Connecting on-premises probes and gateways to IBM Netcool Operations Insight on Red Hat® OpenShift

Learn how to configure on-premises integrations.

Connecting on-premise probes

  1. The probe will make a connection to the TLS proxy of the Netcool® Operations Insight® on OpenShift®.
  2. Get details of the proxy port connection and its secret on Netcool Operations Insight on OpenShift.
    oc get service | grep proxy
       evtmanager-proxy             NodePort       172.30.44.167    <none>    6001:30455/TCP,6002:31823/TCP    
    
    oc get secret | grep proxy
    evtmanager-proxy-tls-secret     kubernetes.io/tls                     2      15
    

    In the example, the NodePort for the primary ObjectServer is 30455 and the NodePort for the backup ObjectServer is 31823.

  3. Import the proxy tls secret to omni.kdb at the on-premise server.
    kubectl get secrets evtmanager-proxy-tls-secret -o yaml -n cp4aiops | egrep "tls.crt:" | awk '{print $2}' | base64 --decode  > emproxy.cem
    $NCHOME/bin/nc_gskcmd -keydb -create -db "$NCHOME/etc/security/keys/omni.kdb" -pw password -stash -expire 366
    $NCHOME/bin/nc_gskcmd -cert -add -file emproxy.cem -db $NCHOME/etc/security/keys/omni.kdb -stashed
    $NCHOME/bin/nc_gskcmd -cert -list -db $NCHOME/etc/security/keys/omni.kdb -pw password
    
  4. Edit $NCHOME/etc/omni.dat and add the proxy services.

    For example proxyport from Step 2.

    [AGG_P]
    {
        Primary:       evtmanager-proxy.cp4aiops.svc ssl proxyport
    }
    
  5. Edit /etc/hosts and add the proxy service details.

    IP address : Cluster controller node IP address.

    9.30.138.122 evtmanager-proxy.cp4aiops.svc
    
  6. Configure the probe to connect to the servers set up in the previous step.

Connecting on-premise gateways

  1. The gateway will make a connection to the TLS proxy of the Netcool Operations Insight on OpenShift.
  2. Get details of the proxy port connection and its secret on Netcool Operations Insight on OpenShift.
    oc get service | grep proxy
       evtmanager-proxy             NodePort       172.30.44.167    <none>   6001:30455/TCP,6002:31823/TCP    
       
    oc get secret | grep proxy
    evtmanager-proxy-tls-secret                                       kubernetes.io/tls                     2      15
    
  3. Import the proxy tls secret to omni.kdb at on premise server.
    kubectl get secrets evtmanager-proxy-tls-secret -o yaml -n cp4aiops | egrep "tls.crt:" | awk '{print $2}' | base64 --decode  > emproxy.cem
    $NCHOME/bin/nc_gskcmd -keydb -create -db "$NCHOME/etc/security/keys/omni.kdb" -pw password -stash -expire 366
    $NCHOME/bin/nc_gskcmd -cert -add -file emproxy.cem -db $NCHOME/etc/security/keys/omni.kdb -stashed
    $NCHOME/bin/nc_gskcmd -cert -list -db $NCHOME/etc/security/keys/omni.kdb -pw password
    
  4. Edit $NCHOME/etc/omni.dat and add the proxy services.

    For example proxyport from Step 2.

    [AGG_P]
    {
        Primary:       evtmanager-proxy.cp4aiops.svc ssl proxyport
    }
    
  5. Edit /etc/hosts and add the proxy service details. Three entries are required for the gateway connection to work; IP address of the Netcool Operations Insight on OpenShift cluster, svc name, and nodeport service name.

    oc get services | grep evtmanager
    
    Nodeport:
    evtmanager-objserv-agg-primary-nodeport                          NodePort       172.30.164.99    <none>                                                         
    4100:31933/TCP,30102:30102/TCP                          30h
    
    

    /etc/hosts:

    9.30.138.122 evtmanager-proxy.cp4aiops.svc evtmanager-objserv-agg-primary-nodeport
    
    Note: The evtmanager-objserv-agg-primary-nodeport hostname is required for IDUC connection by the gateway.
  6. Configure the gateway to connect to the servers set up in the previous step.