Validating the installation
About this task
Use the following procedure to validate the installation of Guardium® Insights. The installation process takes approximately 1 hour to complete.
Procedure
-
Run the following command.
oc get guardiuminsights
The expected output is similar to:NAME TYPE STATUS REASON MESSAGE DESIRED_VERSION INSTALLED_VERSION gi-sample Ready True Complete Completed Reconciliation 3.x.x 3.x.x
- To verify that all PVCs in the namespace have the Bound
status with the correct storage class, run the following command.
oc get pvc
The expected output is similar to:NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE activelogs-c-gi-sample-db2-db2u-0 Bound pvc-875cffb4-7e8d-4bd6-ba3a-d45697551df9 200Gi RWO ocs-storagecluster-cephfs 26m activelogs-c-gi-sample-db2-db2u-1 Bound pvc-125a8bef-ccfc-47f4-8fba-1d98f37b4759 200Gi RWO ocs-storagecluster-cephfs 26m c-gi-sample-db2-meta Bound pvc-8b8df167-c744-4cfd-b92e-f8155a5b7437 1000Gi RWX ocs-storagecluster-cephfs 27m data-c-gi-sample-db2-db2u-0 Bound pvc-f2c517ad-af1b-4274-89c1-505fb2f8c1b8 4000Gi RWO ocs-storagecluster-ceph-rbd 26m data-c-gi-sample-db2-db2u-1 Bound pvc-92a01f2a-ee98-47b3-bade-35239145643a 4000Gi RWO ocs-storagecluster-ceph-rbd 26m data-c-gi-sample-redis-m-0 Bound pvc-4329eaa1-22b0-44a1-b7d3-6c37114f4a68 20Gi RWO ocs-storagecluster-cephfs 27m data-c-gi-sample-redis-m-1 Bound pvc-4d36f5d9-cb5d-4c67-a30c-40ce81c678bb 20Gi RWO ocs-storagecluster-cephfs 27m data-c-gi-sample-redis-m-2 Bound pvc-b9bd78d1-21bd-48c9-a09f-61a6fcf68db0 20Gi RWO ocs-storagecluster-cephfs 27m data-gi-sample-kafka-0 Bound pvc-6539ce17-a722-4e68-a18d-eeb2ffa01262 250Gi RWO ocs-storagecluster-ceph-rbd 27m data-gi-sample-kafka-1 Bound pvc-b1c62248-ce18-4cfe-b12e-291a7e1453c4 250Gi RWO ocs-storagecluster-ceph-rbd 27m data-gi-sample-kafka-2 Bound pvc-c7c33d55-b121-426b-8a41-4f931204fcdd 250Gi RWO ocs-storagecluster-ceph-rbd 27m data-gi-sample-zookeeper-0 Bound pvc-35ee41e5-f655-4ead-8330-35ae54c0587c 20Gi RWO ocs-storagecluster-ceph-rbd 28m data-gi-sample-zookeeper-1 Bound pvc-d97cc734-ea0a-4b24-b6ab-4b992bb37dd4 20Gi RWO ocs-storagecluster-ceph-rbd 28m data-gi-sample-zookeeper-2 Bound pvc-7d231f5a-3fc3-4583-8418-0fedec348418 20Gi RWO ocs-storagecluster-ceph-rbd 28m data-volume-gi-sample-mongodb-0 Bound pvc-2f628ccc-89bb-4e3e-85d8-222b9347fad2 250Gi RWO ocs-storagecluster-cephfs 28m data-volume-gi-sample-mongodb-1 Bound pvc-f5f24c7b-945f-412e-8b22-f322336cede3 250Gi RWO ocs-storagecluster-cephfs 27m data-volume-gi-sample-mongodb-2 Bound pvc-2a984c92-8913-4f42-8860-819649679567 250Gi RWO ocs-storagecluster-cephfs 27m gi-samplevyusfhlqeb3js88nxvvany-mini-snif-shared Bound pvc-62b4742a-8e1a-49a3-9ab9-50c8365c3aaa 50Gi RWX ocs-storagecluster-cephfs 2m55s logs-volume-gi-sample-mongodb-0 Bound pvc-282002c1-3227-4315-a58f-b5f41a722265 250Gi RWO ocs-storagecluster-cephfs 28m logs-volume-gi-sample-mongodb-1 Bound pvc-dc6a051e-cdd1-4897-8545-5943992622d9 250Gi RWO ocs-storagecluster-cephfs 27m logs-volume-gi-sample-mongodb-2 Bound pvc-b3e88414-6b82-4345-ba2e-6c9197c63162 250Gi RWO ocs-storagecluster-cephfs 27m mini-snif-i-gi-samplevyusfhlqeb3js88nxvvany-mini-snif-0 Bound pvc-bf0f98e8-5154-4706-a1c8-ce579cf72cf3 50Gi RWO ocs-storagecluster-cephfs 2m56s snif-picker-config Bound pvc-291e69cd-e88e-43b3-a8fd-6eff5e252bbf 50Mi RWO ocs-storagecluster-cephfs 2m51s ticketing-keystore Bound pvc-a74ce09b-dd50-4389-8b14-604ea5412a1b 2Mi RWX ocs-storagecluster-cephfs 25m universal-connector-manager-shared Bound pvc-94ff0032-5b57-46c5-a856-03942b965fcb 50Gi RWX ocs-storagecluster-cephfs 24m
- Log in to the Guardium Insights user interface
at http://staging.apps.testgcp.ibmguardiuminsights.com. The expected output is similar to:
- To validate SCP, run the following command.
