Deploying the Platform UI on AKS

Deploying the IBM Cloud Pak Platform UI enables you to deploy and manage instances from a central location. This task must be performed by a namespace editor. For more information, see OpenShift roles and permissions.

This procedure describes how to deploy and configure a Platform UI on Azure Kubernetes Service by using the CLI.

Troubleshooting: For a list of possible errors and solutions when following these steps, see Common issues and solutions.

Before you begin

Deploying with the CLI

Installing cert-manager in your AKS cluster

Install the Kubernetes certificate management controller (cert-manager) in your AKS cluster to generate and manage the TLS certificates that are needed for internal communication.

Important: This is an example procedure only. Support for this certificate manager software is not included in the IBM Cloud Pak for Integration entitlement. Ensure that your organization has a support structure in place for certificate management.

By default, cert-manager is installed into a cert-manager namespace in your cluster. For more information about installing cert-manager, see the cert-manager documentation.

To install cert-manager, complete the following steps:

  1. Log into your AKS cluster, using your AKS user credentials:

    kubectl login
  2. Run the following command to install the cert-manager resources from a YAML manifest file on GitHub:

    kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.17.2/cert-manager.yaml
  3. To verify the installation, run the following command:

    kubectl get pods --namespace cert-manager

    The output should indicate that the cert-manager pods have a status of Running.

Creating the Platform UI instance

  1. Log into your AKS cluster with your AKS user credentials:

    kubectl login
  2. If you installed the operators in "All namespaces on the cluster" mode, you will need to use a different namespace in which to deploy the instance.

    • If needed, create a new namespace for this purpose:

      kubectl create namespace <namespace_name>

      For example:

      kubectl create namespace integration
  3. Create a PlatformNavigator YAML file. For example, you could create a file called platform-ui-instance.yaml with the following example configuration. Update the values as indicated:

    • For metadata.namespace, enter your namespace name.

    • Change the value of spec.license.accept to true if you accept the Cloud Pak for Integration license agreement. For details, see Licensing.

    • Change any other configuration details as required.

      apiVersion: integration.ibm.com/v1beta1
      kind: PlatformNavigator
      metadata:
        name: integration-quickstart
        namespace: integration
      spec:
        license:
          accept: false
          license: L-VEMB-RABZSN
        replicas: 1
        version: 16.2.0

    For information about advanced configuration options, see Configuring the Platform UI.

  4. Apply the YAML file to the AKS cluster:

    kubectl apply -f platform-ui-instance.yaml
  5. Check the status of the Platform UI instance by running the following command in the namespace where it was deployed:

    kubectl get platformnavigator

Getting the URL required to access the Platform UI

  1. Set the name and the namespace (placeholders <name> and <namespace>) for the Platform UI:

    NAME=<name>
    NAMESPACE=<namespace>
  2. Get the URL with the following command:

    kubectl get pn -n ${NAMESPACE} ${NAME} -o jsonpath="{.status.metadata.UIEndpoint}{'\n'}"
  3. Copy the URL into your browser.

Getting the initial admin password

For your first login to the Platform UI, the initial administrator username is integration-admin.

The initial administrator password is placed in a secret named <NAME>-platform-ui-authentication, where <NAME> is the name of the Platform UI instance. Follow the applicable steps to locate the secret in the correct namespace.

  1. Set the name and the namespace (placeholders <name> and <namespace>) for the Platform UI:

    NAME=<name>
    NAMESPACE=<namespace>
  2. Get the password from the secret in the namespace:

    kubectl get secret/${NAME}-platform-ui-authentication -n ${NAMESPACE} \
       -o go-template='{{index .data "authentication.yaml" | base64decode}}{{"\n"}}'

    The user credentials are printed in your command line tool.

For more information on managing usernames and passwords, see Managing users on AKS.

Considerations when deploying on AKS

The following Platform UI features are not available when deploying on AKS :

  • Managing other locations

  • Seamless single sign-on for all deployed instances (each instance needs to be configured against the same identity provider).

  • Backup and restore using Red Hat OpenShift API for Data Protection (OADP) or Velero.

  • Building integrations with the assembly canvas

  • Installing in an air-gapped or disconnected environment

  • Access control user interface

  • Versions and upgrades page

What to do next

After you complete other deployment tasks in the Platform UI, you can perform additional post-installation configuration:

After configuring the Platform UI, deploy the instances you want to use. For more information, see Deploying instances.