Installing IBM Cloud Pak foundational services
Install the IBM Cloud Pak® foundational services.
Install IBM Cloud Pak foundational services
Procedure
- Download the Container Application Software for Enterprises (CASE) package and create a local directory for the CASE bundle:
export LOCAL_CASE_DIR=$HOME/offline mkdir $LOCAL_CASE_DIR - Specify the CASE version that is supported for the version of Guardium®
Insights that you are installing (see Container Application Software for Enterprises (CASE) version support). For example, if you are installing Guardium
Insights Version 3.2.0, you will specify the 2.2.0 bundle
file:
export CASE_VERSION=<CASE_VERSION> export CASE_ARCHIVE=ibm-guardium-insights-$CASE_VERSION.tgz - Save the CASE bundle locally:
cloudctl case save \ --case https://github.com/IBM/cloud-pak/raw/master/repo/case/ibm-guardium-insights/$CASE_VERSION/$CASE_ARCHIVE \ --outputdir $LOCAL_CASE_DIR --tolerance 1The output that you receive will be similar to:
Downloading and extracting the CASE ... - Success Retrieving CASE version ... - Success Validating the CASE ... [warn] - certifications/ibmdefault.yaml: validation error: Certification file name [ibmdefault] not currently in supported list: [ibmmc, ibmccs, ibmccscp, ibmccp, ecomc, ecoccs] [warn] - certifications/ibmdefault.yaml: validation error: The certification file ibmdefault.yaml is not listed under the certifications parameter in case.yaml [review] - Validation review found in inventory/db2uOperatorSetup/resources.yaml: image ibmcom/ibm-db2uoperator-catalog has "catalog" in its image name with no catalog information in its metadata Validating the signature for the ibm-guardium-insights CASE... - Success Creating inventory ... - Success Finding inventory items - Success Resolving inventory items ... Parsing inventory items Validating the signature for the ibm-db2uoperator CASE... Validating the signature for the ibm-cp-common-services CASE... Validating the signature for the ibm-auditlogging CASE... Validating the signature for the ibm-cert-manager CASE... Validating the signature for the ibm-cs-commonui CASE... Validating the signature for the ibm-events-operator CASE... Validating the signature for the ibm-cs-healthcheck CASE... Validating the signature for the ibm-cs-iam CASE... Validating the signature for the ibm-zen CASE... Validating the signature for the ibm-licensing CASE... Validating the signature for the ibm-management-ingress CASE... Validating the signature for the ibm-cs-mongodb CASE... Validating the signature for the ibm-cs-monitoring CASE... Validating the signature for the ibm-platform-api-operator CASE... Validating the signature for the ibm-cloud-databases-redis CASE... - SuccessNote: If you encounter an error similar to this:No Case registries found for case ibm-cert-manager->=1.3.0 <1.3.1.tgz with the given repository URL information FAILEDYou may be experiencing a temporary communication problem with the remote repository. Wait a few minutes and try again.
- Create a namespace for Cloud Pak foundational services. The recommended namespace to use is
ibm-common-services.oc create namespace ibm-common-services - Install the Cloud Pak foundational services catalog:
cloudctl case launch \ --case ${LOCAL_CASE_DIR}/${CASE_ARCHIVE} \ --namespace ibm-common-services \ --inventory ibmCommonServiceOperatorSetup \ --action install-catalog \ --tolerance 1 \ --args "--registry icr.io --inputDir ${LOCAL_CASE_DIR}"The output that you receive will be similar to:
Welcome to the CASE launcher Attempting to retrieve and extract the CASE from the specified location [✓] CASE has been retrieved and extracted Attempting to validate the CASE Skipping CASE validation... Attempting to locate the launch inventory item, script, and action in the specified CASE [✓] Found the specified launch inventory item, action, and script for the CASE Attempting to check the cluster and machine for required prerequisites for launching the item Checking for required prereqs... No requires section specified. Required prereqs result: OK Checking user permissions... No user rules specified. [✓] Cluster and Client Prerequisites have been met for the CASE Running the CASE ibmCommonServiceOperatorSetup launch script with the following action