Hybrid operator properties

This topic lists the operator properties that can be configured for your hybrid installation. The first table lists the installation properties that are required specifically for a hybrid installation, while the second table lists the properties that are common to both a Cloud and a Hybrid installation.

The following tables present the properties in alphabetical order. Where no value is given for the default, this means that the default for that operator in the YAML file is empty.

Installation properties required specifically for a hybrid installation

The following table lists the installation properties that are required specifically for a hybrid installation.

Note: Ensure you use the correct format when inserting the storage sizes. The correct format is, for example, "100Gi". Invalid characters or incorrect syntax for the parameters are not allowed.
Table 1. Installation properties required specifically for a hybrid installation
Property Description Default
backupRestore.enableAnalyticsBackups

Cloud: This parameter must be set to false for a full cloud deployment of IBM® Netcool® Operations Insight® on OpenShift®.

Hybrid: This parameter must be set to true for a hybrid deployment.

If set to true, the cronjob that does the backups is activated.

false
dash.crossRegionUrls Cross region URLs. []
dash.trustedCAConfigMapName Config map containing CA certificates to be trusted  
dash.url

URL of the DASH server, for example, 'protocol://fully.qualified.domain.name:port'.

High availability icon For load balanced environments, use the URL of the load balancer.

 
dash.username Username for connecting to on-premise DASH.  
helmValuesNOI.ibm-ea-dr-coordinator-service.coordinatorSettings.backupDeploymentSettings.proxyURLs

Proxy URLs by comma separation. Required on the backup cluster (optional on primary) if you want to activate the Disaster Recovery (DR) service. For more information, see HAProxy configuration.

 
helmValuesNOI.ibm-ea-dr-coordinator-service.coordinatorSettings.backupDeploymentSettings.proxySSLCheck

To enable and disable SSL, check for the connection with primary deployment.

Note: Valid for backup deployment only.

false
helmValuesNOI.ibm-ea-dr-coordinator-service.coordinatorSettings.backupDeploymentSettings.proxyCertificateConfigMap

A name of configmap with root certificates for proxies.

Note: Valid for backup deployment only.

false
helmValuesNOI.ibm-ea-dr-coordinator-service.coordinatorSettings.backupDeploymentSettings.numberOfProxyConnectionCheck

Numbers of check for primary availability need to be done before backup to take charge as acting primary.

Note: Valid for backup deployment only.

10
helmValuesNOI.ibm-ea-dr-coordinator-service.coordinatorSettings.backupDeploymentSettings.intervalBetweenRetry

Interval between each check to primary availability. The value is in milliseconds.

Note: Valid for backup deployment only.

1000
helmValuesNOI.ibm-ea-dr-coordinator-service.coordinatorSettings.logLevel Log level for coordinator service. DEBUG
objectServer.backupHost Hostname of the backup ObjectServer.  
objectServer.backupPort Port number of the backup ObjectServer. 4100
objectServer.deployPhase This setting determines when the OMNIbus CNEA schema is deployed. install
objectServer.primaryHost Hostname of the primary ObjectServer.  
objectServer.primaryPort Port number of the primary ObjectServer. 4100
objectServer.sslRootCAName This is used to specify the CN name for the CA certificate  
objectServer.sslVirtualPairName Only needed when setting up an SSL connection to the ObjectServer pair  
objectServer.username Username for connecting to the on-premises ObjectServer. root
objectServer.collectionLayer.collectionBackupHost
Draft comment: DEIRDRELAWTON
asm-tracking #4008 and #4199
Optional: Hostname of the backup host for connecting to the collection layer of the on-premises ObjectServer. Currently only applies to the topology analytics probe.  
objectServer.collectionLayer.collectionBackupPort
Draft comment: DEIRDRELAWTON
asm-tracking #4008 and #4199
Optional: Port for backup host for connecting to the collection layer of the on-premises ObjectServer. Currently only applies to the topology analytics probe.  
objectServer.collectionLayer.collectionDeployPhase
Draft comment: DEIRDRELAWTON
asm-tracking #4008 and #4199
Optional: Deploy phase for connecting to the collection layer of the on-premises ObjectServer. Currently only applies to the topology analytics probe.
Note: If you set the objectServer.collectionLayer.collectionUsername value to connect to a non-root user, you must set the objectServer.collectionLayer.collectionDeployPhase value to none and pre-configure the ObjectServer schema. For more information, see Configuring the probe and gateway for a hybrid system.
 
