Training with sample data

To learn about cloud native analytics, you can install a sample data set. Learn how to install and load sample data, train the system, and see the results.

Before you begin

Complete the following prerequisite items:
  • The ea-events-tooling container is installed by the operator. It is not started as a pod, and contains scripts to install data on the system, which can be run with the kubectl run command.
  • Find the values of image and image_tag for the ea-events-tooling container, from the output of the following command:
    kubectl get noi <release_name> -o yaml | grep ea-events-tooling
    Where <release_name> is the custom resource release name of your cloud deployment. For example, in the following output, image is ea-events-tooling, and image_tag is 2.0.14-20200120143838GMT.
    kubectl get noi <release_name> -o yaml | grep ea-events-tooling
        --env=CONTAINER_IMAGE=image-registry.openshift-image-registry.svc:5000/default/ea-events-tooling:2.0.14-20200120143838GMT \
        --image=image-registry.openshift-image-registry.svc:5000/default/ea-events-tooling:2.0.14-20200120143838GMT \
    Hybrid deployment: For a hybrid deployment, run the following command:
    kubectl get noihybrid <release_name> -o yaml | grep ea-events-tooling
    Where <release_name> is the custom resource release name of your hybrid deployment.
    IBM Cloud Pak for Watson AIOps deployment: For an online or offline deployment (airgap) of Event Manager with IBM Cloud Pak for Watson AIOps, find the values of image and image_tag from the noi-operator CSV file. Run the following command:
    oc get csv <noi-operator> -o yaml | grep olm.relatedImage.NOI_ea-events-tooling: | awk -F ': ' '{print $2}'
    Where <noi-operator> is the noi-operator CSV file name.
  • If you created your own docker registry secret, as described in Preparing your cluster, then patch your service account.
    kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "noi-registry-secret"}]}'
    Where noi-registry-secret is the name of the secret for accessing the Docker repository.
    Note: As an alternative to patching the default service account with image pull secrets, you can add the following option to each kubectl command that you issue:
    --overrides='{ "apiVersion": "v1", "spec": { "imagePullSecrets":
          [{"name": "evtmanager-registry-secret"}] } }'
    If you want to show the metric anomaly detection capability with the sample data, you need to generate an API Key and load metric data with the loadSampleData commands. Click Working with cURL to learn how to generate the API key and allow access to the metrics API.

About this task

Note: The ea-events-tooling container does not run with a custom Security Context Constraint (SCC).
You can use scripts in the ea-events-tooling container to install sample data on the system. Run the loadSampleData.sh script to load data to the ingestion service, train it, create a scope-based policy and load the data into IBM® Netcool Operations Insight. This script loads prebuilt data into the ingestion service and ObjectServer and trains the system for seasonality and related events.

To access the secrets, which control access to the ObjectServer, Web GUI and policy administration, the loadSampleData.sh script needs to run as a job.

Note: Loading pre-built data, training the system and loading data into the ObjectServer must be carried out only once. Thus, for the following example procedure, step 1.b must be invoked only once.

Procedure

  1. Run the loadSampleData.sh script from a job so that it has access to the secrets. Complete the following steps:
    1. Use the -j option with the script to generate a YAML file, such as loadSampleJob.yaml in the following example:
      kubectl delete pod ingesnoi3
      kubectl run ingesnoi3  --restart=Never --env=LICENSE=accept --image-pull-policy=Always  \
      --env=CONTAINER_IMAGE=image:image_tag  \
      -i --image=image:image_tag \
      loadSampleData.sh -- -r release_name -j  > loadSampleJob.yaml
      Where:
      • image is the location of the ea-events-tooling container, as described earlier.
      • CONTAINER_IMAGE is an environment variable, which is the same as the value you pass to the --image parameter in the Kubernetes command. This variable allows the container to populate the image details in the YAML file output that it creates.
      • image_tag is the image version tag, as described earlier.
      • release_name is the custom resource release name of your deployment.
      If you want to show the metric anomaly detection capability, you can add the following line to the previous command:
      -m "<metric API Key name>:<API Key password>"
      The complete command should be:
      kubectl delete pod ingesnoi3
      kubectl run ingesnoi3 -i --restart=Never --env=LICENSE=accept --image-pull-policy=Always  \
      --env=CONTAINER_IMAGE=image:image_tag  \
      - i --image=image:image  \
      loadSampleData.sh -- -r release_name -m "<metric API Key name>:<API Key password>" -j > loadSampleData.yaml
      Then run the command:
      run ingesnoi3 -i --restart=Never --env=LICENSE=accept --namespace netcool    
      --env=CONTAINER_IMAGE=image:image_tag
      --overrides='{ "apiVersion": "v1", "spec": { "imagePullSecrets": [{"name": "noi-registry-secret"}] } }'     
      --image=image:image_tag     
      loadSampleData.sh -- -r release_name -t cfd95b7e-3bc7-4006-a4a8-a73a79c71255     
      -a noi-service-account  -s noi-registry-secret     -j -m "<metric API Key name>:<API Key password>" > loadSampleData.yaml
      
    2. Create a job using the generated YAML file, such as loadSampleJob.yaml in the following example:
      kubectl create -f loadSampleJob.yaml -n <namespace>
      Where <namespace> is the namespace in which your deployment is installed.
    Note: If the default service account does not have access to the image repository, uncomment the image pull secrets section in the loadSampleData.yaml file and set the imagePullSecrets.name parameter to your Docker secret name before running the kubectl create command.
    A job called -loadSampleData is created. You can view the job output with the pod logs created by the job.
  2. View how the sample data has been grouped.
    1. Select Alerts. The list of all alerts are displayed.
    2. Select the Example_IBM_CloudAnalytics view to see how the alerts from the sample data are grouped.
  3. Turn off auto-deploy mode to view the suggested policies before they are deployed.
    The loadSampleData.sh script switches your configuration to auto-deploy mode. If you want to see the suggested policies for the sample data, and how you can manually enable them, then run the following steps to disable automatic policy deployment, and re-run a portion of the training.
    1. Get the start and end times for the sample data as in the following example.
      kubectl delete pod ingesnoi3;
      kubectl run ingesnoi3 -i --restart=Never --env=LICENSE=accept --image=image:image_tag getTimeRange.sh samples/demoTrainingData.json.gz
      pod "ingesnoi3" deleted
      {"minfirstoccurence":{"epoc":1552023064603,"formatted":"2019-03-08T05:31:04.603Z"},"maxlastoccurrence":{"epoc":1559729860924,"formatted":"2019-06-05T10:17:40.924Z"}}
    2. Note: If Review first mode is enabled by setting the -d parameter to false, Seasonality policies cannot be activated from the Suggested policies tab. Only Temporal Groupings policies can be activated from the Suggested policies tab.
      Run the script with the -d parameter set to false to disable auto-deployment.
      kubectl delete pod ingesnoi3;
      kubectl run ingesnoi3 -i --restart=Never --env=LICENSE=accept --image-pull-policy=Always --image=image:image_tag runTraining.sh -- -r test-install -a related_events -s 1552023064603 -e 1559729860924 -d false
      Where:
      • image is the location of the ea-events-tooling container, as described earlier.
      • image_tag is the image version tag, as described earlier.
      • -s and -e are the start and end times that are returned in step 3 a.
    Note: You may be required to override the registry secret by adding the following option to all of the kubectl commands that you issue:
    --overrides='{ "apiVersion": "v1", "spec": { "imagePullSecrets":
          [{"name": "evtmanager-registry-secret"}] } }'

What to do next

When you have finished using the sample data scenario and you want to train with real event data, you will need to re-run training. See Training with real event data.