Preparing to install IBM Cloud Pak for Network Automation Orchestration Manager
Complete these tasks to prepare for your installation of IBM® Cloud Pak for Network Automation Orchestration Manager.
- Set up the installation dependencies
- Configure storage
- Create the ibm-common-services namespace
- Create a custom namespace
- Create the entitlement key secret
- Expose metrics for Prometheus
- Add the catalog sources
- Install and configure a certificate manager
- Optional: Create a secret for custom Site Planner plug-ins
- Optional: Consider the storage requirements for application logging
- Optional: Set up the dependencies for accessing the IBM Cloud Pak® via a customized hostname or IP address
Before you begin
Review the Planning information.
For any steps that use the Red Hat®
OpenShift® Container Platform
command-line interface (CLI), run the oc login
command to log in to your Red Hat OpenShift cluster.
Set up the installation dependencies
Ensure that you have the following dependencies set up:
- OpenShift Container Platform must be installed and running on a supported architecture. For detailed steps, see Installing Red Hat software. For more information about the required architecture and platform, see Hardware requirements and supported architectures.
- Install the Red Hat OpenShift command-line interface
(CLI).
Install the Red Hat OpenShift CLI,
oc_cli
on your cluster's boot node and runoc login
, following the instructions in Getting started with the OpenShift CLI (Red Hat OpenShift Container Platform 4.16). If you are using a different version of Red Hat OpenShift, select the appropriate version on the Red Hat OpenShift documentation page.
Configure storage
The storage configuration must satisfy your sizing requirements. You must define storage classes in Red Hat OpenShift Container Platform and set your storage configuration to satisfy your sizing requirements.
For more information, see Hardware requirements and Storage requirements.
Create the ibm-common-services
namespace
This procedure is required only if you are installing IBM Cloud Pak for Network
Automation Orchestration Manager in All namespaces on the
cluster installation mode. If you are installing in this installation mode, you must
first create the ibm-common-services
namespace.
ibm-common-services
namespace with this exact name. Any other name
impacts the installation.Use either of the following methods to create the
ibm-common-services
namespace:
- Create a project with the OpenShift Container Platform console.
- Log in to your OpenShift Container Platform cluster console.
- In the navigation menu, click .
- Click Create Project.
- Specify
ibm-common-services
as the project name and click Create.
- Create a namespace with the Red Hat OpenShift CLI.
- Run the following
command:
oc create namespace ibm-common-services
Create a custom namespace
Use either of the following methods to create a namespace or project into which you can install IBM Cloud Pak for Network Automation Orchestration Manager. A project is a Kubernetes namespace.
- Create a project with the OpenShift Container Platform console.
-
- Log in to your OpenShift Container Platform cluster console.
- In the navigation menu, click .
- Click Create Project.
- Enter the project name and click Create.
- Create a namespace with the Red Hat OpenShift CLI.
- Run the following command, where
<namespace>
is the namespace that you want to create:oc create namespace <namespace>
Create the entitlement key secret
- Obtain the entitlement key that is assigned to your IBMid. For more information, see Obtaining an entitlement key.
- Create an image pull secret called ibm-entitlement-key. You can use either of
the following methods.
- Create the secret with the OpenShift Container Platform console.
-
- From the navigation menu, click .
- From the Project list, select the project that you want to create the
instance in.
A project is a Kubernetes namespace. Select the namespace that you created in the step Create a custom namespace.
- On the Secrets page, click Create and select Image Pull Secret.
- Enter the following values:
- In the Secret Name field, enter ibm-entitlement-key.
- In the Registry Server Address field, enter cp.icr.io.
- In the Username field, enter cp.
- In the Password field, enter the entitlement key that you copied in step 1.
- Click Create.
- Create the secret with the Red Hat OpenShift CLI.
- From the Red Hat OpenShift CLI, run the following
command to create an image pull secret called
ibm-entitlement-key:
Where:oc create secret docker-registry ibm-entitlement-key \ --docker-username=cp \ --docker-password=<entitlement-key> \ --docker-server=cp.icr.io \ --namespace=<namespace>
<entitlement-key>
is the entitlement key that you copied in step 1.<namespace>
is the namespace that you created in the step Create a custom namespace.
Expose metrics for Prometheus
Prometheus is a monitoring and alerting toolkit and is deployed by default on Red Hat OpenShift Container Platform clusters. Before the orchestration metrics can be collected and stored in Prometheus, you must expose the metric endpoints to Prometheus.
To enable Prometheus to collect the metrics, you must deploy the
cluster-monitoring-config
and user-workload-monitoring-config
configmaps, as documented in the following steps.
- Expose metrics for Prometheus with the OpenShift Container Platform console.
- Click the Import YAML plus (+) icon in the console toolbar to open the Import YAML page.
- Paste the following text:
apiVersion: v1 kind: ConfigMap metadata: name: cluster-monitoring-config namespace: openshift-monitoring data: config.yaml: | enableUserWorkload: true --- apiVersion: v1 kind: ConfigMap metadata: name: user-workload-monitoring-config namespace: openshift-user-workload-monitoring data: config.yaml: |
- Click Create.
- Expose metrics for Prometheus with the Red Hat OpenShift CLI.