objectServer.collectionLayer.collectionPrimaryHost
Draft comment: DEIRDRELAWTON
asm-tracking #4008 and #4199
Optional: Hostname of the primary host for connecting to the collection layer of the on-premises ObjectServer. Currently only applies to the topology analytics probe.  
objectServer.collectionLayer.collectionPrimaryPort
Draft comment: DEIRDRELAWTON
asm-tracking #4008 and #4199
Optional: Port of the primary host for connecting to the collection layer of the on-premises ObjectServer. Currently only applies to the topology analytics probe.  
objectServer.collectionLayer.collectionSslRootCAName
Draft comment: DEIRDRELAWTON
asm-tracking #4008 and #4199
Optional: This parameter is used to specify the CN name for the CA certificate. Currently only applies to the topology analytics probe.  
objectServer.collectionLayer.collectionSslVirtualPairName
Draft comment: DEIRDRELAWTON
asm-tracking #4008 and #4199
Optional: This parameter is only needed when setting up an SSL connection to the ObjectServer pair. Currently only applies to the topology analytics probe.  
objectServer.collectionLayer.collectionUsername
Draft comment: DEIRDRELAWTON
asm-tracking #4008 and #4199
Optional: User name for connecting to the collection layer of the on-premises ObjectServer. Currently only applies to the topology analytics probe.
Note: If you set the objectServer.collectionLayer.collectionUsername value to connect to a non-root user, you must set the objectServer.collectionLayer.collectionDeployPhase value to none and pre-configure the ObjectServer schema. For more information, see Configuring the probe and gateway for a hybrid system.
 
serviceContinuity.continuousAnalyticsCorrelation

Cloud: This parameter must be set to false for a full cloud deployment of IBM Netcool Operations Insight on OpenShift.

Hybrid: This parameter must be set to true for a hybrid deployment when the isBackupDeployment parameter is set to false. Set this parameter to true only if using a hybrid deployment with geo-redundancy.

false
serviceContinuity.isBackupDeployment

If geoRedundancy.deploymentType is set to backup, the isBackupDeployment parameter is automatically set to true.

Determines the deployment state of the coordinator service. When set to true it enables coordinator service as backup deployment while set to false, it enables the primary deployment of the coordinator service.

Cloud: This parameter must be set to false for a full cloud deployment of IBM Netcool Operations Insight on OpenShift.

false
webgui.url URL of the Web GUI server, for example:
protocol://fully.qualified.domain.name:port/path/to/console/webtop
Note: Ensure that /webtop is included at the end of the Web GUI server URL.

High availability icon For load balanced environments, use the load balancer host and port.

Draft comment: DEIRDRELAWTON
Sept 2020 #6893
 

Installation properties common to both a Cloud and a Hybrid installation

The following table lists the properties that are common to both a Cloud and a Hybrid installation.
Table 2. Installation properties
Property Description Default
advanced.antiAffinity To prevent primary and backup server pods from being installed on the same worker node, set this option to true. When enabled, anti-affinity is configured for affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution. false
advanced.imagePullPolicy The default pull policy is IfNotPresent, which causes the kubelet to skip pulling an image that already exists. IfNotPresent
advanced.imagePullRepository Docker registry that all component images are pulled from. Defaults to the IBM Entitled Registry, cp.icr.io
Note: Trailing forward slash in the Image Pull Repository parameters causes datalayer not to deploy. A blockage occurs in the installation process because the datalayer pod fails due to the invalid image name. To fix the issue, you have to uninstall and reinstall without the trailing forward slash.
cp.icr.io/cp/noi
clusterDomain Use the fully qualified domain name (FQDN) to formulate the clusterDomain property, using the following formula:
apps.clustername.*.*.com.
 
deploymentType Deployment type (trial or production). trial
entitlementSecret Entitlement secret to pull images.  
global.networkpolicies.enabled Set this property to false if you want to omit the network policies from the installation. true
global.service.nodePort.enable Enables nodePort communication. For more information, see Configuring ObjectServer and proxy service types.  
helmValuesASM.asm.aaionap.enabled Enables the Open Network Automation Platform (ONAP) Active and Available Inventory (AAI) service. For more information, see Configuring the ONAP AAI service.  
helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.backupDestination.hostname Optional: The destination hostname of the machine where the backups are copied to.
Note: Valid for primary deployment only.
false
helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.backupDestination.username

Optional: The username on the destination hostname that does the SCP copy.

Note: Valid for primary deployment only.
false
helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.backupDestination.directory Optional: The directory on the destination hostname that receives the backups.
Note: Valid for primary deployment only.
false
helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.backupDestination.secretName

Optional: The Kubernetes secret name, which contains the private ssh key that is used to do the SCP. The secret key privatekey must be used to store the ssh private key.

Note: Valid for primary deployment only.

If you want to use SCP, set this property before installing Netcool Operations Insight.

false
helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.schedule Optional: It is the Cron schedule format that is used to determine how often the backups are taken. See Launch out icon https://en.wikipedia.org/wiki/Cron for more details on this used approach for running scheduled runs.
Note: Valid for primary deployment only.

Every 3 minutes

helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.claimName
Optional: The PVC claim name that is used to store the backups. An empty value implies no use of Kubernetes persistent storage.
Note: Valid for primary deployment only.

This property must be specified before the NOI deployment if Kubernetes persistent storage is required.

false
helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.maxbackups Optional: The maximum number of historic policy backups to keep on the persistent volume to preserve storage space.
Note: Valid for primary deployment only.
10
helmValuesNOI.nciserver.importNCICACerts.enabled Enables SSL communications from IBM Tivoli Netcool/Impact. For more information, see Enabling SSL communications from Netcool/Impact on Red Hat OpenShift and Netcool/Impact core server configmap.  
helmValuesNOI.global.cassandra.clientEncryption Enables TLS for Cassandra client communication. False
helmValuesNOI.cassandra.requireClientAuth Enables mutual TLS (mTLS). To enable mTLS, the enableMTLS property is also required. False
helmValuesNOI.cassandra.enableMTLS Enables mTLS. To enable mTLS, the requireClientAuth property is also required. False
helmValuesNOI.ibm-hdm-analytics-dev.cassandra.internodeEncryption Enables mTLS for Cassandra internode and inter-cluster communication. The values can be either dc (within a data center), all, or none. None
integrations.humio.repository Internal repository for Humio data.  
integrations.humio.url URL of the Humio server. Set the value of this property to a URL in order to enable the Search Humio event action.  
ldap.baseDN Configure the LDAP base entry by specifying the base distinguished name (DN).
Note: If the value contains spaces, enclose the value in double quotation marks (").
dc=mycluster,dc=icp
ldap.bindDN Configure LDAP bind user identity by specifying the bind distinguished name (bind DN).
Note: If the value contains spaces, enclose the value in double quotation marks (").
cn=admin,dc=mycluster,dc=icp
ldap.groupFilter Set LDAP group filter.
Note: Spaces are not supported in the value for the ldap.groupFilter parameter.
uid=%s,ou=groups
ldap.mode Choose (standalone) for a built-in LDAP server or (proxy) and connect to an external organization LDAP server.
Note: Set LDAP properties as follows:
  • If you set ldap mode: standalone (internal LDAP), then use the default LDAP parameter values as listed in this table, otherwise the installation will fail.
  • If you set ldap mode: proxy then ensure that you set the correct LDAP values for your external LDAP service.
standalone
ldap.port Configure the port of your organization's LDAP server. If you need LDAP users that are created in the ObjectServers, set the LDAP port to 389 and set the sslPort to 636. For more information, see Pod fails to connect to LDAP. 389
ldap.serverType Set LDAP user filter. CUSTOM
ldap.sslPort Configure the SSL port of your organization's LDAP server. If you need LDAP users that are created in the ObjectServers, set the LDAP port to 389 and set the sslPort to 636. For more information, see Pod fails to connect to LDAP. 636
ldap.storageClass LDAP storage class. Update this to a valid storage class.  
ldap.storageSize LDAP storage size. 1Gi
ldap.suffix Configure the top entry in the LDAP directory information tree .(DIT). dc=mycluster,dc=icp
ldap.url Configure the URL of your organization's LDAP server. ldap://localhost:389
ldap.userFilter Set LDAP user filter.
Note: If the value contains spaces, enclose the value in double quotation marks (").
uid=%s,ou=users
license.accept Agreement to license. false
persistence.enabled Enable persistence storage. false
persistence.storageClassCassandraBackup CassandraBackup storage class.  
persistence.storageClassCassandraData CassandraData storage class.  
persistence.storageClassCouchdb Couchdb storage class.  
persistence.storageClassDB2 Db2® storage class.

version 1.6.3.1 iconThis property was removed in version 1.6.3.1.

version 1.6.3.1 iconSelect Availability:
Netcool Operations Insight on OpenShift 1.6.3.1 is available for select customers. Contact IBM Sales if you are interested in purchasing and using this offering. Netcool Operations Insight on OpenShift 1.6.3.1 provides event management capabilities in IBM Cloud Pak® for Watson™ AIOps 3.1.1.

