Cloud operator properties

Learn about the operator properties for your pure Cloud-based IBM Netcool Operations Insight® installation.

The following table presents the properties in alphabetical order. Where no value is given for the default, the default for that operator in the YAML file is empty.

Note: Ensure that you use the correct format when you insert the storage sizes. The correct format is, for example, 100Gi. Invalid characters or incorrect syntax for the parameters is not allowed.
Table 1. Installation properties
Property Description Default
spec.advanced.antiAffinity To prevent primary and backup server pods from being installed on the same worker node, set this option to true. When enabled, anti-affinity is configured for affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution. false
spec.advanced.imagePullPolicy The default pull policy is IfNotPresent, which skips pulling an image that exists. IfNotPresent
spec.advanced.imagePullRepository Docker registry that all component images are pulled from. Defaults to the IBM Entitled Registry, cp.icr.io
Note: Trailing forward slash in the Image Pull Repository parameters causes datalayer not to deploy. A blockage occurs in the installation process because the datalayer pod fails due to the invalid image name. To fix the issue, uninstall and reinstall without the trailing forward slash.
cp.icr.io/cp/noi
spec.backupRestore.enableAnalyticsBackups Enables backups.

Cloud: This parameter must be set to false for a full cloud deployment of IBM® Netcool® Operations Insight on OpenShift®.

Hybrid: This parameter must be set to true for a hybrid deployment.

If set to true, the cron job that does the backups is activated.

 
spec.clusterDomain Use the fully qualified domain name (FQDN) to formulate the clusterDomain property, by using the following formula:
apps.clustername.*.*.com.
Note: The apps prefix must be included in the FQDN. For more information, see the Red Hat® OpenShift documentation: User-provisioned DNS requirements external icon
 
spec.deploymentType Deployment type (trial or production). trial
spec.entitlementSecret Entitlement secret to pull images.  
global.networkpolicies.enabled
Draft comment: deirdrel@ie.ibm.com
Is this still applicable?
Set this property to false if you want to omit the network policies from the installation. true
spec.helmValuesNOI.global.nonArbitraryToArbitraryUserUpgradeMode.enabled Enables upgrade mode.  
spec.helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.backupDestination.hostname Optional: The destination hostname of the machine where the backups are copied to.
Note: Valid for primary deployment only.
false
spec.helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.backupDestination.username

Optional: The username on the destination hostname that does the secure copy.

Note: Valid for primary deployment only.
false
spec.helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.backupDestination.directory Optional: The directory on the destination hostname that receives the backups.
Note: Valid for primary deployment only.
false
spec.helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.backupDestination.secretName

Optional: The Kubernetes secret name, which contains the private ssh key that is used to do the secure copy. The secret key privatekey must be used to store the ssh private key.

Note: Valid for primary deployment only.

If you want to use secure copy, set this property before you install Netcool Operations Insight.

false
spec.helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.schedule Optional: It is the Cron schedule format that is used to determine how often the backups are taken. See Launch out icon https://en.wikipedia.org/wiki/Cron for more details on this used approach for running scheduled runs.
Note: Valid for primary deployment only.

Every 3 minutes.

spec.helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.claimName
Optional: The PVC claim name that is used to store the backups. An empty value implies no use of Kubernetes persistent storage.
Note: Valid for primary deployment only.

This property must be specified before the NOI deployment if Kubernetes persistent storage is needed.

