Expose Control Center Service

The next step is to access the Control Center service running inside the container. There are two methods to achieve this:
  1. Utilizing a LoadBalancer service
    The following sample ibm-sccm-service.yaml file for creating a LoadBalancer service:
    apiVersion: v1
kind: Service
metadata:
  name: ibm-sccm-service
  labels:
    app.kubernetes.io/name: ibm-sccm
    app.kubernetes.io/instance: ibm-sccm
    release: ibm-sccm
    author: IBM
spec:
  selector:
    app.kubernetes.io/name: ibm-sccm
    app.kubernetes.io/instance: ibm-sccm
    release: ibm-sccm
    author: IBM
  type: LoadBalancer
  externalTrafficPolicy: Local
  ports:
  - name: swing-console
    port: 58080
    targetPort: 58080
    protocol: TCP
  - name: web-console
    port: 58082
    targetPort: 58082
    protocol: TCP
  - name: web-console-secure
    port: 58083
    targetPort: 58083
    protocol: TCP
  - name: swing-console-secure
    port: 58081
    targetPort: 58081
    protocol: TCP
  sessionAffinity: ClientIP
    Note: Ensure that the port numbers in the ConfigMap file match the ones specified in the ibm-sccm-service.yaml file.
  2. Create a Kubernetes Ingress resource or an OpenShift Route in the case of an OpenShift environment
    To create a Kubernetes Ingress resource, start by creating a ClusterIP service, followed by an Ingress that will connect to the service. The following sample ibm-sccm-service.yaml file will be used for creating the service:
    apiVersion: v1
kind: Service
metadata:
  name: ibm-sccm-service
  labels:
    app.kubernetes.io/name: ibm-sccm
    app.kubernetes.io/instance: ibm-sccm
    release: ibm-sccm
    author: IBM
spec:
  selector:
    app.kubernetes.io/name: ibm-sccm
    app.kubernetes.io/instance: ibm-sccm
    release: ibm-sccm
    author: IBM
  type: ClusterIP
  ports:
  - name: swing-console
    port: 58080
    targetPort: 58080
    protocol: TCP
  - name: web-console
    port: 58082
    targetPort: 58082
    protocol: TCP
  - name: web-console-secure
    port: 58083
    targetPort: 58083
    protocol: TCP
  - name: swing-console-secure
    port: 58081
    targetPort: 58081
    protocol: TCP
  sessionAffinity: ClientIP
    Invoke the following command to create a Kubernetes service resource:
    $ oc create -f ibm-sccm-service.yaml -n ibm-sccm
    Validate that the service has been bound with the pod, and endpoints have been generated using the following command:
    $ oc describe svc ibm-sccm-service -n ibm-sccm

Ingress

If an Ingress resource needs to be created, use the following file, ibm-sccm-ingress.yaml. Here is the sample file for the Ingress resource:
apiVersion: networking.k8s.io/v1 
kind: Ingress
metadata:
  name: ibm-sccm-ingress 
  labels:
    app.kubernetes.io/name: ibm-sccm 
    app.kubernetes.io/instance: ibm-sccm
  annotations:
    nginx.ingress.kubernetes.io/secure-backends: "true" 
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" 
    nginx.ingress.kubernetes.io/affinity: "cookie" 
    nginx.ingress.kubernetes.io/session-cookie-name: "route" 
    nginx.ingress.kubernetes.io/session-cookie-hash: "sha1" 
    nginx.ingress.kubernetes.io/use-regex: "true" 
    nginx.ingress.kubernetes.io/session-cookie-path: "/" 
    nginx.org/ssl-services: "ibm-sccm-service" 
    ingress.kubernetes.io/secure-backends: "true" 
    ingress.kubernetes.io/force-ssl-redirect: "true" 
    ingress.kubernetes.io/backend-protocol: "HTTPS" 
    ingress.kubernetes.io/affinity: "cookie" 
    ingress.kubernetes.io/session-cookie-name: "route" 
    ingress.kubernetes.io/session-cookie-hash: "sha1" 
    ingress.kubernetes.io/use-regex: "true" 
    ingress.kubernetes.io/session-cookie-path: "/"
spec:
  ingressClassName: nginx 
  tls:
    - hosts:
    - "<hostname to be used to access application>"
  secretName: "ibm-sccm-tls"  # TLS secret created in secret section 
  rules:
    - host: "<hostname to be used to access application>" 
      http:
        paths:
          - path: / 
            pathType: Prefix 
            backend:
              service:
                name: ibm-sccm-service 
                port:
                  number: 58083 #<port value given in webHttpsPort in configmap >

This example of an Ingress resource is based on the Nginx Ingress Controller. You can choose and modify this resource for use with any other controller by adjusting parameters such as IngressClassName and the labels containing nginx.

Now, ingress file has been created, invoke the following command to create a Kubernetes ingress resource:
$ oc create -f ibm-sccm-ingress.yaml -n ibm-sccm

Route

Now, if the environment is OpenShift and routes need to be created for access (not Ingress), use the following sample file ibm-sccm-route.yaml for the OpenShift route:
apiVersion: route.openshift.io/v1 
kind: Route
metadata:
  name: ibm-sccm-route 
  labels:
    app.kubernetes.io/name: ibm-sccm 
    app.kubernetes.io/instance: ibm-sccm
  spec: 
    to:
      kind: Service 
      name: ibm-sccm-service 
      weight: 50
    port:
      targetPort: web-console-secure 
    tls:
      termination: passthrough 
      insecureEdgeTerminationPolicy: None
    wildcardPolicy: None
Execute the following command to create an OpenShift route resource using the route file created:
$ oc create -f ibm-sccm-route.yaml -n ibm-sccm