- Create a YAML file and add the following configuration information:
apiVersion: v1 kind: ConfigMap metadata: name: cluster-monitoring-config namespace: openshift-monitoring data: config.yaml: | enableUserWorkload: true --- apiVersion: v1 kind: ConfigMap metadata: name: user-workload-monitoring-config namespace: openshift-user-workload-monitoring data: config.yaml: |
- Deploy the configmaps by running the following command:
oc apply -f <filename>
- Create a YAML file and add the following configuration information:
For more information about how to configure monitoring for your cluster, see Enabling monitoring for user-defined projects (Red Hat OpenShift Container Platform 4.16).
Add the catalog sources
- IBM Operator Catalog
- IBM Cloud Pak foundational services
Adding catalog sources for IBM Operator Catalog and IBM Cloud Pak foundational services
- Add the catalog sources with the OpenShift Container Platform console
- Add the catalog sources with the OpenShift CLI
- Add the catalog sources with the OpenShift Container Platform console
-
- Add the catalog source for the IBM Operator Catalog.
- Click the Import YAML plus (+) icon in the console toolbar to open the Import YAML page.
- Paste the following text:
apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: name: ibm-operator-catalog namespace: openshift-marketplace spec: displayName: IBM Operator Catalog publisher: IBM sourceType: grpc image: icr.io/cpopen/ibm-operator-catalog updateStrategy: registryPoll: interval: 45m
- Click Create.
- Add the catalog source for IBM Cloud Pak
foundational services.
- Click +.
- Paste the following text:
apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: name: opencloud-operators namespace: openshift-marketplace spec: displayName: IBMCS Operators publisher: IBM sourceType: grpc image: icr.io/cpopen/ibm-common-service-catalog:latest updateStrategy: registryPoll: interval: 45m
- Click Create.
- Verify that the catalog sources are added to your cluster.
- From the navigation menu, click .
- Click the Global Configuration tab.
- Click OperatorHub.
- Click the Sources tab.
- Verify that the new catalog sources are shown.
- Add the catalog source for the IBM Operator Catalog.
- Add the catalog sources with the Red Hat OpenShift CLI
-
- Add the catalog source for the IBM Operator Catalog.
- Create a YAML file and add the following resource definition:
apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: name: ibm-operator-catalog namespace: openshift-marketplace spec: displayName: IBM Operator Catalog publisher: IBM sourceType: grpc image: icr.io/cpopen/ibm-operator-catalog updateStrategy: registryPoll: interval: 45m
- Add the catalog source by running the following command, replacing
<filename>
with the file that you created.oc apply -f <filename>
- Create a YAML file and add the following resource definition:
- Add the catalog source for IBM Cloud Pak
foundational services.
- Create a YAML file and add the following resource definition:
apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: name: opencloud-operators namespace: openshift-marketplace spec: displayName: IBMCS Operators publisher: IBM sourceType: grpc image: icr.io/cpopen/ibm-common-service-catalog:latest updateStrategy: registryPoll: interval: 45m
- Add the catalog source by running the following command, replacing
<filename>
with the file that you created.oc apply -f <filename>
- Create a YAML file and add the following resource definition:
- Verify that the catalog sources are added, and are returned with the following
command:
oc get CatalogSources ibm-operator-catalog opencloud-operators -n openshift-marketplace
- Add the catalog source for the IBM Operator Catalog.
Install and configure a certificate manager
Certificate managers manage the lifecycles of digital certificates, such as TLS and SSL certificates. To ensure the stability of network services, certificate managers automatically issue, renew, and deploy these certificates to endpoints. Before you install IBM Cloud Pak for Network Automation, you must install a certificate manager.
The recommended certificate manager for the IBM Cloud Pak is IBM Certificate Manager. For information about how to install IBM Certificate Manager, see Installing IBM Cert Manager. For information about how to configure IBM Certificate Manager resources after installation, including the steps to customize the hardware profile, see Configuring IBM Cert Manager.
Alternatively, you can install the cert-manager
operator
for Red Hat
OpenShift Container
Platform. For more information, see
Installing the cert-manager Operator for Red Hat OpenShift (Red Hat OpenShift Container
Platform 4.16).
Optional: Create a secret for custom Site Planner plug-ins
If you want to use custom Site Planner plug-ins, you must create a plug-in manifest and a secret that includes the manifest contents. You must also update the custom resource (CR). You can configure these items before or after you install Site Planner. For more information, see Installing plug-ins.
Optional: Consider the storage requirements for application logging
Application logging is installed automatically when you install IBM Cloud Pak for Network Automation. The Cloud Pak uses OpenSearch to store application logging data. Depending on your application logging storage requirements, you might want to adjust the OpenSearch configuration.
It is difficult to change the OpenSearch configuration after the Cloud Pak is installed. Therefore, consider the configuration that best suits your storage requirements before you install the Cloud Pak.
You can configure the OpenSearch settings in the Cloud Pak CR. For more information, see Custom resources.
Optional: Set up the dependencies for accessing the IBM Cloud Pak via a customized hostname or IP address
The default hostnames that are generated by Red Hat OpenShift to access IBM Cloud Pak services are long and difficult to remember. If you want, you can customize the hostnames that you use to access these services.
You can use the customized hostnames to access the services via the default domain where your cluster is located, or via a customized domain.
If you want to use a customized domain, you must complete prerequisite steps, such as choosing the domain name, creating an ingress controller, and assigning an IP address to the controller.
Regardless of which domain you use, you must update CR settings to specify the domain and the customized service hostnames. For detailed steps, see Accessing the IBM Cloud Pak via a customized hostname or IP address.