Exposing ObjectServer ClusterIP services by using the NodePort service

Learn how to connect to the IBM® Tivoli® Netcool®/OMNIbus ObjectServer failover pair from outside the Netcool Operations Insight® on Red Hat® OpenShift® deployment. Typically, clients such as Netcool/OMNIbus Probes and Gateways require this type of connection to send event data into the Netcool Operations Insight on Red Hat OpenShift deployment.

Before you begin

The ObjectServer service does not support Transport Layer Security (TLS) encryption. If TLS encryption is needed, connect with the proxy service. For more information, see Connecting with the proxy service.

About this task

This task creates extra NodePort services that expose the ObjectServer ClusterIP services outside of the cluster. These extra NodePort services allow external event sources to send data to the ObjectServer.

Procedure

  1. In a terminal session connected to the target cluster. Set the following environment variables to suit your deployment.
    RELEASE_NAME=evtmanager
    PRIMARY_TDS_NODEPORT=30000
    PRIMARY_IDUC_NODEPORT=30001
    BACKUP_TDS_NODEPORT=30002
    BACKUP_IDUC_NODEPORT=30003
    PRIMARY_PROXY_NODEPORT=30004
    BACKUP_PROXY_NODEPORT=30005
    
  2. To define three NodePort services to forward traffic to the primary, backup, and proxy pods, run the following commands.
    cat << EOF | oc create -f –
    apiVersion: v1
    kind: Service
    metadata:
      name: ${RELEASE_NAME}-ncoprimary-nodeport
    spec:
      selector:
        app.kubernetes.io/name: ncoprimary
        app.kubernetes.io/instance: ${RELEASE_NAME}
      type: NodePort
      ports:
        - name: primary-tds-port
          protocol: TCP
          port: 4100
          nodePort: ${PRIMARY_TDS_NODEPORT}
        - name: primary-iduc-port
          protocol: TCP
          port: ${PRIMARY_IDUC_NODEPORT}
          nodePort: ${PRIMARY_IDUC_NODEPORT}
    ---
    apiVersion: v1
    kind: Service
    metadata:
      name: ${RELEASE_NAME}-ncobackup-nodeport
    spec:
      selector:
        app.kubernetes.io/name: ncobackup
        app.kubernetes.io/instance: ${RELEASE_NAME}
      type: NodePort
      ports:
        - name: backup-tds-port
          protocol: TCP
          port: 4100
          nodePort: ${BACKUP_TDS_NODEPORT}
        - name: backup-iduc-port
          protocol: TCP
          port: ${BACKUP_IDUC_NODEPORT}
          nodePort: ${BACKUP_IDUC_NODEPORT}
    ---
    apiVersion: v1
    kind: Service
    metadata:
      annotations:
        service.alpha.openshift.io/serving-cert-secret-name: ${RELEASE_NAME}-proxy-tls-secret
      name: ${RELEASE_NAME}-proxy-nodeport
    spec:
      selector:
        app.kubernetes.io/name: proxy
        app.kubernetes.io/instance: ${RELEASE_NAME}
      type: NodePort
      ports:
        - name: aggp-proxy-port
          protocol: TCP
          port: 6001
          nodePort: ${PRIMARY_PROXY_NODEPORT}
        - name: aggb-proxy-port
          protocol: TCP
          port: 6002
          nodePort: ${BACKUP_PROXY_NODEPORT}
    EOF
    
  3. To patch the primary and backup ObjectServer statefulsets with the NodePort service detail, run the following commands.
    oc set env sts/${RELEASE_NAME}-ncoprimary NCO_IDUC_LISTENING_HOSTNAME=${RELEASE_NAME}-ncoprimary-nodeport
    oc set env sts/${RELEASE_NAME}-ncoprimary NCO_IDUC_LISTENING_PORT=${PRIMARY_IDUC_NODEPORT}
    oc set env sts/${RELEASE_NAME}-ncobackup -c ncobackup-agg-b NCO_IDUC_LISTENING_HOSTNAME=${RELEASE_NAME}-ncobackup-nodeport
    oc set env sts/${RELEASE_NAME}-ncobackup -c ncobackup-agg-b NCO_IDUC_LISTENING_PORT=${BACKUP_IDUC_NODEPORT}