Deploying the MDM machine learning container on OpenShift

Complete this procedure to deploy the InfoSphere® MDM machine learning container on Red Hat® OpenShift® Container Platform.

Before you begin

The following additional YAML files are required for the MDM machine learning deployment:
  • configmap.yml
  • service.yml
  • deploymentconfig.yml
  • hpa.yml
Tip: If you do not have these files already, see the topic YAML files and scripts for deploying InfoSphere MDM on OpenShift or Kubernetes to download an archive file containing sample YAML files and scripts. The machine learning files are in a folder named

About this task

Before creating these OpenShift resources, you must update the YAML files to provide details corresponding to your deployment.

Important: When using Machine Learning containers in a production environment, especially if you are using an HPA configuration in Kubernetes or OpenShift, be sure to follow these steps:
  1. Start a single ML service instance (one Kubernetes pod configuration) first and wait until it is ready. As part of starting up for the first time, the container creates a number of required database tables in Cassandra.
  2. After the first instance is ready, enable the HPA configuration to start further service instances for high availability and performance load balancing.
Failure to follow these steps could result in exceptions during table creation, leaving Cassandra in an undefined state.


  1. Pull the MDM machine learning Docker image for OpenShift and the corresponding YAML files. Run the Configure_MDM_Docker script in the MDM_<VERSION>_DKR_COMPOSE folder and select option 14.
  2. Tag the image name with private registry:
    docker tag<version> docker-registry.default.svc:5000/com-ibm-mdm/mdm-ml:latest
  3. Push the image into the private registry:
    docker push docker-registry.default.svc:5000/com-ibm-mdm/mdm-ml:latest
  4. Update the YAML files as needed to replace placeholder values with those that correspond to your deployment:
    • Make sure the OpenShift project name is com-ibm-mdm. If it is different, update the YAML files accordingly.
    • Update configmap.yml to supply your configuration details, such as the Cassandra IP/hostname, port, user name, password, and so on.
    • Update the image name in deploymentconfig.yml.
  5. Ensure that you have security certificate and key files in .pem format.
  6. Run the following commands from the master node:
    oc create -f configmap.yml
    oc create -f deploymentconfig.yml
    oc create -f service.yml
  7. Optional: To implement SSL at the container side, complete the following steps:
    1. Log in to the OpenShift console and open the com-ibm-mdm project.
    2. Go to Resources > Secrets > Create Secret.
    3. Provide values for the following required fields:
      • Secret Type - Generic Secret
      • Secret Name - https-key/https-cert/mdm-cacert/Cassandra-cert
        Note: You can create four secrets. The https_key and https_cert secrets are mandatory.
      • Key - https_key/https_cert/mdm_cacert/Cassandra_cert
      • value - Browse the cert/key file.
    4. Map the application with the secrets.
      1. Go to Resources > Secrets > Add to Application.
      2. Fill in the fields with the following values. Do not change the values.
        • Add this secret to application - mlhost
        • Volume - Mount Path. There are four paths according to the certificates:
          • /home/mdmuser/https_key
          • /home/mdmuser/https_cert
          • /home/mdmuser/mdm_cacert
          • /home/mdmuser/cassandra_cert
        Tip: If you redeploy the container, you must run these steps again. This does not apply to pod recreation.
  8. Optional: To enable Auto Scaling, run the following command.
    oc create -f hpa.yml
    Note: Take note of the following implementation details:
    • Auto Scaling works based on the percentage of CPU utilization.
    • The minimum number of replicas is two and the maximum is four. You can edit these limits for your deployment if needed.
    • Auto Healing is available and configured out-of-the-box by default. No additional configuration is required.