Accessing the IBM Stewardship Center user interface

To access the IBM Stewardship Center for MDM user interface when deployed on Kubernetes, you must use the NGINX Ingress Controller.

Before you begin

Ensure that you have completed the prerequisite steps described in Using NGINX Ingress to access MDM web services and user interfaces on Kubernetes.

Procedure

  1. Run the mdmisc.yml file to create a configmap, deployment, and service for the MDM ISC container. 
    kubectl create -f mdmisc.yml -n <namespace>
  2. Attach to the mdmisc_container. 
    kubectl exec -it <pod-name> bash -n <namespace>
  3. Obtain the certificate and key from the key.p12 file present in the MDM ISC container at <BPM_HOME>/config/NodeProfilePS/config/cells/PSCell1/nodes/NodePS.
    1. Copy the file key.p12 from<BPM_HOME>/profiles/NodeProfilePS/config/cells/PSCell1/nodes/NodePS from the Docker container or Kubernetes pod to the directory you are working on.
    2. Run the following commands to obtain the certificate and key: 
      openssl pkcs12 -in key.p12 -nokeys -out cert.pem
openssl pkcs12 -in key.p12 -nodes -nocerts -out was.key
  4. Create a Kubernetes secret using the files obtained in the previous step. 
    kubectl create secret tls mdmisc-tls-cert -n com-ibm-mdm --key was.key --cert cert.pem

    This secret will be used by the Ingress resource from MDM ISC.

  5. Configure properties in the WebSphere Application Profile to overcome port redirection.
    1. In the Docker container or Kubernetes pod, go to <BPM_HOME>/bin and run the following command: 
      ./wsadmin.sh -host localhost -port 8001 -username bpmadmin -password bpmadmin -lang jython -f /tmp/setWebContainerProperties_ISC.py
      This script configures the properties as required.
      Tip: One of the properties that this script modifies, com.ibm.ws.webcontainer.extractHostHeaderPort, removes the port from the URL. This change is expected. The interface is still accessible without the port being specified.
      Important: In customer environments, these property changes must be completed during configuration of the MDM ISC image that will be deployed on Kubernetes.
  6. Restart the application server.
  7. Create an Ingress resource using the file mdmisc_ingress.yml. 
    kubectl create -f mdm_ingress.yml

    The rule in this Ingress facilitates access to the IBM Stewardship Center user interface.

  8. Add the following detail to the hosts file on the machine from which you plan to access the MDM SOAP web services: 
    <INGRESS_SERVICE_EXTERNAL_IP>	bpmpshost
    For example:
    
9.21.111.232	bpmpshost
  9. Optional: To enable Auto Scaling (HPA) on the MDM ISC container, run the mdmisc_hpa.yml file. 
    kubectl create -f mdmisc_hpa.yml

What to do next

Access the IBM Stewardship Center for MDM user interface at the following URL:
https://bpmpshost/ProcessPortal