Running the all-in-one-script
Automate the installation of Guardium® Insights by running the all-in-one installation script.
Procedure
-
Define the location of the custom resource (CR) file:
export LOCAL_INSTALL_DIR=<CR file location>
And then run the following command to start the installation process of Guardium Insights and its dependencies. This command takes approximately 15 to 20 minutes to complete.
cd $LOCAL_CASE_DIR/$CASE_NAME/inventory/automateInstall/files oc ibm-pak launch $CASE_NAME \ --version $CASE_VERSION \ --namespace ${NAMESPACE} \ --inventory automateInstall \ --action autoInstall \ --tolerance 1 | tee -a ${LOCAL_INSTALL_DIR}/installation.log
- A sample Guardium Insights CR file is available
in following location:
$LOCAL_CASE_DIR/ibm-guardium-insights/inventory/guardiumInsightsOperator/files/samples/gi-custom-AWS.yaml.
When prompted with If you want to continue with the provided yaml file for Guardium Insights CR creation (yes/no)?, you have two options.- If you enter yes, the system output is similar to the following
message:
APPLYING guardiuminsights.gi.ds.isc.ibm.com/staging created -----IBM Security Guardium Insights Auto-Installation Successfully Completed----------
- If you enter no, you can installGuardium Insights manually by creating a .yaml
file. The following example shows what your .yaml file can look like.
apiVersion: gi.ds.isc.ibm.com/v1 kind: GuardiumInsights metadata: #name: This must be 10 or less characters name: Staging #Provide the name of the namespace in which you want to install the CR. namespace: staging spec: version: 3.4.0 license: accept: true licenseType: "L-YRPR-ZV3BA6" connections: insightsEnv: FEATURE_STAP_STREAMING: "false" guardiumInsightsGlobal: backupsupport: enabled: true name: <GI_Backup_PVC> storageClassName: managed-nfs-storage size: 500Gi guardiumInsightsVersion: 3.4.0 dev: “false” licenseAccept: true size: values-small image: insightsPullSecret: ibm-entitlement-key repository: cp.icr.io/cp/ibm-guardium-insights insights: ingress: hostName: staging.apps.gi-ocp47.guardium-insights.com domainName: api.gi-ocp47.guardium-insights.com ics: namespace: <GI Namespace> registry: common-service storageClassName: ibmc-file-gold-gid dependency-db2: image: insightsPullSecret: ibm-entitlement-key db2: size: 2 resources: requests: cpu: “6” memory: “48Gi” limits: cpu: “6” memory: “48Gi” storage: - name: meta spec: storageClassName: “ibmc-file-gold-gid” accessModes: - ReadWriteMany resources: requests: storage: “1000Gi” type: create - name: data spec: storageClassName: “ibmc-file-gold-gid” accessModes: - ReadWriteOnce resources: requests: storage: “4000Gi” type: template mln: distribution: 0:0 total: 2 dependency-kafka: kafka: storage: type: persistent-claim size: 250Gi class: “ibmc-file-gold-gid” zookeeper: storage: type: persistent-claim size: 20Gi class: “ibmc-file-gold-gid” mini-snif: persistentVolumesClaims: mini-snif-shared: storageClassName: “ibmc-file-gold-gid” universal-connector-manager: persistentVolumesClaims: universal-connector-manager-shared: storageClassName: “ibmc-file-gold-gid” settings-datasources: persistentVolumesClaims: settings-datasources: storageClassName: “ibmc-file-gold-gid” ticketing: persistentVolumesClaims: ticketing-keystore: storageClassName: “ibmc-file-gold-gid”
After you create the .yaml file, apply it by running the following command:oc apply -f <filename.yaml>
- If you enter yes, the system output is similar to the following
message: