Configuration file parameters for all-in-one installation
The following tables list the configurable properties of the Guardium® Insights configuration (values.conf) file and the Guardium Insights license value options.
Option | Installation type requirement | Default value | Description | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Mandatory parameters | ||||||||||||||||||
ONLINE_INSTALL |
Required for online and offline/air gap installations. | true |
Change the value to false to install in offline/air gap mode. This mode
requires more parameters and more preparation, and is provided as a means to install on clusters
with no or limited internet. |
|||||||||||||||
SKIP_INSTALL_ICS |
Required for online and offline/air gap installations. | false |
Change the value to true only if IBM® Common
Services is already installed on your
cluster. |
|||||||||||||||
ENTITLED_REGISTRY |
Required for online and offline/air gap installations. | cp.icr.io |
The hostname of the remote registry that contains installation images
(cp.icr.io , unless noted otherwise). |
|||||||||||||||
ICS_CATALOG_REGISTRY |
Required for online and offline/air gap installations. | icr.io |
The hostname of the remote docker registry that contains installation images
(icr.io , unless noted otherwise). |
|||||||||||||||
ENTITLED_REGISTRY_USER |
Required for online and offline/air gap installations. | n/a | The user that you use to log in to the entitled registry (typically, the user is
cp ). |
|||||||||||||||
ENTITLED_REGISTRY_PASS |
Required for online and offline/air gap installations. | n/a | The password or entitlement key that is used to log in to the entitled registry. | |||||||||||||||
GI_DATA_NODE |
Required for online and offline/air gap installations. | n/a | The name of the node or nodes that you select to house the Db2® instance. You need separate nodes for separate Db2 instances (comma-delimited). | |||||||||||||||
LABEL_DATA_NODE |
Required for online and offline/air gap installations. | true |
If true , data nodes are labeled as dedicated for data service usage. If
false , labeling is skipped. |
|||||||||||||||
GI_NAMESPACE |
Required for online and offline/air gap installations. |
|
Guardium Insights namespace, where Guardium Insights is deployed. | |||||||||||||||
ICS_NAMESPACE |
Required for online and offline/air gap installations. | ibm-common-services or GI_NAMESPACE |
For Guardium Insights version 3.3.x and
earlier, IBM Common
Services is installed in
the default namespace (ibm-common-services ).
For Guardium Insights version 3.4.x and later, IBM Common
Services is installed in the
|
|||||||||||||||
ICS_SIZE |
Required for online and offline/air gap installations. | small |
Set the ICS_SIZE to small if you are installing a
deployment of Guardium Insights that is extra small or
small. Set the ICS_SIZE to medium if you are installing a Guardium Insights deployment that is medium or higher. |
|||||||||||||||
Version 3.5.x and later ICS_POSTGRES_REGISTRY_URL | Required for online and offline/air gap installations. | cp.icr.io |
The hostname of the remote registry that contains installation images
(cp.icr.io , unless noted otherwise). |
|||||||||||||||
Version 3.5.x and later ICS_POSTGRES_REGISTRY_USER | Required for online and offline/air gap installations. | n/a | The user that you use to log in to the entitled registry (typically, the user is
cp ). |
|||||||||||||||
Version 3.5.x and later ICS_POSTGRES_REGISTRY_PASS | Required for online and offline/air gap installations. | n/a | The password or entitlement key that is used to log in to the entitled registry. | |||||||||||||||
CLOUD_INFRA |
Required for online and offline/air gap installations. | openshift |
Cloud provider for the cluster used for Guardium Insights installation. The following values are acceptable:
|
|||||||||||||||
DOMAIN_NAME |
Required for online and offline/air gap installations. | n/a | Domain name of the cluster. | |||||||||||||||
HOST_NAME |
Required for online and offline/air gap installations. | n/a | Host name for the application. Important: When you create your custom resource
(CR) file, the
spec.guardiumInsightsGlobal.ingress.hostname value must be 58
characters or fewer. |
|||||||||||||||
STORAGE_CLASS_RWO |
Required for online and offline/air gap installations. | rook-ceph-block |
Storage classes that are defined for using Guardium Insights. The storage class depends on the type of cloud
infrastructure used. Provide both read-write-only (RWO) and read-write-many (RWX) classes.
