Preparing for a Demo deployment

An OpenShift Container Platform (OCP) administrator must run a script to set up a cluster. Each core Cloud Pak capability has a corresponding pattern, which includes a list of components that can be installed.

Before you begin

The administrator must make sure that the target Red Hat OpenShift Kubernetes Service (ROKS) cluster on IBM Cloud® or OCP has all of the necessary tools.

Server-side requirements

ROKS classic
Note: Virtual Private Cloud (VPC) Generation 2 compute infrastructure and Bare Metal Servers for classic infrastructure are not supported.

Before you deploy an automation container on IBM Cloud (your target cluster platform is ROKS), you must configure your client environment and create an OpenShift cluster.

Make sure that you install the IBM Cloud CLI so you can use the command-line interfaces (CLIs). As an administrator of the cluster you must be able to interact with your environment.
1. If you do not have an account, create an account on IBM Cloud.
2. If you do not have a cluster, then create one. From the IBM Cloud Overview page, in the OpenShift Cluster tile, click Create Cluster. Refer to the IBM Cloud documentation to create a Kubernetes cluster. The cluster that you create includes attached storage.
3. Log in to your ROKS cluster from a Linux® VM on which you installed the OCP CLI.
```
oc login --token=<token> --server=https://<cluster-ip>:<port>
```
  The following example command shows the token is an almost-unique fixed-size 256-bit (32-byte) hash. You can get these values by clicking Copy Login Command in the OCP console.
```
oc login --token=sha256~5a0GogeS4oEUfG5yFCcPE2Qf-rz5exEUiFaZ4V0Iy1Y --server=https://api.ocp4616-cp4ba.cp.example.com:6443
```
The administrator must make sure that the target cluster has the capacity for all of the capabilities that you plan to install. For more information, see System requirements.
If you want to install Business Automation Insights, then specific services from the Cloud platform foundation are needed. The foundational services are installed by the cluster setup script or the Cloud Pak operator in Operator Hub.
The "demo" deployment provisions Db2® and OpenLDAP with the default values, so you do not need to prepare them in advance. The database is for internal purposes only and cannot be accessed.
Multiple installations of the Cloud Pak are supported, but each deployment must be installed in a different namespace and the operator needs to be installed for each namespace. If any other Cloud Pak needs to be installed in the same cluster, it must be installed in a single namespace. It cannot be installed in "all namespaces".
Cloud Pak for Business Automation requires that the clocks on the worker nodes are synchronized. An OCP cluster that is installed in a restricted network is configured to use a public Network Time Protocol (NTP) server by default. To avoid clock skew, reconfigure the cluster to use a private NTP server instead. Time synchronization must be enabled on all hosts in the cluster, whether using NTP or any other method. For more information, see Configuring chrony time service.

Client-side requirements

Kubernetes 1.16+ CLI. For more information, see https://kubernetes.io/docs/tasks/tools/install-kubectl/.
You must use a kubectl version that is within one minor version difference of your cluster. Using the latest version of kubectl helps avoid unforeseen issues. Download the latest release with the command:
```
curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" 
```
To check the version, run the following command.
```
kubectl version --client
```
The OCP CLI version that matches the OCP cluster. The CLI has commands for managing your applications, and lower-level tools to interact with each component of your system. For more information, see the OpenShift documentation and the download link.
Place the oc binary in a directory that is on your PATH. To check your PATH, run the following command.
```
echo $PATH
```
When the CLI is in your PATH, it is available by running the oc command.
On OCP, install the Podman CLI. You can install Podman by running the following command.
```
yum -y install podman
```
Note: The podman CLI is needed on an OCP registry, as OCP does not support a Docker login. If you plan to run the scripts on macOS or you want to stick with docker, you must install the Docker CLI and add the following line to the /etc/sysconfig/docker file.
```
INSECURE_REGISTRY='--insecure-registry=route'
```
Where route is the name of the route for your image registry. For example, INSECURE_REGISTRY='--insecure-registry=default-route-openshift-image-registry.apps.<hostname>'.

Use this solution for isolated testing or in tightly controlled environments only. For more information, see Deploy a plain HTTP registry.
Download the cert-kubernetes repository to a Linux based machine (RHEL, CentOS, and macOS). To download the files, go to the Container Application Software for Enterprises (CASE) package URL, extract the package, and then extract the contents from the .tar file in the ibm-cp-automation/inventory/cp4aOperatorSdk/files/deploy/crs folder. Use the tar -xvzf command to extract the archives.
```
tar -xvzf ibm-cp-automation-3.1.0.tgz
cd ibm-cp-automation/inventory/cp4aOperatorSdk/files/deploy/crs
tar -xvzf cert-k8s-21.0.2.tar
```
For 21.0.1-IF001 use this URL and the following commands.
```
tar -xvzf ibm-cp-automation-3.0.1.tgz
cd ibm-cp-automation/inventory/cp4aOperatorSdk/files/deploy/crs
tar -xvzf cert-k8s-21.0.1.tar
```
For 21.0.1 download the 21.0.1.tar.gz version from GitHub.

What else is needed before you run the setup cluster script

The scripts can be used only on Red Hat (RHEL), CentOS, or a client to a Linux-based machine or virtual machine that can run Podman.
You need a cluster admin and a non-admin user in the OpenShift identity provider to run the scripts. An example non-admin user cp4a-user is used in the installation instructions.
For more information about users on OpenShift, see Understanding identity provider configuration.

Tip: Go to the following technote for instructions on how to create a simple identity provider for your demo environment How do I create a simple identity provider.
If you run the scripts, you must set the platform to OCP or ROKS.
You can use an existing project in the cluster or create a new namespace by entering its name in the script.
To create a project and change the scope to that project, use the following commands.
```
oc new-project <project_name>
oc project <project_name>
```
Warning: If you plan to use a project (namespace) that you used previously for another Cloud Pak for Business Automation deployment (demo or enterprise), delete all the related PVCs before you install a new demo deployment.
The cluster setup script needs a storage class name to use for dynamic storage.
For more information, see Storage considerations.