IBM Fusion HCI System comes with the bootstrapping
software that is installed from the factory. The IBM support representative completes the initial
verification and physically connects the system to network and power. Then, they conduct the network
setup of the appliance, which connects the appliance to the data center network. This procedure
configures all the default nodes (three controllers and three compute nodes). If you ordered more
nodes, then they get installed as well. Use this information to install IBM Fusion HCI System. Finally, Storage and Backup software get
installed on these nodes.
Before you begin
- IBM Fusion HCI System requires Red Hat® OpenShift® Container Platform. If you purchased OpenShift subscriptions from IBM, see Activating Red Hat OpenShift Container Platform subscriptions purchased from IBM.
For the supported version of Red Hat OpenShift Container Platform, see
Support
matrix.
- Before the installation of IBM Fusion HCI System, enable IBM Fusion HCI System Software to be downloaded. For steps to
enable, see Activating IBM Fusion HCI System Software to be downloaded.
- Go through the installation prerequisites and ensure that they are all met
before you go ahead with your installation. See Installation prerequisites.
- For the installation sequence in a disaster recovery setup, see Installing IBM Fusion HCI System in a disaster recovery setup.
- If you would like to enable remote support so that the IBM Support team can assist with the
installation, follow these steps:
- In the title bar, click .
- Enter the contact information, optional proxy server details, and enable the remote support
option. After you enable the remote support, you can start or stop remote sessions. For the actual
procedure, see Enabling remote
support.
If you have proxy connection, you can use this remote support feature for offline installation
also.
Procedure
-
Go to the URL provided by your IBM Systems Support Representative (SSR).
The format
of the URL is
https://<host IP address>:3000/isfsetup
.
Note: If you close your
browser anytime before the completion of stage 2, then open the URL again to go back to its last
state.
Important: Do not add, change, or remove any files at any time.
- In Login, enter the Username and
Password and click Log in.
The default credentials are Username
service-node-client and Password
passw0rd.
- In the License agreement window, select I accept
the license agreement.
- In the Create your service node login page, create your service node
credentials and click Next.
Important: You need to create new credentials because the default credentials are
deleted as soon as the stage 2 installation begins.
Configure network:
The Network
precheck page runs an automatic network check against all nodes in the appliance. It
checks whether each node has an assigned IP address and hostname.
- Check whether you can see all your nodes in Connected state.
In a high-availability cluster, it displays all the nodes present in all three racks. If
you observe all your nodes in connected state, go to step
6. Any
nodes that do not pass the network check shows in
Disconnected status.
- If one or more nodes are in a Disconnected state, do the
following steps:
- Work with your network team and confirm that the DNS and DHCP are configured for all
nodes in the appliance.
- After you make all the changes to DHCP or DNS, click Retry pre-check
connection to initiate a new network check.
- Click Next.
- In the OpenShift version page, select the version of the
OpenShift and click
Next.
Important: The 4.15.22 and 4.16.4 versions are available in 2.9.0 release. If you
configured your rack with Data Foundation storage, then
only 4.16.4 is available. With Global Data Platform storage,
you can see both the options.
- Set up your image registry:
If you want to use your
private image registry, you can install both
Red Hat
OpenShift and
IBM Fusion HCI System software from images, which are maintained
in a container registry that you manage. If you do not want to use your enterprise registry, then
skip this step to install
Red Hat OpenShift Container Platform and
IBM Fusion software by using the images that are hosted
in the Red Hat and IBM entitled registries.
Important: Support is available for
self signed, custom certificates, and certificates signed by a
well known CA authority.
- Choose whether to use the Public image
registry or Private image registry
option.
Choice |
Procedure |
Public image registry |
To use the public image registry, you need a pull secret and an entitlement key.
- Enter the OpenShift Pull secret. It is an
authorization token that stores Docker credentials that you can use to access a registry. Your
cluster needs this secret to access and pull OpenShift images from the
quay.io container registry. If you do not have a pull secret, click
Get Pull secret. It takes you to https://cloud.redhat.com/openshift/install/pull-secret.
- Enter the IBM entitlement key. It is a product code
that is used to pull images from IBM Entitlement Registry. Your cluster needs this key to gain
access to IBM Fusion images in the IBM Entitlement
Registry. If you do not have a key, click Get Entitlement
key. It takes you to IBM
Container Library. For steps to obtain the key, see the Activating IBM Fusion HCI System Software to be downloaded.
|
Private image registry |
If you select the Private image registry, then first mirror the Red Hat and IBM Fusion images to your private registry. For more
information about mirroring, see End-to-end mirroring images of IBM Fusion HCI System and its services to the enterprise registry.You can choose to host the
Red Hat and IBM Fusion images in separate repositories, or use the
same repository.
|
- For both OpenShift images repository and
IBM Fusion images repository, if you need to use a proxy to connect to the
external network, then select the Connect through a proxy
option.