false
spec.helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.maxbackups Optional: The maximum number of historic policy backups to keep on the persistent volume to preserve storage space.
Note: Valid for primary deployment only.
10
spec.helmValuesNOI.nciserver.importNCICACerts.enabled Enables SSL communications from IBM Tivoli® Netcool/Impact. For more information, see Enabling SSL communications from Netcool/Impact on Red Hat OpenShift and Netcool/Impact core server config configmap.  
spec.helmValuesNOI.nciserver.impactcore.instancesNamePrefix Customizes IBM Tivoli Netcool/Impact instance name: <your instance name>  
spec.helmValuesNOI.global.cassandra.clientEncryption Enables TLS for Cassandra client communication. False
spec.helmValuesNOI.cassandra.requireClientAuth This property is deprecated. Enables mutual TLS (mTLS). To enable mTLS, the enableMTLS property is also needed. False
spec.helmValuesNOI.cassandra.enableMTLS This property is deprecated. Enables mTLS. To enable mTLS, the requireClientAuth property is also needed. False
spec.helmValuesNOI.ibm-hdm-analytics-dev.cassandra.internodeEncryption This property is deprecated. Enables mTLS for Cassandra internode and inter-cluster communication. The values can be either dc (within a data center), all, or none. None
spec.integrations.humio.repository Internal repository for Humio data.  
spec.integrations.humio.url URL of the Humio server. Set the value of this property to a URL to enable the Search Humio event action.  
spec.ldap.baseDN Configure the LDAP base entry by specifying the base distinguished name (DN).
Note: If the value contains spaces, enclose the value in single quotation marks (').
dc=mycluster,dc=icp
spec.ldap.bindDN Configure LDAP bind user identity by specifying the bind distinguished name (bind DN).
Note: If the value contains spaces, enclose the value in single quotation marks (').
cn=admin,dc=mycluster,dc=icp
spec.ldap.groupFilter Set LDAP group filter.
Note: If the value contains spaces, enclose the value in single quotation marks (').
uid=%s,ou=groups
spec.ldap.mode Choose (stand-alone) for a built-in LDAP server or (proxy) and connect to an external organization LDAP server.
Note: Set LDAP properties as follows:
  • If you set ldap mode: standalone (internal LDAP), then use the default LDAP parameter values as listed in this table, otherwise the installation fails.
  • If you set ldap mode: proxy, then ensure that you set the correct LDAP values for your external LDAP service. Mandatory LDAP Organization Units, Users, and Groups entries must be created in the target LDAP server. For more information, see Creating users on an external LDAP server.
standalone
spec.ldap.port Configure the port of your organization's LDAP server. If you need LDAP users that are created in the ObjectServers, set the LDAP port to 389 and set the sslPort to 636. For more information, see Pod fails to connect to LDAP. 389
spec.ldap.serverType Set LDAP server type. (Default: "CUSTOM")

Alternatively, you can choose one of the following LDAP server types:

  • AD for Microsoft Active Directory
  • ADAM for Microsoft Active Directory Lightweight Directory Services
  • DOMINO for IBM Lotus Domino
  • IDS for IBMTivoli Directory Server
  • ZOSDS for IBMTivoli Directory Server for z/OS
  • NDS for Novell eDirectory
  • SUNONE for Oracle Directory Server or Sun ONE Directory Server
spec.ldap.sslPort Configure the SSL port of your organization's LDAP server. If you need LDAP users that are created in the ObjectServers, set the LDAP port to 389 and set the sslPort to 636. For more information, see Pod fails to connect to LDAP. 636
spec.ldap.storageClass LDAP storage class. Update this value to a valid storage class.  
spec.ldap.storageSize LDAP storage size. 1 Gi
spec.ldap.suffix Configure the high-level entry in the LDAP directory information tree (DIT). dc=mycluster,dc=icp
spec.ldap.url Configure the URL of your organization's LDAP server. ldap://localhost:389
spec.ldap.userFilter Set LDAP user filter.
Note: If the value contains spaces, enclose the value in single quotation marks (').
uid=%s,ou=users
spec.license.accept Agreement to license. false
metadata.name
Draft comment: deirdrel@ie.ibm.com
Is this still applicable?
The release name, for example, evtmanager.  
spec.persistence.enabled Enable persistence storage.
Note: Persistence must be enabled. Set persistence.enabled to true in the custom resource.
false
spec.persistence.storageClassCassandraBackup CassandraBackup storage class.  
spec.persistence.storageClassCassandraData CassandraData storage class.  
spec.persistence.storageClassCouchdb Couchdb storage class.  
spec.persistence.storageClassElastic ElasticSearch storage class.  
spec.persistence.storageClassImpactGUI ImpactGUI storage class.  
spec.persistence.storageClassImpactServer ImpactServer storage class.  
spec.persistence.storageClassKafka Kafka storage class.  
spec.persistence.storageClassMinio MinIO storage class.  
spec.persistence.storageClassNCOBackup NCOBackup storage class.  
spec.persistence.storageClassNCOPrimary NCOPrimary storage class.  
spec.persistence.storageClassPostgresql Postgresql storage class.  
spec.persistencestorageClassPostgresqlWal PostgresqlWal storage class.  
spec.persistence.storageClassZookeeper Zookeeper storage class.  
spec.persistence.storageSizeCassandraBackup CassandraBackup storage size. 50 Gi
spec.persistence.storageSizeCassandraData CassandraData storage size. 50 Gi
spec.persistence.storageSizeCouchdb Couchdb storage size. 5 Gi
spec.persistence.storageSizeElastic ElasticSearch storage size.  
spec.persistence.storageSizeImpactGUI ImpactGUI storage size. 5 Gi
spec.persistence.storageSizeImpactServer ImpactServer storage size. 5 Gi
spec.persistence.storageSizeKafka Kafka storage size. 50 Gi
spec.persistence.storageSizeMinio MinIO storage size.  
spec.persistence.storageSizeNCOBackup NCOBackup storage size. 5 Gi
spec.persistence.storageSizeNCOPrimary NCOPrimary storage size. 5 Gi
spec.persistence.storageSizePostgresql Postgresql storage size. 100 Gi
spec.persistence.storageSizePostgresqlWal PostgresqlWal storage size. 100 Gi
spec.persistence.storageSizeZookeeper Zookeeper storage size. 5 Gi
spec.serviceContinuity.continuousAnalyticsCorrelation Enables continuous service.

