Checking QRadar Suite Software deployment status

IBM Security QRadar® Suite Software provides an action to check the deployment status of QRadar Suite Software components.

Before you begin

Install the command-line interface (CLI) utility cpctl from the cp-serviceability pod. For more information, see Installing the cpctl utility.

About this task

The check_deployment action queries and reports the status of the following QRadar Suite Software components:

Deployment values: Reports the values of QRadar Suite Software installation parameters.
Secrets: Reports the status of the four secrets that are crucial for QRadar Suite Software installation. These secrets are platform, truststore, ingress, and pull secrets.
Persistent Volume Claims: Reports if any PVCs are in the Unbound state.
Persistent Volumes: Reports if any PVs are in the Unbound state.
Pods: Reports any pods that are not in either a Running or Completed state.
Route: Checks for the existence of the isc-route-default route.
Certificate: Runs a cURL request to the default route and reports if a 401 error exists.
Custom Resources: Reports the status of QRadar Suite Software Custom Resources.

Procedure

To make sure that the list of available cpctl actions is up to date, enter the following command.
```
cpctl load
```
The cpctl load command retrieves all available actions that can be run on QRadar Suite Software. The actions are cached to your local environment.
To run the check_deployment action, enter the following command. No parameters are required.
```
cpctl diagnostics check_deployment --token "$(oc whoami -t)"
```

Results

All output is sent to your console session.

The output provides overall information about resource health and reports any unexpected errors on the cluster. If the action does not complete successfully, capture the console output in a file and contact IBM Support.

Example

The following report is an example of the output when the action is completed. This sample indicates problems with PV and pod status.

./cpctl diagnostics check_deployment --token $(oc whoami -t) 
Executing playbook check_deployment.yaml

- localhost on hosts: localhost -
Gathering Facts...
  localhost ok
[Login] Validate...
[Login] Token...
  localhost done | stdout: 
[INFO] Logging in via token...
Check if passed flagged...
Set CP4S namespace...
  localhost ok
Get CP4S Foundations Custom Resource...
  localhost ok
Offering capability...
  localhost ok
Set Capability if its defined...
Reduce services to EDR offerings...
Collecting service list...
  localhost ok
  localhost ok
included: /etc/ansible/roles/infra/deployed_applications/tasks/check_cr.yaml for localhost => (item=(censored due to no_log))
Set Value...
  localhost ok
Check if check is defined...
  localhost ok
Get "{{ service.check.kind }}" "{{ service.check.name }}"...
Is custom resource deployed...
Add custom resource to cache if defined...
Check for custom resource value...
Set fact...
Remove excluded element from services list...
Reset Values...
Build list of present applications...
Show applications on the cluster...
Collecting service list...
  localhost ok
  localhost ok
List services to query...
  localhost ok: {
    "changed": false,
    "msg": [
        "[INFRA] Infrastructure"
    ]
}
Querying service checks...
  localhost ok
  localhost ok
included: /etc/ansible/roles/infra/cp4s.application.check/tasks/check.yml for localhost => (item=(censored due to no_log))
Querying service checks...
  localhost ok
included: roles/infra/check_status for localhost
Get cp4s namespace...
status check...
  localhost ok | stderr: I1127 17:23:52.330698     411 request.go:696] Waited for 1.002423794s due to client-side throttling, not priority and fairness, request: GET:https://172.30.0.1:443/apis/apps/v1/namespaces/cp4s/statefulsets
Listing failed services...

- Play recap -
  localhost                  : ok=13   changed=1    unreachable=0    failed=0    rescued=0    ignored=