Deploying the Guardium Data Security Center instance

Procedure

  1. Create a YAML file by using this example.
    When you create the file, name it gi-custom-eks.yaml and edit the following parameters.
    hostName: HOST_NAME # example - namespace.apps.cluster_name.guardium-data-security-center.com
     domainName: DOMAIN_NAME # example - apps.cluster_name.guardium-data-security-center.com
     namespace: NAMESPACE # staging
     ics: namespace: staging # it should be the same the GI for CPFS v4.X
     size: # e.g. values-dev
     image:
       insightsPullSecret: ibm-entitlement-key
       repository: cp.icr.io/cp/ibm-guardium-data-security-center
  2. Apply the YAML (assuming that the name of the file is gdsc-custom-eks.yaml).
    oc apply -f gdsc-custom-eks.yaml
  3. Monitor until the Guardium Data Security Center custom resource (CR) is completed reconciliation.
    kubectl get gdsc -w
    NAME      TYPE    STATUS   REASON     MESSAGE                    DESIRED_VERSION   INSTALLED_VERSION
    
    staging   Ready   True     Complete   Completed Reconciliation   3.6.0             3.5.0
  4. Verify the tenant creation.
    kubectl get tenantminisnif
    NAME      TYPE    STATUS   REASON     MESSAGE                    DESIRED_VERSION   INSTALLED_VERSION
    staging   Ready   True     Complete   Completed Reconciliation   3.6.0             3.5.0
  5. Verify that all Ingress manifests are deployed successfully.
    kubectl get ing -A
    
    staging-apigateway-api                           nginx    staging.apps.reza.guardium-data-security-center.com                                       a03d8e1389f6d45c59cf02906092cb18-33ff0d06be12646a.elb.us-east-2.amazonaws.com   80, 443   7d4h
    staging-apigateway-docs                          nginx    staging.apps.reza.guardium-data-security-center.com                                       a03d8e1389f6d45c59cf02906092cb18-33ff0d06be12646a.elb.us-east-2.amazonaws.com   80, 443   7d4h
    staging-data-security-center                     nginx    staging.apps.reza.guardium-data-security-center.com                                       a03d8e1389f6d45c59cf02906092cb18-33ff0d06be12646a.elb.us-east-2.amazonaws.com   80, 443   7d4h
    staging-s3                                       nginx    s3.staging.apps.reza.guardium-data-security-center.com                                    a03d8e1389f6d45c59cf02906092cb18-33ff0d06be12646a.elb.us-east-2.amazonaws.com   80, 443   7d3h
    staging-ssh-service                              <none>   staging.apps.reza.guardium-data-security-center.com                                                                                                                       80, 443   7d4h
    staginghqnqfuadjx5beysunqcpnw-snif-picker-feed   nginx    feed-hqnqfuadjx5beysunqcpnw-staging.staging.apps.reza.guardium-data-security-center.com   a03d8e1389f6d45c59cf02906092cb18-33ff0d06be12646a.elb.us-east-2.amazonaws.com   80        7d2h
    staginghqnqfuadjx5beysunqcpnw-snif-picker-unix   nginx    unix-hqnqfuadjx5beysunqcpnw-staging.staging.apps.reza.guardium-data-security-center.com   a03d8e1389f6d45c59cf02906092cb18-33ff0d06be12646a.elb.us-east-2.amazonaws.com   80        7d2h