Cloud: This parameter must be set to false for a full cloud deployment of IBM Netcool Operations Insight on OpenShift.

Hybrid: This parameter must be set to true for a hybrid deployment when the isBackupDeployment parameter is set to false.

false
spec.serviceContinuity.isBackupDeployment Enables continuous service.

If geoRedundancy.deploymentType is set to backup, the isBackupDeployment parameter is automatically set to true.

Determines the deployment state of the coordinator service. When set to true it enables coordinator service as backup deployment while set to false, it enables the primary deployment of the coordinator service.

Cloud: This parameter must be set to false for a full cloud deployment of IBM Netcool Operations Insight on OpenShift.

false
spec.topology.aaionap Enables the Open Network Automation Platform (ONAP) Active and Available Inventory (AAI) service. For more information, see Configuring the ONAP AAI service.  
spec.topology.appDisco.db2database Name of Db2 instance. Default value: taddm  
spec.topology.appDisco.db2archuser Name of database archive user. Default value: archuser  
spec.topology.appDisco.dbport Post of Db2 server. Default value: 50000  
spec.topology.appDisco.db2user Name of database user. Default value: db2inst1  
spec.topology.appDisco.scaleSSS Value must be greater than 0. Default value: 1  
spec.topology.appDisco.scaleDS Value must be greater than 0. Default value: 1  
spec.topology.appDisco.enabled Enable Application Discovery services and its observer. false
spec.topology.appDisco.dburl Db2 Host URL for Application Discovery.  
spec.topology.appDisco.dbsecret Db2 secret for Application Discovery.  
spec.topology.appDisco.secure Enable secure connection to Db2 Host URL for Application Discovery. false
spec.topology.appDisco.certSecret This secret must contain the Db2 certificate by the name tls.crt Applicable only if the property name is secure.  
spec.topology.appDisco.tlsSecret The TLS secret.  
spec.topology.iafCartridgeRequirementsName Do not edit this parameter.  
spec.topology.netDisco Enable Network Discovery services and its observer. false
spec.topology.observers.alm Enable ALM observer. false
spec.topology.observers.ansibleawx Enable Ansible® AWX observer. false
spec.topology.observers.appdynamics Enable AppDynamics observer. false
spec.topology.observers.aws Enable AWS observer. false
spec.topology.observers.azure Enable Azure observer. false
spec.topology.observers.bigcloudfabric Enable Big Cloud Fabric observer.  
spec.topology.observers.bigfixinventory Enable BigFix Inventory observer. false
spec.topology.observers.cienablueplanet Enable Ciena Blue Planet observer. false
spec.topology.observers.ciscoaci Enable Cisco ACI observer. false
spec.topology.observers.contrail Enable Contrail observer. false
spec.topology.observers.datadog   false
spec.topology.observers.dns Enable DNS observer. false
spec.topology.observers.docker Enable Docker observer. false
spec.topology.observers.dynatrace Enable Dynatrace observer. false
spec.topology.observers.file Enable File observer. false
spec.topology.observers.gitlab Enable GitLab observer.  
spec.topology.observers.googlecloud Enable Google Cloud observer. false
spec.topology.observers.hpnfvd Enable HP NFVD observer.  
spec.topology.observers.ibmcloud Enable IBM Cloud observer. false
spec.topology.observers.itnm Enable IBM Tivoli Network Manager observer. false
spec.topology.observers.jenkins Enable Jenkins observer. false
spec.topology.observers.junipercso Enable Junipercso observer. false
spec.topology.observers.kubernetes Enable Kubernetes observer. false
spec.topology.observers.newrelic Enable Newrelic observer. false
spec.topology.observers.openstack Enable Openstack observer. false
spec.topology.observers.rancher Enable Rancher observer. false
spec.topology.observers.rest Enable REST observer. false
spec.topology.observers.sdconap Enable SDC ONAP observer.  
spec.topology.observers.servicenow Enable Servicenow observer. false
spec.topology.observers.sevone Enable SevOne observer.  
spec.topology.observers.taddm Enable Tivoli Application Dependency Discovery Manager observer. false
spec.topology.observers.viptela Enable Viptela observer.  
spec.topology.observers.vmvcenter Enable VMware vCenter observer. false
spec.topology.observers.vmwarensx Enable VMware NSX observer. false
spec.topology.observers.zabbix Enable Zabbix observer. false
spec.topology.storageClassFileObserver FileObserver storage class. Production only.  
spec.topology.storageSizeFileObserver FileObserver storage size. Production only. 5 Gi
spec.topology.storageSizeSdconapObserver SDC ONAP storage size. Production only. 5 Gi
spec.version Version. 1.6.13
Table 2. PostgreSQL properties
Property Description
postgresql.backupRestore.enableAnalyticsBackups Enables analytics backups.
spec.postgresql.backups.data The following settings refer to the actual data in the database and not the Write-Ahead Logging (WAL) files:
  • Use default to use the bucket default encryption. Options are default, AES256, or aws:kms. The bucket must support the encryption mode. If you're unsure, use default.
  • The compression options are none, gzip, bzip2, or snappy. Each option has different implications for speed and size.
  • The jobs property indicates the number of jobs to use when backing up the Postgres data. This property has bandwidth implications.
  • Use the encryption property to use encryption.
spec.postgresql.backups.destinationPath Example: "s3://ceph-bkt-18d99a17-38ee-4798-accb-a39077bd1abd"

This property is the S3 bucket name. If you use the Backing up and restoring for EDB Postgres guide, it is the value of the BUCKET_NAME variable.

spec.postgresql.backups.enabled false

Enable or disable backups.

spec.postgresql.backups.endpointCA.enabled false

Set this property to true to use a custom certificate authority (CA) certificate.

spec.postgresql.backups.endpointCA.keyName Key name within the endpoint CA secret.
spec.postgresql.backups.endpointCA.name This property is the name of the custom CA certificate secret.
spec.postgresql.backups.endpointURL Example: "http://worker0.destrayer.cp.xyz.com:32252"

This property is the endpoint URL. If you use the Backing up and restoring for EDB Postgres guide, it is the URL of one of the workers of the cluster that has the S3 bucket hosted on it followed by the external port that is defined in the node port service.

spec.postgresql.backups.onetimeBackup.enabled true

Enable the taking of a one-time backup. You need to manually clean these properties up when you uninstall.

spec.postgresql.backups.retentionPolicy Example: "12m"

This property indicates how long to store backups.

spec.postgresql.backups.scheduledBackup.backupOwnerReference "none"

Use this property for the OwnerReference value for the derivative backup custom resources (CRs) that are created from this ScheduledBackup CR.

  • If the property is set to "none", no OwnerReference is used, and you need to manually delete the derivative backup CRs when you uninstall Netcool Operations Insight.
  • If the property is set to "self", the OwnerReference for the Backup CRs is the ScheduledBackup CR. When one ScheduledBackup CR is deleted, all derivative Backup CRs are automatically deleted.
  • If the property is set to "cluster", the OwnerReference for the Backup CRs is the Cluster CR. If the Cluster CR is deleted, such as when the Netcool Operations Insight CR is deleted, the Backup CRs are automatically deleted.
spec.postgresql.backups.scheduledBackup.enabled false

Set this property to determine whether to enable taking scheduled backups.

spec.postgresql.backups.scheduledBackup.immediate true

Set this property to determine whether to start taking backups immediately.

spec.postgresql.backups.scheduledBackup.schedule "0 0 0 * * *"

This property indicates the schedule for backups. It uses the same syntax as Kubernetes job schedules.

spec.postgresql.backups.scheduledBackup.suspend false

Set this property to determine whether to suspend the taking of scheduled backups.

Set this property to true if you want to pause the taking of backups.

spec.postgresql.backups.serverName Example: "restoredCluster"

This property is the folder name where the backups from the cluster go.

If you are bootstrapping from an existing backup, the value that is provided must be distinct from the value that is provided for the spec.postgresql.bootstrap.clusterName property. A common convention is to use "restoredCluster" if you are bootstrapping a new cluster from a backup. The new backups from that bootstrapped cluster go into the "restoredCluster" directory in your S3 bucket.