 
persistence.storageClassElastic Elasticsearch storage class.  
persistence.storageClassImpactGUI ImpactGUI storage class.  
persistence.storageClassImpactServer ImpactServer storage class.  
persistence.storageClassKafka Kafka storage class.  
persistence.storageClassNCOBackup NCOBackup storage class.  
persistence.storageClassNCOPrimary NCOPrimary storage class.  
persistence.storageClassZookeeper Zookeeper storage class.  
persistence.storageSizeCassandraBackup CassandraBackup storage size. 50Gi
persistence.storageSizeCassandraData CassandraData storage size. 50Gi
persistence.storageSizeCouchdb Couchdb storage size. 5Gi
persistence.storageSizeDB2 Db2 storage size.

version 1.6.3.1 iconThis property was removed in version 1.6.3.1.

version 1.6.3.1 iconSelect Availability:
Netcool Operations Insight on OpenShift 1.6.3.1 is available for select customers. Contact IBM Sales if you are interested in purchasing and using this offering. Netcool Operations Insight on OpenShift 1.6.3.1 provides event management capabilities in IBM Cloud Pak for Watson AIOps 3.1.1.

5Gi
persistence.storageSizeElastic Elasticsearch storage size. 75Gi
persistence.storageSizeImpactGUI ImpactGUI storage size. 5Gi
persistence.storageSizeImpactServer ImpactServer storage size. 5Gi
persistence.storageSizeKafka Kafka storage size. 50Gi
persistence.storageSizeNCOBackup NCOBackup storage size. 5Gi
persistence.storageSizeNCOPrimary NCOPrimary storage size. 5Gi
persistence.storageSizeZookeeper Zookeeper storage size. 5Gi
topology.appDisco.db2database Name of Db2 instance. Default value: taddm  
topology.appDisco.db2archuser Name of database archive user. Default value: archuser  
topology.appDisco.dbport Post of Db2 server. Default value: 50000  
topology.appDisco.db2user Name of database user. Default value: db2inst1  
topology.appDisco.scaleSSS Value must be greater than 0. Default value: 1  
topology.appDisco.scaleDS Value must be greater than 0. Default value: 1  
topology.appDisco.enabled Enable Application Discovery services and its observer. false
topology.appDisco.dburl Db2 Host URL for Application Discovery.  
topology.appDisco.dbsecret Db2 secret for Application Discovery.  
topology.appDisco.secure Enable secure connection to Db2 Host URL for Application Discovery. false
topology.appDisco.certSecret This secret must contain the Db2 certificate by the name tls.crt Applicable only if the property name is secure.  
topology.enabled Enable topology. true
topology.iafCartridgeRequirementsName Do not edit this parameter.  
topology.netDisco Enable Network Discovery services and its observer. false
topology.observers.alm Enable ALM observer. false
topology.observers.ansibleawx Enable Ansible® AWX observer. false
topology.observers.appdynamics Enable AppDynamics observer. false
topology.observers.aws Enable AWS observer. false
topology.observers.azure Enable Azure observer. false
topology.observers.bigfixinventory Enable Bigfixinventory observer. false
topology.observers.cienablueplanet Enable Cienablueplanet observer. false
topology.observers.ciscoaci Enable Ciscoaci observer. false
topology.observers.contrail Enable Contrail observer. false
topology.observers.dns Enable DNS observer. false
topology.observers.docker Enable Docker observer. false
topology.observers.dynatrace Enable Dynatrace observer. false
topology.observers.file Enable File observer. false
topology.observers.googlecloud Enable Googlecloud observer. false
topology.observers.ibmcloud Enable Ibmcloud observer. false
topology.observers.itnm Enable ITNM observer. false
topology.observers.jenkins Enable Jenkins observer. false
topology.observers.junipercso Enable Junipercso observer. false
topology.observers.kubernetes Enable Kubernetes observer. false
topology.observers.newrelic Enable Newrelic observer. false
topology.observers.openstack Enable Openstack observer. false
topology.observers.rancher Enable Rancher observer. false
topology.observers.rest Enable REST observer. false
topology.observers.servicenow Enable Servicenow observer. false
topology.observers.taddm Enable TADDM observer. false
topology.observers.vmvcenter Enable Vmvcenter observer. false
topology.observers.vmwarensx Enable Vmwarensx observer. false
topology.observers.zabbix Enable Zabbix observer. false
topology.storageClassElasticTopology Elasticsearch storage class. Production only.  
topology.storageClassFileObserver FileObserver storage class. Production only.  
topology.storageSizeElasticTopology Elasticsearch storage size. Production only. 75Gi
topology.storageSizeFileObserver FileObserver storage size. Production only. 5Gi
version Version. 1.6.5
zen.serviceInstanceName Support for Zen is deprecated, this parameter can be removed. iaf-zen-cpdservice
zen.serviceNamespace Support for Zen is deprecated, this parameter can be removed.