context: installCatalog Executing inventory item ibmCommonServiceOperatorSetup, action installCatalog : launch.sh Checking arguments for install catalog action -------------Create catalog source------------- apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: name: opencloud-operators namespace: openshift-marketplace spec: displayName: IBMCS Operators publisher: IBM sourceType: grpc image: docker.io/ibmcom/ibm-common-service-catalog:3.7.4 catalogsource.operators.coreos.com/opencloud-operators configured check for any existing operator group in ibm-common-services ... no existing operator group found -------------Create operator group------------- operatorgroup.operators.coreos.com/common-service created [✓] CASE launch script completed successfully OK - Check the pod:
oc get pods -n openshift-marketplaceThe output that you receive will be similar to:
NAME READY STATUS RESTARTS AGE 31f3978636f88f94317abfaeda289019c51d8ede961eccf079a452--1-hxjcn 0/1 Completed 0 27h 506b7a4ca92560e7e5477ca6a3ba7ba043c9e096c655a3c9b26f1f--1-s9vxv 0/1 Completed 0 27h 5c606fb3706ffc952dec40167c21a2a30267386c3ac55ae80eab64--1-bdmv8 0/1 Completed 0 27h 5eb42e591ecd3d68624765a27c4fd943afd8823876f7d23fb15350--1-bm7mm 0/1 Completed 0 27h 790a925d4f28230ddf6c7354a36b71a44ad554edd253c4c1d0667e--1-6nmsn 0/1 Completed 0 27h 79b710f855f11e8b15321220ae5768de02d89eb5cac97e013959ec--1-kzsm9 0/1 Completed 0 27h 971d8c063c69d358a198cc1a72fa5a28ad76ce0206fa903301bdfc--1-kwnsh 0/1 Completed 0 27h 98136c2138d2517266afcd61ef00289b54721a88146fe0da332186--1-x52kp 0/1 Completed 0 27h a0efcb3338053b991ce1a51c1e9498ea9f542d98af6bc630384c73--1-lkklv 0/1 Completed 0 27h b63fbd321100393a75d017ab46fa4f5c67e7075a9569da360c6444--1-6b84d 0/1 Completed 0 27h certified-operators-fn4nb 1/1 Running 0 28h community-operators-fxl55 1/1 Running 0 21h d2036ee8170e71bccebd242f83571a2efb7d50da3096e7031eccc9--1-q7hxm 0/1 Completed 0 27h e45fd7900a246061a00831270d10a8016ff13f4935e31f40fa1fc9--1-6pcxb 0/1 Completed 0 27h ed6ff9e58ee2497866c8f99f3edcd2c26208634246d486907ca7b2--1-7dt8p 0/1 Completed 0 27h f83a27421b18ee699e72657ac2eb45937068045bc2ee4bdf76d4d0--1-7r6jr 0/1 Completed 0 27h ibm-cloud-databases-redis-operator-catalog-q952s 1/1 Running 0 22h ibm-db2uoperator-catalog-xmmc4 1/1 Running 0 26h marketplace-operator-6687647b9f-5nvkw 1/1 Running 3 (28h ago) 28h opencloud-operators-rn857 1/1 Running 0 27h redhat-marketplace-74r5w 1/1 Running 0 28h redhat-operators-jgpvx 1/1 Running 0 28h - Check the catalog source
status:
oc get catalogsource -n openshift-marketplaceThe output that you receive will be similar to:
NAME DISPLAY TYPE PUBLISHER AGE certified-operators Certified Operators grpc Red Hat 28h community-operators Community Operators grpc Red Hat 28h ibm-cloud-databases-redis-operator-catalog ibm-cloud-databases-redis-operator-catalog grpc IBM 22h ibm-db2uoperator-catalog IBM Db2U Catalog grpc IBM 26h opencloud-operators IBMCS Operators grpc IBM 27h redhat-marketplace Red Hat Marketplace grpc Red Hat 28h redhat-operators Red Hat Operators grpc Red Hat 28h - Install the Cloud Pak foundational services operators:
export ICS_SIZE=small cloudctl case launch \ --case ${LOCAL_CASE_DIR}/${CASE_ARCHIVE} \ --namespace ibm-common-services \ --inventory ibmCommonServiceOperatorSetup \ --tolerance 1 \ --action install-operator \ --args "--size ${ICS_SIZE}"The output that you receive will be similar to:
Welcome to the CASE launcher Attempting to retrieve and extract the CASE from the specified location [✓] CASE has been retrieved and extracted Attempting to validate the CASE Skipping CASE validation... Attempting to locate the launch inventory item, script, and action in the specified CASE [✓] Found the specified launch inventory item, action, and script for the CASE Attempting to check the cluster and machine for required prerequisites for launching the item Checking for required prereqs... No requires section specified. Required prereqs result: OK Checking user permissions... Kubernetes RBAC Prerequisite Verbs Result Reason rbac.authorization.k8s.io.clusterroles/* get,list,watch,create,patch,update true apiextensions.k8s.io.customresourcedefinitions/v1beta1 get,list,watch,create,patch,update true security.openshift.io.securitycontextconstraints/ get,list,watch,create,patch,update true User permissions result: OK [✓] Cluster and Client Prerequisites have been met for the CASE Running the CASE ibmCommonServiceOperatorSetup launch script with the following action context: installOperator Executing inventory item ibmCommonServiceOperatorSetup, action installOperator : launch.sh -------------Installing common services via OLM------------- -------------Create common services operator subscription------------- subscription.operators.coreos.com/ibm-common-service-operator unchanged -------------Create common service custom resource------------- Warning: oc apply should be used on resource created by either oc create --save-config or oc apply commonservice.operator.ibm.com/common-service configured wait for operand config is ready ... -------------Create operand request------------- operandrequest.operator.ibm.com/common-service patched operandrequest.operator.ibm.com/common-service patched operandrequest.operator.ibm.com/common-service patched operandrequest.operator.ibm.com/common-service patched operandrequest.operator.ibm.com/common-service patched operandrequest.operator.ibm.com/common-service patched operandrequest.operator.ibm.com/common-service patched operandrequest.operator.ibm.com/common-service patched operandrequest.operator.ibm.com/common-service patched operandrequest.operator.ibm.com/common-service patched operandrequest.operator.ibm.com/common-service patched -------------Install complete------------- [✓] CASE launch script completed successfully OK - After installing the operators, ensure that all Cloud Pak foundational services pods are in the
RunningorCompletedstate (note that this should take between 10 and 20 minutes to complete):oc get pods -n ibm-common-servicesThe output that you receive will be similar to:
NAME READY STATUS RESTARTS AGE audit-logging-cleanup--1-mqfks 0/1 Completed 0 27h audit-logging-fluentd-ds-b7l5h 1/1 Running 0 27h audit-logging-fluentd-ds-kvtw7 1/1 Running 0 27h audit-logging-fluentd-ds-wztrv 1/1 Running 0 27h audit-policy-controller-5bddc7744b-sgs6n 1/1 Running 0 27h auth-idp-6c6799c4d9-w9hr4 4/4 Running 0 27h auth-pap-58dd9665c-j69x4 2/2 Running 0 27h auth-pdp-79d9f8867d-h42dl 2/2 Running 0 27h cert-manager-cainjector-b9bfc6bf9-gs4p2 1/1 Running 7 (66m ago) 27h cert-manager-controller-84d7b95985-nlfhc 1/1 Running 0 27h cert-manager-webhook-5768869b85-r7mv5 1/1 Running 0 27h common-web-ui-9bf96df78-m5v6t 1/1 Running 0 27h configmap-watcher-56ff6788-2w242 1/1 Running 0 27h default-http-backend-564c8b4c9d-d7smn 1/1 Running 0 27h iam-onboarding--1-4pm7x 0/1 Completed 0 27h iam-policy-controller-5847c7bc7-xx429 1/1 Running 0 27h ibm-auditlogging-operator-84d8554677-67jn2 1/1 Running 4 (66m ago) 27h ibm-cert-manager-operator-77f45488c5-mq7sq 1/1 Running 0 27h ibm-common-service-operator-77c95f6749-lj4rk 1/1 Running 0 27h ibm-common-service-webhook-757b645f9d-twnlc 1/1 Running 0 27h ibm-commonui-operator-7d68488c8d-r6v9k 1/1 Running 0 27h ibm-events-operator-v3.15.0-5787d4bcc-ptdhj 1/1 Running 0 27h ibm-healthcheck-operator-9f7f8dc99-vsrzm 1/1 Running 0 27h ibm-iam-operator-64695f8dcb-7kqz4 1/1 Running 0 27h ibm-ingress-nginx-operator-788994f8bb-x5zqb 1/1 Running 0 27h ibm-licensing-operator-67797d6654-gr54v 1/1 Running 0 27h ibm-licensing-service-instance-68cb9997fd-j977z 1/1 Running 0 27h ibm-management-ingress-operator-5744f996d6-hmxtp 1/1 Running 0 27h ibm-mongodb-operator-f59cbdb5-sxnsj 1/1 Running 0 27h ibm-namespace-scope-operator-56d54dc557-wggh4 1/1 Running 0 27h ibm-platform-api-operator-76c8f6486f-gfljf 1/1 Running 3 (66m ago) 27h icp-memcached-5679ccb7b8-52xxd 1/1 Running 0 27h icp-mongodb-0 2/2 Running 0 27h management-ingress-69c5487b8-45pzt 1/1 Running 0 27h must-gather-service-0 1/1 Running 0 27h nginx-ingress-controller-6c787574cd-hdbxw 1/1 Running 0 27h oidc-client-registration--1-2j5sx 0/1 Completed 0 27h oidcclient-watcher-5c874b9c77-qq2qp 1/1 Running 0 27h operand-deployment-lifecycle-manager-555d997dc9-jr9mc 1/1 Running 0 27h platform-api-697ff6f4dc-bwmmd 2/2 Running 0 27h secret-watcher-77c4dbc968-6tsmd 1/1 Running 0 27h secretshare-69558568f-g674n 1/1 Running 0 27h security-onboarding--1-bqx9r 0/1 Completed 0 27h system-healthcheck-service-568d96dc56-mg5sv 1/1 Running 0 27h