Prerequisites for installing Maximo Application Suite on Microsoft Azure
Before you install the IBM® Maximo® Application Suite, you must set up several components, and gather the information that you need to specify in the installation parameters.
The following components are required to install Maximo Application Suite in Microsoft Azure.
- Microsoft Azure account and subscription
- To install the Maximo Application Suite on Microsoft Azure, you must
have a Microsoft Azure account and a subscription created in it. During Maximo Application Suite installation, a new virtual private cloud VNet is created in the Microsoft Azure subscription. The Red Hat® OpenShift® cluster is then deployed in the VNet,
and the Maximo Application Suite is deployed in the cluster.
During IBM Maximo Application Suite installation, when you use the 'New Red Hat OpenShift cluster' option, a new virtual private cloud VNet is created in the Microsoft Azure subscription.
For more information, see How do I create and activate a new Azure account?.
In your Microsoft Azure account, create active directory (AD) user and assign AD roles to this user that includes the required permissions to install the Maximo Application Suite. You need to assign the existing AD roles
Contributor
andUser Access Administrator
to the user. For more information, see Configuring installation permissions on Microsoft Azure.By default, your Microsoft Azure account has access to all of the Microsoft Azure services that you need to install the Maximo Application Suite. These services include Microsoft Azure DNS, Resource Manager Templates, virtual machines, Blob storage, Log Analytics, and other services. When you configure these services, ensure that you select the same geographical region where you want to install the Maximo Application Suite. For the list of supported regions, see Preparing to installing Maximo Application Suite on Microsoft Azure.
Your Microsoft Azure subscription includes default service limits, quotas, and constraints for each Microsoft Azure service. In the future, you might need to increase these quotas, for example if your Red Hat OpenShift cluster requires more resources. For more information, see Azure service limits, quotas, and constraints in the Microsoft Azure documentation.
- SSH key pair
- The Microsoft Azure virtual machines service uses virtual computing environments
to provide computing capacity in the Microsoft Azure cloud. In an installed Maximo Application Suite on Microsoft Azure, the Red Hat OpenShift cluster nodes are Microsoft Azure virtual machines.
For more information, see Virtual machines in Azure .
When a virtual machine is created, a key pair, which consists of a public key and a private key, must be provided. Because the Maximo Application Suite installation creates many virtual machines, you must generate a key pair before you install the Maximo Application Suite. For more information, see Create a key pair using a third-party tool in the Microsoft Azure documentation.
When you specify the parameters for a Maximo Application Suite installation on Microsoft Azure, in the
SSHKey
parameter, contain the public key that you generated. Keep the private key in a safe place and store it in the PEM format.After the installation is complete, you can use the private key to connect to the cluster nodes by using Secure Shell (SSH). For more information, see Accessing the boot node and Red Hat OpenShift cluster.
- Boot node CIDR IP address range
- When you begin a Maximo Application Suite installation, a boot node is created
that contains all of the required information, including the parameters that you specify, to
complete the installation. The boot node creates and installs the VNet, Red Hat OpenShift cluster, Maximo Application Suite prerequisites, and
Maximo Application Suite itself.
To connect to the boot node, you must specify a range of IPv4 addresses that can access it. In the
bootnodeSGIngressCidrIp
installation parameter, enter the IP address range by using the classless inter-domain routing (CIDR) notation. For example, to allow all IP addresses to access the boot node, enter 0.0.0.0/0. To allow one specific IP address to access the boot node, enter x.x.x.x/32, for example 192.12.33.3/32. For more information, see Classless_Inter-Domain_Routing#CIDR_notation. - Maximo Application Suite license
- The Maximo Application Suite license needs to be
retrieved from the IBM License Key Center.
If you want to purchase the Maximo Application Suite license through Microsoft Azure Marketplace, subscribe to the IBM Maximo Application Suite (Paid) product first. The subscription to this process initiates the purchase process with IBM through Microsoft Azure Marketplace. You can select either public offer or a private offer with negotiated pricing.
If you want to purchase the Maximo Application Suite Maximo Application Suite license outside of the Microsoft Azure Marketplace, contact your IBM sales representative.
If you do not already have your Maximo Application Suite license key file, you can create and download it in the IBM License Key Center. For instructions, see the steps in the
Upload your license key file
section of the Setting up Maximo Application Suite topic. When you create the license, provide the server parameters that are indicated in the following table:Parameter Value Configuration Single license Server Host ID Type Ethernet address Host ID A unique 12-character hexadecimal value, such as `0abcac110f02`. You can generate this value by using one of the following methods: - An online hexadecimal number generator, such as Online Hex Tools.
- A command-line utility, such as the Linux®
hexdump
utility. For example, the following command generates a lowercase 12-character hexadecimal string:
hexdump -n 6 -e '8/8 "%08X" 1 "\n"' /dev/urandom | tr '[:upper:]' '[:lower:]'
After you download the Maximo Application Suite license key file, upload it to a Blob storage. Your Microsoft Azure account has access to the Microsoft Azure Blob storage. For more information about using Microsoft Azure Blob storage, see Introduction to Azure Blob storage.
