Configuring Control Center Ready to deploy using a Kubernetes Cluster

To pass the IBM Control Center configuration to the container, create a Kubernetes ConfigMap with the following details:

Sample ibm-sccm-cm.yaml file
kind: ConfigMap 
apiVersion: v1 
metadata:
  name: ibm-sccm-cm
  labels:
    app.kubernetes.io/name: ibm-sccm
    app.kubernetes.io/instance: ibm-sccm
data:
# Configuration values can be set as key-value properties 
  scc_param_file: |
    appUserUID=<user id of container>
    ccInterval=<wait time of container to restart if service not running>
    
    engineName=<Engine name prefix>
    dbDrivers=<path of database drivers from user_inputs if pvc or wrapper image is used otherwise from /app/conf/ if init container image is used>
    productEntitilement=<CCD,CCM or CCM or CCD> 
    dbType=<Database type i.e. MSSQL, Oracle or DB2> 
    dbHost=<Database hostname>
    dbPort=<Database port number> 
    dbUser=<Database Username> 
    dbName=<Database name>
    dbLoc=<yes or no whether database localization should do or not> 
    dbInit=<true or false whether database initialization has been done or not> 
    dbPartition=<true or false whether database partition has to do or not >
    mssqlGlobal=<true or false whether MSSQL globalization has to do or not> 
    
    #Port numbers of Control centers
    httpPort=<HTTP port number for swing UI> 
    webHttpPort=<HTTP port number for web UI> 
    httpsPort=<HTTPS port number for swing UI> 
    webHttpsPort=<HTTPS port number for web UI>
    
    weblistenAddress= 
    webHost=
    autoStopJavaWebAppServer=<true or false whether java web server will be stopped automatically when control center engine will be stopped>
    eventRepositoryAuth=<true or false>
    
    #Email related details 
    emailHostname=<Email server hostname> 
    emailPort=<email server port number> 
    emailUser=<email username> 
    emailRespond=<email id to respond emails>
    ccAdminEmailAddress=<cc admin email address>
    emailTLSEnabled=<SMTP is enabled or not for email, value will be true or false>
    
    oracleRacOrScan=<true or false> 
    
    #JMS related details
    jmsEnable= 
    jmsType= 
    jmsHost= 
    jmsPort= 
    jmsQueueManager= 
    jmsChannel= 
    jmsSubject= 
    jmsTopic= 
    jmsEmbedBroker=
    jmsDataDirectory= 
    jmsTimeToLive= 
    jmsRetries= 
    jmsRetryWait= 
    jmsBrokerName=
    #Secure parameters
    dbSSL=<Y or N whether DB secure SSL connection requires or not>
    
    #JRE certificate details 
    keyStore=<keystore file path> 
    trustStore=<truststore file path> 
    keyAlias=<certificate key alias>
    adminEmailAddress=<admin email address>
    
    #seas parameters 
    packagePath=../package
    seasPrimaryAddress=<SEAS Primary address> 
    seasPrimaryPort=<SEAS Primary port number> 
    seasAlternativeAddress=<SEAS Alternate Email Address> 
    seasAlternativePort=
    seasSecureConnection=N 
    seasProfileName=test 
    seasPersistentConnection=N 
    seasSecureProtocol=
Note:

Globalization is only needed if data to be stored contains multi-byte characters, which are common in character sets such as Kanji.

Database I/O performance may drop multiple orders of magnitude if globalization support is selected, so it is NOT recommended you do so with MSSQL.

If you set true for mssqlGlobal variable, then your database size can also increase significantly.

After preparing the configmap file, create a Kubernetes ConfigMap resource using the following command:
$ oc create -f ibm-sccm-cm.yaml -n ibm-sccm
Now, configmap can be verified with following command:
$ oc describe cm ibm-sccm-cm -n ibm-sccm

Updating Keystore and Truststore

For updating keystore and truststore, follow the below procedure:
  1. If certificate files are passed through persistent volumes, then following tasks needs to be done:
    1. Update path of keyStore and trustStore in ibm-sccm-cm.yaml file.
    2. Apply the file on existing configMap using below command:
      $ oc apply -f ibm-sccm-cm.yaml -n ibm-sccm
    3. Update ibm-sccm-secret secret with updated value of keystore and truststore password in base64 encoded form.
  2. If certificate files are passed through secret, then following tasks needs to be done:
    1. Delete secret ibm-sccm-certs-secret and create new one with newer certificate files.
    2. Update ibm-sccm-secret secret with updated value of keystore and truststore password in base64 encoded form.
  3. After all those task has been done, the delete pod using below command:
    $ oc delete pod ibm-sccm-statefulset-0 -n ibm-sccm

    Then new pod will be created with new keystore and truststore.