oc get route
The expected output is similar to:NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD gi-sample-apigateway-api staging.apps.testgcp.ibmguardiuminsights.com /api gi-sample-apigateway 8443 reencrypt/Redirect None gi-sample-apigateway-docs staging.apps.testgcp.ibmguardiuminsights.com /docs/v3 gi-sample-apigateway 8443 reencrypt/Redirect None gi-sample-insights staging.apps.testgcp.ibmguardiuminsights.com / gi-sample-insights <all> reencrypt/Redirect None gi-sample-ssh-service staging.apps.testgcp.ibmguardiuminsights.com gi-sample-ssh-service service-sshservice None gi-samplevyusfhlqeb3js88nxvvany-snif-picker-feed feed.vyusfhlqeb3js88nxvvany.gi-sample.apps.testgcp.ibmguardiuminsights.com gi-samplevyusfhlqeb3js88nxvvany-snif-picker-headless feed passthrough None gi-samplevyusfhlqeb3js88nxvvany-snif-picker-unix unix.vyusfhlqeb3js88nxvvany.gi-sample.apps.testgcp.ibmguardiuminsights.com gi-samplevyusfhlqeb3js88nxvvany-snif-picker-headless unix passthrough None myUsername@LP-C02DRE3QMD6M ~ % myUsername@LP-C02DRE3QMD6M ~ % oc get svc | grep ssh gi-sample-ssh-service LoadBalancer 172.30.246.98 35.196.163.71 22222:31729/TCP 15h myUsername@LP-C02DRE3QMD6M ~ % mkdir test-ssh myUsername@LP-C02DRE3QMD6M ~ % cd test-ssh myUsername@LP-C02DRE3QMD6M test-ssh % vi testfile myUsername@LP-C02DRE3QMD6M test-ssh % myUsername@LP-C02DRE3QMD6M test-ssh % ls -ltr total 8 -rw-r--r-- 1 myUsername 149934974 37 Dec 2 11:33 testfile myUsername@LP-C02DRE3QMD6M test-ssh % cat testfile echo "welcome to scp testing in GCP" myUsername@LP-C02DRE3QMD6M test-ssh % oc get secret ssh-service-ssh-gen -ojsonpath='{.data.guardium_to_insights_scp}' | base64 -d > guardium_to_insights_scp myUsername@LP-C02DRE3QMD6M test-ssh % ls -ltr total 16 -rw-r--r-- 1 myUsername 149934974 37 Dec 2 11:33 testfile -rw-r--r-- 1 myUsername 149934974 1674 Dec 2 11:34 guardium_to_insights_scp myUsername@LP-C02DRE3QMD6M test-ssh % chmod 400 guardium_to_insights_scp myUsername@LP-C02DRE3QMD6M test-ssh % cat guardium_to_insights_scp -----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAl1OqpJuSgxmPbN6wTSZGFoQnEjCKrt8nFQEo2KicenvMQJ3Z qtIfYnFQ/KDkPTX3Qh4BVoIoGFGYvc4Cq8tlbhtYQ8VwqZGKE9zeYfmALgH6w+wb eA7JvdC7Cpb4JOLOrop5aT+/7Qc25P5XOiG38eMx1/msBjcMy81jH42lbA3+rzDI 