Enabling and disabling IBM Cloud Private management services

After you install IBM® Cloud Private, you can disable the custom-metrics-adapter, image-security-enforcement, service-catalog, metering, and monitoring services if they are not needed. These services were enabled during installation. The istio, vulnerability-advisor, storage-glusterfs, and storage-minio services are disabled by default.

Required user type or access level: Cluster administrator or team administrator.

If you are disabling a service, you must configure the helm command line interface (CLI) as an Admin user. For more information about configuring the Helm CLI, see Installing the Helm CLI (helm).

You can disable the following management services in the config.yaml file:

• custom-metrics-adapter
• image-security-enforcement
• istio,metering
• logging
• monitoring
• service-catalog
• storage-minio
• storage-glusterfs
• vulnerability-advisor

1. If you are upgrading to version 3.1, or later, you must reformat the management services section in the config.yaml file before you upgrade. The section of the file before the upgrade reads similar to the following example:

      disabled_management_services:["istio","vulnerability-advisor","custom-metrics-adapter"]
   

   The section of the file after the changes for the upgrade reads similar to the following example:

      management-services:
        istio: disabled
        vulnerability-advisor: disabled
        custom-metrics-adapter: disabled
   

   Note: If you enabled vulnerability-advisor on the previous version, ensure that the vulnerability-advisor parameter is set to enabled in the management-services section of the config.yaml file after the upgrade.

2. To specify a service to disable, add the service to the management_services parameter list in the config.yaml file. You can also change the setting for listed service to disabled.

3. To specify a service to enable, remove the service from the management_services parameter list in the config.yaml file. You can also indicate that it is enabled by changing the disabled setting to enabled.

   Note: If you are enabling the vulnerability-advisor, deploy the new vulnerability advisor (VA) nodes. For more information about deploying the new VA nodes, see Adding an IBM Cloud Private cluster node.

4. Run the add-on command to enable or disable the service on your CPU architecture:

    docker run --rm -t -e LICENSE=accept --net=host -v $(pwd):/installer/cluster ibmcom/icp-inception-$(uname -m | sed 's/x86_64/amd64/g'):3.1.1-ee addon
   

   If IBM Cloud Private is installed with OpenShift, run the following command to enable or disable the service:

    sudo docker run -t --net=host -e LICENSE=accept -v $(pwd):/installer/cluster ibmcom/icp-inception-$(uname -m | sed 's/x86_64/amd64/g'):3.1.1-rhel-ee install-on-openshift