Preparing to install IBM Cloud Pak for Network Automation Orchestration Manager

Complete these tasks to prepare for your installation of IBM® Cloud Pak for Network Automation Orchestration Manager.

Before you begin

Review the Planning information.

For any steps that use the Red Hat® OpenShift® Container Platform command-line interface (CLI), run the oc login command to log in to your Red Hat OpenShift cluster.

Set up the installation dependencies

Ensure that you have the following dependencies set up:

  1. OpenShift Container Platform must be installed and running on a supported architecture. For detailed steps, see Installing Red Hat software. For more information about the required architecture and platform, see Hardware requirements and supported architectures.
  2. Install the Red Hat OpenShift command-line interface (CLI).

    Install the Red Hat OpenShift CLI, oc_cli on your cluster's boot node and run oc login, following the instructions in Getting started with the OpenShift CLI (Red Hat OpenShift Container Platform 4.16). If you are using a different version of Red Hat OpenShift, select the appropriate version on the Red Hat OpenShift documentation page.

Configure storage

The storage configuration must satisfy your sizing requirements. You must define storage classes in Red Hat OpenShift Container Platform and set your storage configuration to satisfy your sizing requirements.

For more information, see Hardware requirements and Storage requirements.

Create the ibm-common-services namespace

This procedure is required only if you are installing IBM Cloud Pak for Network Automation Orchestration Manager in All namespaces on the cluster installation mode. If you are installing in this installation mode, you must first create the ibm-common-services namespace.

Important: You must create the ibm-common-services namespace with this exact name. Any other name impacts the installation.

Use either of the following methods to create the ibm-common-services namespace:

Create a project with the OpenShift Container Platform console.
  1. Log in to your OpenShift Container Platform cluster console.
  2. In the navigation menu, click Home > Projects.
  3. Click Create Project.
  4. Specify ibm-common-services as the project name and click Create.
Create a namespace with the Red Hat OpenShift CLI.
Run the following command:
oc create namespace ibm-common-services

Create a custom namespace

Use either of the following methods to create a namespace or project into which you can install IBM Cloud Pak for Network Automation Orchestration Manager. A project is a Kubernetes namespace.

Create a project with the OpenShift Container Platform console.
  1. Log in to your OpenShift Container Platform cluster console.
  2. In the navigation menu, click Home > Projects.
  3. Click Create Project.
  4. Enter the project name and click Create.
Create a namespace with the Red Hat OpenShift CLI.
Run the following command, where <namespace> is the namespace that you want to create:
oc create namespace <namespace>

Create the entitlement key secret

Complete the following steps to create a docker-registry secret to enable your deployment to pull operand images from the IBM Entitled Registry.
  1. Obtain the entitlement key that is assigned to your IBMid. For more information, see Obtaining an entitlement key.
  2. Create an image pull secret called ibm-entitlement-key. You can use either of the following methods.
    Create the secret with the OpenShift Container Platform console.
    1. From the navigation menu, click Workloads > Secrets.
    2. From the Project list, select the project that you want to create the instance in.

      A project is a Kubernetes namespace. Select the namespace that you created in the step Create a custom namespace.

    3. On the Secrets page, click Create and select Image Pull Secret.
    4. Enter the following values:
      • In the Secret Name field, enter ibm-entitlement-key.
      • In the Registry Server Address field, enter cp.icr.io.
      • In the Username field, enter cp.
      • In the Password field, enter the entitlement key that you copied in step 1.
    5. Click Create.
    Create the secret with the Red Hat OpenShift CLI.
    From the Red Hat OpenShift CLI, run the following command to create an image pull secret called ibm-entitlement-key:
    oc create secret docker-registry ibm-entitlement-key \
        --docker-username=cp \
        --docker-password=<entitlement-key> \
        --docker-server=cp.icr.io \
        --namespace=<namespace>
    Where:
    • <entitlement-key> is the entitlement key that you copied in step 1.
    • <namespace> is the namespace that you created in the step Create a custom namespace.

Expose metrics for Prometheus

Prometheus is a monitoring and alerting toolkit and is deployed by default on Red Hat OpenShift Container Platform clusters. Before the orchestration metrics can be collected and stored in Prometheus, you must expose the metric endpoints to Prometheus.

To enable Prometheus to collect the metrics, you must deploy the cluster-monitoring-config and user-workload-monitoring-config configmaps, as documented in the following steps.

Expose metrics for Prometheus with the OpenShift Container Platform console.
  1. Click the Import YAML plus (+) icon in the console toolbar to open the Import YAML page.
  2. Paste the following text:
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: cluster-monitoring-config
      namespace: openshift-monitoring
    data:
      config.yaml: |
        enableUserWorkload: true
    ---
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: user-workload-monitoring-config
      namespace: openshift-user-workload-monitoring
    data:
      config.yaml: |
  3. Click Create.
Expose metrics for Prometheus with the Red Hat OpenShift CLI.
  1. Create a YAML file and add the following configuration information:
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: cluster-monitoring-config
      namespace: openshift-monitoring
    data:
      config.yaml: |
        enableUserWorkload: true
    ---
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: user-workload-monitoring-config
      namespace: openshift-user-workload-monitoring
    data:
      config.yaml: |
  2. Deploy the configmaps by running the following command:
    oc apply -f <filename>

For more information about how to configure monitoring for your cluster, see Enabling monitoring for user-defined projects (Red Hat OpenShift Container Platform 4.16).