2lYUpGDgHhGu54VVTQQSMsOTjh8KJTdMHvRsGTXJLiAIE5mTMKJJW8dzEkzwAOIU EOH7b64rnL+pYn0B7r6oqFHGI8yQf2ilublohpInrhUWCF7qqynUtVRcMAKJ8biD tGEkIZy/iXRvR5dbQXMSjXyujlFpxn0dYevcnQIDAQABAoIBACSuZTjNdTBOK9QK DtZEpsyicA4asiM9eG3BADO0e2m9RH+NQ8wCbxUfvq/eGDU2NZ9TQqPDnRB4BvxL SZ53CTkta7HR1ENmQgAak9VP82AznqOLQgVSIFjgldY1TiUyzULF0jRO/ajpDMdp V5+BuOLrXZOqs6Y2BeYI/TQS07xjMJ8ClICNXih71GsGL5EfPqWmOqwQOfKIVEEE hBeDH+6CiPEBfbgk12YKGfly8wRY/a7mpU2ncp52uBlaux2sjA1bNYL7q7MKdkCX CzQjAjhLUzrWtBi0sT6ewd2yS7opCRbM+YG7mLxzu50qGD8/TjY3XQmPW+l1qiV4 1+UbDIECgYEAyJ8BUZ/yGawic6nZsB/8kRkXgURyLeAzFfZexIigP9nH7feQgYbL Cw0rfoKah6KKeZOs/DDzZDjUdQCih59cqRQYhHNYWDyMhQ6/3/um5zvZ/AMUqmte eLEvvNzKHTpsFH2ZKuIAAiJz1uJnb3sQqupv80gpwaGLz9/pdQTa940CgYEAwRlB O2yCfYjLQKwgnoVKDR/ENZ6hvti326qxIIxyacewQhj3hNkFVF0RAs5lWKRTdpbo QSf0ADhHenfXkp+2H2PlCimLxek2rWCGCD7Thch0XfnN3oV+XgFTQ8R9lscZrYDq pYRVbQbKaRK8FIA+7BGxbprzoYbN27o+vibO7VECgYAO8dlVTUbppqsCVrrCpf9Y h7f6hzDCPhtQHYQ9u7fESeLc1T5Mh9AESLzetbfxNqh+GgQe3T6kTp90/9EbrUFn zvlslHMWT5xgJRMiCksKmqjIXypg75KgBwL5XLEpsDpw5FJOoXtCrXJXpZHy+gXp 1YD1bIC/zdruZ02qy+vL2QKBgD58BJ7NCyDCHjtMN7X0HbVHfT94mJBgIoajonOM 3w0ZwBBzccz8SPw2rWWCEktvyU5LoNZMrmlPzNl1ZD2fDtjzg08ZiJA/WiEaZeTP J7VX20f5qMOD4RNcTGxWbelXfhil6cgrnVUNaHw9wrzDjxjm1Mqcu4+eRoj+qITx m+4xAoGBALJRnZh+vR8tRn/xbDzINfkuS+5UJO4PA89Y2YRPcimp7zrtZhB16PyY yLcrJQAQjrmQPuAU+kFOZarFEZ7lkDTLimUMU67karHsbsXcz0uqaluzuAAFQLr9 rawQRfypZMDsuPYXP3jxYP1LCHxU40bWTwVZA4H5d6kHkRhiuTuG -----END RSA PRIVATE KEY-----% myUsername@LP-C02DRE3QMD6M test-ssh % oc rsh gi-sample-ssh-service-5d65c59d58-hxk8v sh-4.4$ cd /service/datamart/TNT_VYUSFHLQEB3JS88NXVVANY/ sh-4.4$ ls sh-4.4$ pwd /service/datamart/TNT_VYUSFHLQEB3JS88NXVVANY sh-4.4$ exit exit myUsername@LP-C02DRE3QMD6M test-ssh % scp -i guardium_to_insights_scp -P 22222 testfile scpuser@35.196.163.71:/service/datamart/TNT_VYUSFHLQEB3JS88NXVVANY/ The authenticity of host '[35.196.163.71]:22222 ([35.196.163.71]:22222)' can't be established. RSA key fingerprint is SHA256:AKpZ55fe6t8YsIbsBifmvIWBKkytuS+TIZAMEKKMt+k. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '[35.196.163.71]:22222' (RSA) to the list of known hosts. testfile 100% 37 0.1KB/s 00:00 myUsername@LP-C02DRE3QMD6M test-ssh % oc rsh gi-sample-ssh-service-5d65c59d58-hxk8v sh-4.4$ cd /service/datamart/TNT_VYUSFHLQEB3JS88NXVVANY/ sh-4.4$ ls testfile