Installing the connection layer operator with the Operator Lifecycle Manager console

(Optional) Learn how to install the connection layer operator with the Operator Lifecycle Manager (OLM) console. Each connection layer operator establishes a connection to an additional ObjectServer in your hybrid environment.

Before you begin

First, deploy IBM® Netcool® Operations Insight® on Red Hat® OpenShift® in a hybrid environment. For more information, see Installing. This installation connects an ObjectServer aggregation pair to a Netcool Operations Insight on OpenShift instance.

Before you deploy the connection layer, create two secrets.

  1. Create a secret to enable cloud native components to access your on-premises ObjectServer.
    oc create secret generic release_name-omni-secret --from-literal=OMNIBUS_ROOT_PASSWORD=omni_password --namespace namespace
    Where
    • release_name is the name that you use for your cloud native components deployment in name (OLM UI Form view), or name in the metadata section of the noi.ibm.com_noihybrids_cr.yaml file (YAML view).
    • namespace is the name of the namespace into which you want to install the cloud native components.
    • omni_password is the root password for the on-premises Netcool/OMNIbus that you want to connect to.
  2. Create a secret to enable SSL communication between the OMNIbus component of your on-premises Operations Management installation and the cloud native components. If you do not require an SSL connection, create the secret with blank entries. Complete the following steps to configure authentication:
    1. Configure OMNIbus on your on-premises Operations Management installation to use SSL, if it is not doing so already. To check, run the command oc get secrets -n namespace and check whether the secret release_name-omnicertificate-secret exists. If the secret does not exist and the OMNIbus components are using SSL, the following steps must be completed.
    2. Extract the certificate from your on-premises Operations Management installation.
      $NCHOME/bin/nc_gskcmd -cert -extract -db "key_db" -pw password -label "cert_name" -target "ncomscert.arm"
      Where
      • key_db is the name of the key database file.
      • password is the password to your key database.
      • cert_name is the name of your certificate.
    3. Copy the extracted certificate, ncomscert.arm, over to the infrastructure node of your Red Hat OpenShift Container Platform cluster, or to the node on your cluster where the oc CLI is installed.
    4. Create a secret for the certificate.
      oc create secret generic release_name-omni-certificate-secret --from-leral=PASSWORD=password --from-file=ROOTCA=certificate --namespace namespace --from-literal=INTERMEDIATECA=""
      Where
      • release_name is the name that you use for your cloud native components deployment in name (OLM UI Form view), or name in the metadata section of the noi.ibm.com_noihybrids_cr.yaml file (YAML view).
      • password is a password of your choice.
      • certificate is the path and file name of the certificate that was copied to your cluster in the previous step, ncomscert.arm.
      • namespace is the name of the namespace into which you want to install the cloud native components.
      Note: If the ObjectServer is not named 'AGG_V', which is the default, then you must set the global.hybrid.objectserver.config.ssl.virtualPairName parameter when you configure the installation parameters later. For more information, see Hybrid operator properties.

About this task

Learn about the properties that can be specified for each connection layer:
Table 1. Connection layer properties
Property Description
noiReleaseName Provide the release name to be associated with the ObjectServer properties. The noiReleaseName property is the release name of the hybrid or cloud instance that must be connected with the ObjectServer aggregation pair.
objectServer.backupHost Hostname of the backup ObjectServer.
objectServer.backupPort Port number of the backup ObjectServer.
objectServer.deployPhase This setting determines when the OMNIbus Netcool Operations Insight on OpenShift schema is deployed.
objectServer.primaryHost Hostname of the primary ObjectServer.
objectServer.primaryPort Port number of the primary ObjectServer.
objectServer.sslRootCAName This property is used to specify the common name (CN) name for the certificate authority (CA) certificate.
objectServer.sslVirtualPairName This property is only needed when you set up an SSL connection.
objectServer.username Username for connecting to an on-premises ObjectServer.

The operator has cluster scope permissions. It requires role-based access control (RBAC) authorization at a cluster level because it deploys and modifies Custom Resource Definitions (CRDs) and cluster roles.

Procedure

  1. Log in to the OLM console with a URL of the following format.
    https://console-openshift-console.apps.<master-hostname>/
    Where <master-hostname> is the hostname of the controller node.
  2. To install a connection layer on your cloud architecture, select the Create Instance link under the hybrid or cloud custom resource: NOIConnectionLayer.
  3. Note: Set the objectServer.deployPhase property to install and do not change.
    Use the YAML or Form view and provide the necessary values to install a connection layer. For more information, see Table 1.
  4. Select Create and specify a release name for the connection layer.
  5. Under the All Instances tab, a connection layer instance appears. View the status for updates on the installation. When the instance state shows OK, then the connection layer is fully deployed.

What to do next

Deploy a connection layer for each separate aggregation pair that you want to connect to a single Netcool Operations Insight on OpenShift instance.