Add the catalog sources

Before you can install IBM Cloud Pak for Network Automation Orchestration Manager, you must add the following catalog sources to your cluster:
  • IBM Operator Catalog
  • IBM Cloud Pak foundational services
Tip: You must be a cluster administrator to add catalog sources to a cluster.

Adding catalog sources for IBM Operator Catalog and IBM Cloud Pak foundational services

You can add the catalog sources with either of the following methods:
Add the catalog sources with the OpenShift Container Platform console
  1. Add the catalog source for the IBM Operator Catalog.
    1. Click the Import YAML plus (+) icon in the console toolbar to open the Import YAML page.
    2. Paste the following text:
      apiVersion: operators.coreos.com/v1alpha1
      kind: CatalogSource
      metadata:
        name: ibm-operator-catalog
        namespace: openshift-marketplace
      spec:
        displayName: IBM Operator Catalog
        publisher: IBM
        sourceType: grpc
        image: icr.io/cpopen/ibm-operator-catalog
        updateStrategy:
          registryPoll:
            interval: 45m
    3. Click Create.
  2. Add the catalog source for IBM Cloud Pak foundational services.
    1. Click +.
    2. Paste the following text:
      apiVersion: operators.coreos.com/v1alpha1
      kind: CatalogSource
      metadata:
        name: opencloud-operators
        namespace: openshift-marketplace
      spec:
        displayName: IBMCS Operators
        publisher: IBM
        sourceType: grpc
        image: icr.io/cpopen/ibm-common-service-catalog:latest
        updateStrategy:
          registryPoll:
            interval: 45m
    3. Click Create.
  3. Verify that the catalog sources are added to your cluster.
    1. From the navigation menu, click Administration > Cluster Settings.
    2. Click the Global Configuration tab.
    3. Click OperatorHub.
    4. Click the Sources tab.
    5. Verify that the new catalog sources are shown.
Add the catalog sources with the Red Hat OpenShift CLI
  1. Add the catalog source for the IBM Operator Catalog.
    1. Create a YAML file and add the following resource definition:
      apiVersion: operators.coreos.com/v1alpha1
      kind: CatalogSource
      metadata:
        name: ibm-operator-catalog
        namespace: openshift-marketplace
      spec:
        displayName: IBM Operator Catalog
        publisher: IBM
        sourceType: grpc
        image: icr.io/cpopen/ibm-operator-catalog
        updateStrategy:
          registryPoll:
            interval: 45m
    2. Add the catalog source by running the following command, replacing <filename> with the file that you created.
      oc apply -f <filename>
  2. Add the catalog source for IBM Cloud Pak foundational services.
    1. Create a YAML file and add the following resource definition:
      apiVersion: operators.coreos.com/v1alpha1
      kind: CatalogSource
      metadata:
        name: opencloud-operators
        namespace: openshift-marketplace
      spec:
        displayName: IBMCS Operators
        publisher: IBM
        sourceType: grpc
        image: icr.io/cpopen/ibm-common-service-catalog:latest
        updateStrategy:
          registryPoll:
            interval: 45m
    2. Add the catalog source by running the following command, replacing <filename> with the file that you created.
      oc apply -f <filename>
  3. Verify that the catalog sources are added, and are returned with the following command:
    oc get CatalogSources ibm-operator-catalog opencloud-operators -n openshift-marketplace

Install and configure a certificate manager

Certificate managers manage the lifecycles of digital certificates, such as TLS and SSL certificates. To ensure the stability of network services, certificate managers automatically issue, renew, and deploy these certificates to endpoints. Before you install IBM Cloud Pak for Network Automation, you must install a certificate manager.

The recommended certificate manager for the IBM Cloud Pak is IBM Certificate Manager. For information about how to install IBM Certificate Manager, see Installing IBM Cert Manager. For information about how to configure IBM Certificate Manager resources after installation, including the steps to customize the hardware profile, see Configuring IBM Cert Manager.

Alternatively, you can install the cert-manager operator for Red Hat OpenShift Container Platform. For more information, see Installing the cert-manager Operator for Red Hat OpenShift (Red Hat OpenShift Container Platform 4.16).

Optional: Create a secret for custom Site Planner plug-ins

If you want to use custom Site Planner plug-ins, you must create a plug-in manifest and a secret that includes the manifest contents. You must also update the custom resource (CR). You can configure these items before or after you install Site Planner. For more information, see Installing plug-ins.

Optional: Consider the storage requirements for application logging

Application logging is installed automatically when you install IBM Cloud Pak for Network Automation. The Cloud Pak uses OpenSearch to store application logging data. Depending on your application logging storage requirements, you might want to adjust the OpenSearch configuration.

It is difficult to change the OpenSearch configuration after the Cloud Pak is installed. Therefore, consider the configuration that best suits your storage requirements before you install the Cloud Pak.

You can configure the OpenSearch settings in the Cloud Pak CR. For more information, see Custom resources.

Optional: Set up the dependencies for accessing the IBM Cloud Pak via a customized hostname or IP address

The default hostnames that are generated by Red Hat OpenShift to access IBM Cloud Pak services are long and difficult to remember. If you want, you can customize the hostnames that you use to access these services.

You can use the customized hostnames to access the services via the default domain where your cluster is located, or via a customized domain.

If you want to use a customized domain, you must complete prerequisite steps, such as choosing the domain name, creating an ingress controller, and assigning an IP address to the controller.

Regardless of which domain you use, you must update CR settings to specify the domain and the customized service hostnames. For detailed steps, see Accessing the IBM Cloud Pak via a customized hostname or IP address.