Important: The storage classes must be prepared before you run the installation. For
more information about creating and configuring storage classes, refer to your cloud provider's
documentation.
|
|||||||||||||||
STORAGE_CLASS_RWX |
Required for online and offline/air gap installations. | rook-cephfs |
||||||||||||||||
BACKUP_STORAGECLASS_RWX |
Required for online and offline/air gap installations. |
|
Backup storage classes that are defined for using Guardium Insights. The backup storage class depends on the type of
cloud infrastructure used.
Important: The storage classes must be prepared before you run the installation. For
more information about creating and configuring storage classes, refer to your cloud provider's
documentation.
|
|||||||||||||||
LOCAL_REGISTRY_HOST |
Required for offline/air gap installations (ONLINE_INSTALL=false ). Not
applicable to online installations. |
n/a | These parameters specify a private Docker registry to use for image mirroring for an air gap
installation, along with the username and a password for logging in to the registry.
|
|||||||||||||||
LOCAL_REGISTRY_USER |
Required for offline/air gap installations (ONLINE_INSTALL=false ). Not
applicable to online installations. |
n/a | ||||||||||||||||
LOCAL_REGISTRY_PASS |
Required for offline/air gap installations (ONLINE_INSTALL=false ). Not
applicable to online installations. |
n/a | ||||||||||||||||
Optional parameters | ||||||||||||||||||
TAINT_DATA_NODE |
Optional for online and offline/air gap installations. | false |
Change to true to have data nodes that are tainted and dedicated for data
service usage. Leave as false to skip this step. |
|||||||||||||||
SKIP_GI_PREINSTALL |
Optional for online and offline/air gap installations. | false |
If set to true , the preinstall step in the Guardium Insights deployment is skipped. |
|||||||||||||||
SKIP_GI_CATALOGS |
Optional for online and offline/air gap installations. | false |
If set to true , the dependency catalog installation in the Guardium Insights deployment is skipped. |
|||||||||||||||
SKIP_GI_OPERATORS |
Optional for online and offline/air gap installations. | false |
If set to true , the dependency operator installation in the Guardium Insights deployment is skipped. |
|||||||||||||||
SKIP_GI_INSTANCE |
Optional for online and offline/air gap installations. | false |
If set to true , instance (custom resource) creation in the Guardium Insights deployment is skipped. |
|||||||||||||||
INSECURE_REGISTRY |
Optional for offline/air gap installations (ONLINE_INSTALL=false ). Not
applicable to online installations. |
false |
If you are using an insecure registry (no TLS or a self-signed certificate), setting this
parameter to true configures the cluster to allow the insecure registry. |
Product | License type value for Version 3.3.x | License type value for Version 3.4.x | License type value for Version 3.5.x |
---|---|---|---|
IBM Guardium Package (Software) | L-TFWF-ZZ5233 | L-ZNAM-9BHMTZ | L-YRPR-ZV3BA6 |
IBM Cloud Pak® for Security (Gen 3) (replaces IBM Guardium Insights for IBM Cloud Pak for Security Version 3.1) | L-QAXS-3Q3M77 | L-HZJW-JA6HJX | L-HZJW-JA6HJX |
IBM Guardium Insights | L-EUYK-DLBJKL | L-MYJN-5G3BE2 | L-NVCJ-9CYX5W |
IBM Guardium Insights for Guardium Data Protection for z/OS® | L-QQNG-5WV2K5 | L-EVXH-UJQRT9 | L-VWLB-EGB2VZ |
IBM Guardium Insights for IBM Cloud Pak for Security | L-ABEU-LGJCCW | L-DFKL-D2QRNM | L-YJXR-K9VF5F |