Preparing for a starter deployment
An OpenShift Container Platform (OCP) administrator must set up the cluster.
Before you begin
Install IBM Certificate Manager and IBM License Manager by following the instructions provided
when you run the cp4a-clusteradmin-setup.sh
script.
About this task
Red Hat OpenShift Kubernetes Service (ROKS) cluster and a private OpenShift cluster have
different requirements. Make sure that the client can connect to the cluster you want to use and
download the cert-kubernetes
repository.
- Download the
cert-kubernetes
repository. - All the installation artifacts are contained in the
cert-kubernetes
repository. It is recommended to use the latest interim fix of the release, but if you do need a previous version then you can find them all in the Cloud Pak for Business Automation download document.Tip: Use the move right arrowbelow the 24.0.0 release to find all the available interim fixes.
To download the
cert-kubernetes
repository.- Open the Cloud Pak for Business Automation download document, click Cert Kubernetes for the latest 24.0.0 interim fix version, and then select and copy the displayed command.
- Run the copied
git clone
command to download the files.
- Server-side requirements
-
Table 1. Server-side requirements step by step Requirement More information Get your IBM entitlement key - Log in to MyIBM Container Software Library with the IBMid and password that is associated with the entitled software.
- In the Entitlement Keys tile, click on Add New Key.
Check capacity The administrator must make sure that the target cluster has the capacity for all of the capabilities that you plan to install. For more information, see System requirements. A namespace Warning: If you plan to use a project (namespace) that you used previously for another Cloud Pak for Business Automation deployment (starter or production), delete all the related PVCs before you install a new starter deployment.On the left panel in your OpenShift console, click Create Namespace. In the Create Namespace dialog, specify a name for the namespace, for example
, then clickcp4ba-starter
. To use the default Network Policy, make sure you select "No restrictions".Note: If you plan to use the "All namespaces" option to install the Cloud Pak operator, then theopenshift-operators
namespace is used. You still need a namespace to create a CP4BA deployment, so go ahead and create one.A service account - Create the ibm-cp4ba-anyuid service account (SA) in a
service-account-for-starter.yaml file.
apiVersion: v1 kind: ServiceAccount metadata: name: ibm-cp4ba-anyuid imagePullSecrets: - name: "ibm-entitlement-key"
- Apply the service account to the target
namespace.
oc apply -f service-account-for-starter.yaml -n ${NAMESPACE}
Where the ${NAMESPACE} is the namespace where you want to install the deployment.
- Bind the security context constraints (SCC) to control the actions the SA can take and what it
can access.
oc adm policy add-scc-to-user anyuid \ -z ibm-cp4ba-anyuid -n ${NAMESPACE}
Synchronize worker nodes clocks Cloud Pak for Business Automation requires that the clocks on the worker nodes are synchronized. An OCP cluster that is installed in a restricted network is configured to use a public Network Time Protocol (NTP) server by default. To avoid clock skew, reconfigure the cluster to use a private NTP server instead. Time synchronization must be enabled on all hosts in the cluster, whether using NTP or any other method. For more information, see Configuring chrony time service. It is also worth noting that the "
starter
" deployment provisions PostgreSQL and OpenLDAP with the default values, so you do not need to prepare them in advance. The database is for internal purposes only and cannot be accessed.
What to do next
If you want to use the optional component Content Collector for SAP Applications in the Content pattern, you must prepare the SAP libraries (Preparing ICCSAP libraries). Then install the deployment through OpenShift console. See Installing the capabilities in the OpenShift Console for more information.