Planning for IBM Sterling Intelligent Promising in containers

Edit online

Review the system requirements, Kubernetes or Red Hat® OpenShift® Container Platform cluster setup, storage, and security considerations, when you plan for deploying IBM® Sterling Intelligent Promising by using containers.

System requirements

You must have the appropriate hardware and software to install IBM Sterling Intelligent Promising.
Container runtime Minimum version requirement
Kubernetes 1.25 and future fix packs
1.26 and future fix packs
Red Hat OpenShift Container Platform 4.12 and future fix packs
4.13 and future fix packs
Database Minimum version requirement
Apache Cassandra 4.0.10 and future fix packs
Elasticsearch 7.17.9 and future fix packs
Event streaming middleware Minimum version requirement
Apache Kafka 3.5.0 and future fix packs

Container Registry

To host all the product images, pull the images from the IBM Container Registry by using your IBM entitlement key and push it to your local registry. For more information about the image list, see Registry image names for IBM Sterling Intelligent Promising Standard edition.

Kubernetes or Red Hat OpenShift Container Platform cluster setup

  • Define network policies. Use Kubernetes network policies to define rules for controlling the traffic between pods. You can specify the pods to communicate with each other based on labels, namespaces, or other criteria.
    • Allow all pod-to-pod communication.
    • If your middleware stack of Cassandra, Kafka, and Elasticsearch is outside of the cluster, ensure that network policies are defined so that IBM Sterling Intelligent Promising pods can reach these external services.
  • Set up an ingress controller for external access.

Security

  • SSL communication:
    • For production environments, set up your own custom domain and a relevant SSL certificate for the domain.
    • If your middleware stack of Cassandra, Kafka, and Elasticsearch are outside of the cluster, which typically occurs in production environments, communicate to these services over SSL and get the relevant certificates.
  • Define the required pod security policies and cluster role bindings to enforce security policies on pods.

Storage

  • Determine your storage requirements, including the need for both ephemeral, or temporary, and persistent storage.
  • Set up storage classes for dynamic provisioning and manage storage resources by using persistent volume claims (PVCs).
  • Use persistent volumes for Cassandra, Kafka, and Elasticsearch when the IBM Sterling Intelligent Promising Operator deploys instance of these middleware services.