Setting up the cluster with the admin script

To install the Cloud Pak capabilities with the Cloud Pak operator, a cluster administrator user must run a script to set up the cluster. They also need to provide a non-administrator user the information that they need to be able to run the deployment script. Each Cloud Pak capability can be installed with extra components. Postgres and OpenLDAP are always installed.

Before you begin

Make sure that you prepared your cluster with the necessary infrastructure and software. For more information, see Preparing for a starter deployment.

About this task

The cluster setup script is one of several scripts that are provided to help you install the Cloud Pak capabilities. You must be a cluster administrator to run the setup script. For more information, see user archetypes.

The cluster setup script identifies or creates a namespace and applies the custom resource definitions (CRD). The script provides the administrator with the cluster hostname on the cluster and available storage classes. This information must be provided to the user who runs the deployment script.

Note: The admin setup script does not set any parameters in the custom resource (CR) because the administrator might not be using the same host as the user who runs the deployment script.

A new installation of Cloud Pak for Business Automation always includes a namespace-scoped instance of foundational services when you use the scripts.

Use the following steps to complete the set up.

Procedure

  1. Log in to the target cluster as the <cluster-admin> user.
    If you are not already logged in on OpenShift (OCP), then log in using the oc CLI:
    oc login https://<cluster-ip>:<port> -u <cluster-admin> -p <password>

    On IBM Cloud (ROKS), if you are not already logged in use the following command:

    oc login --token=<token> --server=https://<cluster-ip>:<port>
  2. Change the directory to the extracted cert-kubernetes/scripts folder.
    cd ${PATH_TO_EXTRACTED_FILES}/cert-kubernetes/scripts
  3. Run the cluster setup script and follow the prompts in the command window.
    ./cp4a-clusteradmin-setup.sh
    1. Select the CP4BA deployment environment: Online (1) / Offline or Airgap (2). Select Online. Offline is not supported for a starter deployment.
    2. Select the platform type: ROKS (1) or OCP (2).
    3. Select the deployment type starter (1).
    4. Select Yes if you want to install CP4BA as a private catalog rather than in the global catalog namespace (GCN). The GCN uses the openshift-marketplace namespace, the private option uses the target namespace of your CP4BA deployment. The default is No.

      When you select Yes to enable a private catalog, enter the name for a new project or an existing project (cp4ba-starter) for the target deployment namespace, and then choose an existing user on your cluster, a non-admin user is recommended. For more information, see Preparing for a starter deployment. If an existing CP4BA operator is found in another project on your cluster, confirm that you want to deploy another CP4BA operator in the new project by entering Yes. You must install a CP4BA operator in each namespace where you want to install a CP4BA deployment.

    5. Enter the name for a new project or an existing project (namespace).

      If you select to create a new project, make sure that you create the service account (SA) and security context constraints (SCC) in that new project. For more information, see Preparing for a starter deployment.

    6. Optional: Select the non admin user that you created in Preparing for a starter deployment.
    7. Enter Yes to confirm that you have an IBM Entitlement Registry key.
    8. Enter your IBM Entitled Registry key and login credentials (user and password). For more information, see Preparing for a starter deployment.
      Tip: If you ran the cp4a-clusteradmin-setup.sh script and you see one or more of the following messages, then make sure that you start Docker or Podman and run the script again.
      Error saving credentials: error storing credentials
      Error: unable to connect
      The Entitlement Registry key failed

    The following message is displayed:

    [INFO] Checking the IBM Cert-manager Operator ready or not
    ...
    [INFO] Applying the latest IBM CP4BA Operator catalog source...
    [✔] IBM CP4BA Operator catalog source Updated!

Results

When the script is finished, the available storage class names are displayed along with the infrastructure node name. Take a note of the following information and provide it to the Cloud Pak admin user as they are needed for the deployment script:

  1. Project name or namespace.
  2. Storage class names.
  3. Username to log in to the cluster.

Verify the deployment to make sure that all pods are Running. Using the OpenShift CLI:

oc get pods

To get the operator log, run the following commands:

oc project <namespace of Cloud Pak for Business Automation operator>
NAMESPACE=$(oc project -q)
oc get pod | grep ibm-cp4a-operator | awk '{print $1}'

The command returns two pod names. The ibm-cp4a-operator-catalog and one that has a suffix of around ten and then five characters, for example, ibm-cp4a-operator-696d8d9555-27qrf. Use the pod name that is not the catalog in the following command.

podname=$(oc get pod | grep ibm-cp4a-operator-696d8d9555-27qrf | awk '{print $1}')
oc logs $podname -c operator -n $NAMESPACE

A ClusterServiceVersion (CSV) for the operators appear in the target namespace, and APIs provided by the operators are available to use. Run the following command to get the CSVs:

oc get csv -n $NAMESPACE
Note: The version number (24.0.0) of the installed operators corresponds to the channel for Cloud Pak for Business Automation 24.0.0.

What to do next

Go to and complete the next step in Installing the capabilities by running the deployment script.