-cp-automation-3.2.1.tgz. All available and future interim fixes provide an associated CASE package. To find the relevant instructions, go to the interim fix readme file. Download the 21.0.3-IF007 package by clicking Container Application Software for Enterprises (CASE) package 3.2.7, or go to the CASE packages URL and download the package for a specific or the latest interim fix. Extract the package. Extract the contents from the .tar file in the ibm-cp-automation/inventory/cp4aOperatorSdk/files/deploy/crs folder. Use the tar command to extract the archives. tar -xvzf ibm-cp-automation-3.2.7.tgz cd ibm-cp-automation/inventory/cp4aOperatorSdk/files/deploy/crs tar -xvf cert-k8s-21.0.3.tar

What else is needed before you run the installation scripts

Table 2. Script requirements

Requirement	More information
Operating system	The scripts can be used only on CentOS Stream/RHEL/MacOS or a client to a Linux-based machine or virtual machine that can run docker/podman. The cert-kubernetes scripts always support the latest RHEL version. Do not use RHEL 8.4 due to an incompatibility issue.