If you select the Use the same proxy configured
for support connections option, then the values for host address, Port, Username, and
Password get populated based on the values you provided earlier in the stage 1 installation. If you
do not want to choose the option, then enter the URL for the proxy server in the Host
address field. If your proxy requires authentication, then enter a
Username and Password.
- Click Next.
If there are any missing images, then an
error message is displayed. Click the View details link to know the details
of the missing images. Correct the missing image error and click Next. This
error can also occur when the IBM Fusion or the OpenShift server is temporarily down.
- Configure network - OpenShift network and storage network.
The
Network settings page shows the OpenShift network to setup OpenShift, as well as the storage configuration
for the internal storage network of IBM Fusion.
- Optional: Ingress certificate:
The Ingress certificate page
allows you to optionally configure a custom certificate for OpenShift.
- Click the Configure now toggle to off to configure OpenShift with a self-signed certificate.
By default, the
Configure now toggle is set to on. However, it is
recommended that you upload a certificate that is provided by Certificate Authority (CA). Applying a
custom certificate during the installation ensures that the certificate is used immediately by
OpenShift. If you do not apply custom
certificate during installation, then you can do it later from
OpenShift. For more information about how to
apply custom certificate from
OpenShift, see
Ingress Operator in OpenShift.
- Drag and drop to upload a .crt file of a size that does not
exceed 1 MB or enter the details as text input.
- Enter the Private key and click Next.
The OpenShift initialization page gets
displayed.
- Click Finish.
- Cluster initialization and next steps.
The final step of
this phase of installation is to create a three node Red Hat
OpenShift cluster and install IBM Fusion software. This minimal cluster is used in the
next phase of the installation to orchestrate building out the cluster and configuring storage for
IBM Fusion HCI System.
- Monitor the progress of the OpenShift cluster.
In case of
failures, collect logs to analyze the errors. Click Learn more link to see
details about the error and steps to troubleshoot the issue. After you fix the issue, click
Retry. If you need to change any information entered in previous install
steps, click Change install settings.
After the OpenShift cluster gets successfully created, you
can view the credentials for the OpenShift
cluster.
- In the section, click Download Password and
CoreOS key to download and save the kubeadmin password and CoreOS key.
Note down the credentials before the installation proceeds with the next phase as you
cannot access the
OpenShift cluster without
these credentials. It is also essential for debugging, system recovery, and reimaging or resetting.
In the
Downloading Password and CoreOS key window, confirm that you have saved
the Password and CoreOS key, and click
Continue.
Note: For security reasons,
after you download the password and CoreOS key, all the files that have credentials get deleted,
such as kickstart, inventory. If there is a failure, then a error message is displayed with details.
Fix the error and click Retry link. If retry does not solve the problem, see
Delete files from provisioned node.
A window
displays the progress of the deletion of all the sensitive service node files. After completion, the
window closes automatically and returns to the final page of the installation.
- To retrieve the password from the downloaded file in the future, run the following
commands:
- Go to the Downloads folder:
cd ~/Downloads
- List the files in the folder:
ls -ltr
- Extract the contents of ocpkeys compressed file.
- Go to the auth folder:
cd clusterconfigs/auth
- Open kubeadmin-password in edit mode and copy the password:
vi kubeadmin-password
- Go to the extracted folder /install, save the CoreOS
Key:
id_rsa
- In the installation folder, id_rsa is a CoreOS key that can be used to
connect to CoreOS nodes. From the archive, you can also get the configuration data of the rack. For
example,
kickstart.json
. Do not make updates to these files and keep it in safe
location for the future.
- In the Login section, copy the Username
and Password and save it. Use it to log in to IBM Fusion HCI System and Red Hat
OpenShift. These credentials are configured
as single sign-on between Red Hat
OpenShift and IBM Fusion.
Note: After you save the password and download the
ocpkey.zip file, the URL
points you to the OCP address. If your URL does not automatically point to the OCP address, then
check the
Network Preparation tab in your TDA installation worksheet to ensure that the
DNS wildcard domain name is added to the DNS server. Test your connectivity with
https://DNSentryingressendpointipaddress.
- Click IBM Fusion to go to the IBM Fusion HCI System user interface.
The login page
of the IBM Fusion HCI System console displays in a new browser
tab.
- Enter the credentials that you noted down and click Log in to
resume with the installation of other Fusion services.
If you encounter errors in the OpenShift installation
wizard, see Installation issues. If you encounter errors in the
Provisioning and software installation wizard, check the
logs. For more information about accessing these logs, see Collecting log files of final installation.
Important: If there arises a need to redeploy
IBM Fusion HCI stage 2 installation in the
future, contact
Contact IBM
Support.