Configuring Control Center Ready to deploy using a Kubernetes Cluster
To pass the IBM Control Center configuration to the container, create a Kubernetes ConfigMap with the following details:
Sample ibm-sccm-cm.yaml
filekind: ConfigMap
apiVersion: v1
metadata:
name: ibm-sccm-cm
labels:
app.kubernetes.io/name: ibm-sccm
app.kubernetes.io/instance: ibm-sccm
data:
# Configuration values can be set as key-value properties
scc_param_file: |
appUserUID=<user id of container>
ccInterval=<wait time of container to restart if service not running>
engineName=<Engine name prefix>
dbDrivers=<path of database drivers from user_inputs if pvc or wrapper image is used otherwise from /app/conf/ if init container image is used>
productEntitilement=<CCD,CCM or CCM or CCD>
dbType=<Database type i.e. MSSQL, Oracle or DB2>
dbHost=<Database hostname>
dbPort=<Database port number>
dbUser=<Database Username>
dbName=<Database name>
dbLoc=<yes or no whether database localization should do or not>
dbInit=<true or false whether database initialization has been done or not>
dbPartition=<true or false whether database partition has to do or not >
mssqlGlobal=<true or false whether MSSQL globalization has to do or not>
#Port numbers of Control centers
httpPort=<HTTP port number for swing UI>
webHttpPort=<HTTP port number for web UI>
httpsPort=<HTTPS port number for swing UI>
webHttpsPort=<HTTPS port number for web UI>
weblistenAddress=
webHost=
autoStopJavaWebAppServer=<true or false whether java web server will be stopped automatically when control center engine will be stopped>
eventRepositoryAuth=<true or false>
#Email related details
emailHostname=<Email server hostname>
emailPort=<email server port number>
emailUser=<email username>
emailRespond=<email id to respond emails>
ccAdminEmailAddress=<cc admin email address>
emailTLSEnabled=<SMTP is enabled or not for email, value will be true or false>
oracleRacOrScan=<true or false>
#JMS related details
jmsEnable=
jmsType=
jmsHost=
jmsPort=
jmsQueueManager=
jmsChannel=
jmsSubject=
jmsTopic=
jmsEmbedBroker=
jmsDataDirectory=
jmsTimeToLive=
jmsRetries=
jmsRetryWait=
jmsBrokerName=
#Secure parameters
dbSSL=<Y or N whether DB secure SSL connection requires or not>
#JRE certificate details
keyStore=<keystore file path>
trustStore=<truststore file path>
keyAlias=<certificate key alias>
adminEmailAddress=<admin email address>
#seas parameters
packagePath=../package
seasPrimaryAddress=<SEAS Primary address>
seasPrimaryPort=<SEAS Primary port number>
seasAlternativeAddress=<SEAS Alternate Email Address>
seasAlternativePort=
seasSecureConnection=N
seasProfileName=test
seasPersistentConnection=N
seasSecureProtocol=
Note:
Globalization is only needed if data to be stored contains multi-byte characters, which are common in character sets such as Kanji.
Database I/O performance may drop multiple orders of magnitude if globalization support is selected, so it is NOT recommended you do so with MSSQL.
If you set true for mssqlGlobal variable, then your database size can also increase significantly.
After preparing the configmap file, create a Kubernetes ConfigMap resource using the
following
command:
$ oc create -f ibm-sccm-cm.yaml -n ibm-sccm
Now,
configmap can be verified with following
command:
$ oc describe cm ibm-sccm-cm -n ibm-sccm
Updating Keystore and Truststore
For updating keystore and truststore, follow the below procedure:
- If certificate files are passed through persistent volumes, then following tasks needs
to be done:
- Update path of keyStore and trustStore in
ibm-sccm-cm.yaml file.
- Apply the file on existing configMap using below
command:
$ oc apply -f ibm-sccm-cm.yaml -n ibm-sccm
- Update
ibm-sccm-secret
secret with updated value of keystore and truststore password in base64 encoded form.
- Update path of keyStore and trustStore in
- If certificate files are passed through secret, then following tasks needs to be
done:
- Delete secret
ibm-sccm-certs-secret
and create new one with newer certificate files. - Update
ibm-sccm-secret
secret with updated value of keystore and truststore password in base64 encoded form.
- Delete secret
- After all those task has been done, the delete pod using below
command:
$ oc delete pod ibm-sccm-statefulset-0 -n ibm-sccm
Then new pod will be created with new keystore and truststore.