If you are not bootstrapping a cluster from an existing backup, meaning if you are creating a new Netcool Operations Insight installation or upgrading to version 1.6.13 for the first time, use the "evtmanager-noi-postgres-cluster" value.

spec.postgresql.backups.s3credentials.keyNameAccessKeyID "AWS_ACCESS_KEY_ID"

This property is the name of the key in the secret that has a value that matches the access ID key.

spec.postgresql.backups.s3credentials.keyNameAccessSecretKey "AWS_SECRET_ACCESS_KEY"

This property is the name of the key in the secret with a value of the access secret key.

spec.postgresql.backups.s3credentials.keyNameAccessSessionToken ""

This property is optional and matches the name of the key in the secret with a value of the access session token.

spec.postgresql.backups.s3credentials.secretName Example: "ceph-bucket"

This property is the name of the secret that contains the relevant S3 credentials key.

spec.postgresql.backups.wal.compression "none"

Options are none, gzip, bzip2, or snappy.

Each option has implications for speed and size.

spec.postgresql.backups.wal.encryption "default"

Use the bucket default encryption with this property. Options are default, AES256, or aws:kms. The bucket must support the encryption mode. If you are unsure, use "default".

spec.postgresql.backups.wal.walMaxParallel 1

Set this property to the number of jobs to use when backing up the WAL. This property has bandwidth implications.

spec.postgresql.bootstrap.clusterName "evtmanager-noi-postgres-cluster"

This property is the name of the cluster to bootstrap from. The cluster must include an existing backup that is located in your destinationPath property. For example, if you had a previously running cluster that successfully took backups before, the value to provide for this property is what you originally provided in spec.postgresql.backups.serverName.

spec.postgresql.bootstrap.destinationPath

Example: "s3://ceph-bkt-18d99a17-38ee-4798-accb-a39077bd1abd"

This property follows the "s3://${BUCKET_NAME}" format.

spec.postgresql.bootstrap.enabled false

Use this property to determine whether to bootstrap a new cluster from a preexisting backup.

spec.postgresql.bootstrap.endpointCA.enabled Bootstrap endpoint certificate authority (CA) enabled.
spec.postgresql.bootstrap.endpointCA.keyName Key name within the bootstrap endpoint CA secret.
spec.postgresql.bootstrap.endpointCA.name Name of bootstrap endpoint CA secret.
spec.postgresql.bootstrap.endpointURL Example: "http://worker0.destrayer.cp.xyz.com:32252"

This example property uses node port.

spec.postgresql.bootstrap.s3Credentials.keyNameAccessKeyID "AWS_ACCESS_KEY_ID"

This property is the name of the key in the secret with a value that matches the access key ID.

spec.postgresql.bootstrap.s3Credentials.keyNameAccessSecretKey "AWS_SECRET_ACCESS_KEY"

This property is the name of the key in the secret with a value that matches the access secret key.

spec.postgresql.bootstrap.s3Credentials.keyNameAccessSessionToken This optional property is the name of the key in the secret with a value that matches the access session token.
spec.postgresql.bootstrap.s3Credentials.secretName "ceph-bucket"

This property is the name of the secret that contains the relevant S3 credentials.

spec.postgresql.bootstrap.wal.compression "none"

Options are none, gzip, bzip2, or snappy.

Each option has implications for speed and size.

spec.postgresql.bootstrap.wal.encryption "default"

Use the bucket default encryption. Options are default, AES256, or aws:kms.

spec.postgresql.bootstrap.wal.walMaxParallel 1

This property indicates the number of jobs to use when bootstrapping the cluster. This property has bandwidth implications.

spec.postgresql.edbPostgresImage
cp.icr.io/cp/cpd/postgresql:13.12-3.4-postgis-2-multilang-amd64@sha256:f102e363fc630c1b0a5630a563500773e68f96cd7721faf4d44fbb86db6d29f6

Image. Do not modify or provide this property unless instructed by IBM Technical Support.

spec.postgresql.edbPostgresLicenseImage
cp.icr.io/cp/cpd/edb-postgres-license-provider:1258-amd64@sha256:df813a51836e4f1c4e4aa6f141110c36bb2414f4f66068caecec0c12ee9ec19d

License image. Do not modify or provide this property unless instructed by IBM Technical Support.

spec.postgresql.edbPostgresSubscriptionName
cloud-native-postgresql
This property is the name of the edb-postgres subscription.
  • If you install with the dashboard or IBM Cloud® catalog, this property is cloud-native-postgresql.
  • If you install with the case bundle, this property is cloud-native-postgresql-catalog-subscription.
It is necessary to provide this key and value pair only if you are installing Netcool Operations Insight with the dashboard or if you are manually creating the catalog source and subscription for Netcool Operations Insight or EnterpriseDB (EDB) Postgres.
spec.postgresql.serviceContinuity.continuousAnalyticsCorrelation false

Enables continuous service.

spec.postgresql.serviceContinuity.isBackupDeployment false

Enables continuous service.