After you upload the license to the Blob storage container, create a shared access token in the container with appropriate expiry time. This step provides you a URL to the storage container that has a SAS token as part of it. The URL works only while it is valid. Complete the deployment before the SAS token expires. Record the HTTPS location of the license, for example
https://masocpstgacnt.blob.core.windows.net/masocpfiles/entitlement.lic?sp=r&st=2022-04-06T04:02:45Z&se=2022-06-30T12:02:45Z&spr=https&sv=2020-08-04&sr=c&sig=CN27jhRfxHDmDgz%2FYgkyGY7h%2BEZdp9H5PVAoaxP%2FURY%3D
. You enter this location when you specify themasLicenseUrl
installation parameter. - IBM Entitled Registry
- The IBM Entitled Registry key is used
during the installation to download the container images for the Maximo Application Suite and its applications from the IBM Entitled Registry. Download this key from the IBM Container Library.
You must purchase a Maximo Application Suite license to receive a valid entitled registry key to download the container images for the Maximo Application Suite.
- Pull secret
- To create the Red Hat OpenShift cluster, you must provide a pull secret.
To access the pull secret, complete the following steps:
- Ensure that you have a Red Hat account. If you do not have a Red Hat account, create one.
- To access your Red Hat entitlements, in the Passport Advantage® website, link your purchased Maximo Application Suite software to your Red Hat account. For more information about how to link purchased IBM software to a Red Hat account, see this Cloud Paks topic.
- Log in to the Red Hat Hybrid Cloud Console by using your Red Hat account credentials.
- In the Download Pull Secret. page, click
The pull secret is a JSON-formatted text file. When you configure the Maximo Application Suite installation parameters, copy the JSON text from the file into the
OpenShiftPullSecret
parameter. - Storage account with Blob storage container
- You must provide certain files when you deploy the Maximo Application Suite
- Maximo Application Suite license file for the BYOL product.
- Maximo Application Suite Manage Db2® certificate if Maximo Application Suite and Manage are deployed.
- IBM Suite License Service (SLS) public certificate if you are using existing SLS.
- Data Reporter Operator (DRO) public certificate if you are using existing DRO.
The files must be kept in a Blob storage container that is created in a storage account. The shared access token used to generate the shared access signature (SAS) URI with at the minimum read access to these files must be provided.
The SAS URI of each file must be provided during the deployment as applicable.
- Existing network infrastructure by using Red Hat OpenShift UPI mode
- To reuse the existing network infrastructure, select the New OpenShift cluster, existing network (UPI) option when you deploy the Maximo Application Suite. This mode requires certain Microsoft Azure resources
to be created in advance.
- Generate an infrastructure ID.
Define an infrastructure ID to be used as the base name for the resources. It can be any unique string with alphanumeric characters.
Important: The infrastructure ID must use some standard for this string and the first character should be a letter. It can be a random alphanumeric string of 6 characters.You can use the following command in bash shell to generate a string.
INFRA_ID="$(cat /dev/urandom | tr -dc 'a-z' | fold -w 3 | head -n 1)$(cat /dev/urandom | tr -dc '0-9' | fold -w 3 | head -n 1)" echo $INFRA_ID
- Provide specifications for existing network resources.
Reuse the existing network resources such as VNet, Subnet, and Network security group.
You must follow specific naming convention for these resources. The resource name must begin with
INFRA_ID
. If the naming conventions are not followed, the deployment might be unsuccessful.- In a browser window, open the json file, right-click the page and save the
file to your local machine by using the name 01_vnet.json.Starting in Maximo Application Suite 8.10 or later, open the 01_vnet.json file.Tip: You can edit the json file with your own Classless Inter-Domain Routing (CIDR) values for VNet addressPrefix, master subnet masterSubnetPrefix, and worker subnet nodeSubnetPrefix. However, ensure that you do not change the values for master subnet masterSubnetName and worker subnet nodeSubnetName.
If you are on Maximo Application Suite 8.9 or earlier, open the 01_vnet.json file.
- Create the resource group that contains the network resources. In the command, the resource
group name is defined as a variable.
RESOURCE_GROUP=$INFRA_ID-vnet-rg az group create -l eastus2 -n $RESOURCE_GROUP
Note: You can use other naming conventions that are appropriate to your environment. You can also change the region as needed. - To create the resource by using a JSON, run the following
command.
az deployment group create -g $RESOURCE_GROUP --template-file "01_vnet.json" --parameters baseName="$INFRA_ID"
- In a browser window, open the json file, right-click the page and save the
file to your local machine by using the name 01_vnet.json.
- Generate an infrastructure ID.
Next steps
Consider your installation preferences, such as capacity planning and the type of Maximo Application Suite offering that you want. For more information, see Preparing to installing Maximo Application Suite on Microsoft Azure.