Cloud operator properties

Learn about the operator properties for your pure Cloud-based IBM Netcool Operations Insight® installation.

The following table presents the properties in alphabetical order. Where no value is given for the default, the default for that operator in the YAML file is empty.

Note: Ensure that you use the correct format when you insert the storage sizes. The correct format is, for example, 100Gi. Invalid characters or incorrect syntax for the parameters is not allowed.
Table 1. Installation properties
Property Description Default
advanced.antiAffinity To prevent primary and backup server pods from being installed on the same worker node, set this option to true. When enabled, anti-affinity is configured for affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution. false
advanced.imagePullPolicy The default pull policy is IfNotPresent, which skips pulling an image that exists. IfNotPresent
advanced.imagePullRepository Docker registry that all component images are pulled from. Defaults to the IBM® Entitled Registry, cp.icr.io
Note: Trailing forward slash in the Image Pull Repository parameters causes datalayer not to deploy. A blockage occurs in the installation process because the datalayer pod fails due to the invalid image name. To fix the issue, uninstall and reinstall without the trailing forward slash.
cp.icr.io/cp/noi
backupRestore.enableAnalyticsBackups Enables backups.

Cloud: This parameter must be set to false for a full cloud deployment of IBM Netcool® Operations Insight on OpenShift®.

Hybrid: This parameter must be set to true for a hybrid deployment.

If set to true, the cronjob that does the backups is activated.

 
clusterDomain Use the fully qualified domain name (FQDN) to formulate the clusterDomain property, by using the following formula:
apps.clustername.*.*.com.
Note: The apps prefix must be included in the FQDN. For more information, see the Red Hat® OpenShift documentation: User-provisioned DNS requirements external icon
 
deploymentType Deployment type (trial or production). trial
entitlementSecret Entitlement secret to pull images.  
global.networkpolicies.enabled Set this property to false if you want to omit the network policies from the installation. true
topology.aaionap Enables the Open Network Automation Platform (ONAP) Active and Available Inventory (AAI) service. For more information, see Configuring the ONAP AAI service.  
helmValuesNOI.global.nonArbitraryToArbitraryUserUpgradeMode.enabled Enables upgrade mode.  
helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.backupDestination.hostname Optional: The destination hostname of the machine where the backups are copied to.
Note: Valid for primary deployment only.
false
helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.backupDestination.username

Optional: The username on the destination hostname that does the secure copy.

Note: Valid for primary deployment only.
false
helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.backupDestination.directory Optional: The directory on the destination hostname that receives the backups.
Note: Valid for primary deployment only.
false
helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.backupDestination.secretName

Optional: The Kubernetes secret name, which contains the private ssh key that is used to do the secure copy. The secret key privatekey must be used to store the ssh private key.

Note: Valid for primary deployment only.

If you want to use secure copy, set this property before you install Netcool Operations Insight.

false
helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.schedule Optional: It is the Cron schedule format that is used to determine how often the backups are taken. See Launch out icon https://en.wikipedia.org/wiki/Cron for more details on this used approach for running scheduled runs.
Note: Valid for primary deployment only.

Every 3 minutes.

helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.claimName
Optional: The PVC claim name that is used to store the backups. An empty value implies no use of Kubernetes persistent storage.
Note: Valid for primary deployment only.

This property must be specified before the NOI deployment if Kubernetes persistent storage is needed.

false
helmValuesNOI.ibm-noi-bkuprestore.noibackuprestore.maxbackups Optional: The maximum number of historic policy backups to keep on the persistent volume to preserve storage space.
Note: Valid for primary deployment only.
10
helmValuesNOI.nciserver.importNCICACerts.enabled Enables SSL communications from IBM Tivoli® Netcool/Impact. For more information, see Enabling SSL communications from Netcool/Impact on Red Hat OpenShift and Netcool/Impact core server config configmap.  
helmValuesNOI.nciserver.impactcore.instancesNamePrefix Customizes IBM Tivoli Netcool/Impact instance name: <your instance name>  
helmValuesNOI.global.cassandra.clientEncryption Enables TLS for Cassandra client communication. False
helmValuesNOI.cassandra.requireClientAuth Enables mutual TLS (mTLS). To enable mTLS, the enableMTLS property is also needed. False
helmValuesNOI.cassandra.enableMTLS Enables mTLS. To enable mTLS, the requireClientAuth property is also needed. False
helmValuesNOI.ibm-hdm-analytics-dev.cassandra.internodeEncryption Enables mTLS for Cassandra internode and inter-cluster communication. The values can be either dc (within a data center), all, or none. None
integrations.humio.repository Internal repository for Humio data.  
integrations.humio.url URL of the Humio server. Set the value of this property to a URL to enable the Search Humio event action.  
ldap.baseDN Configure the LDAP base entry by specifying the base distinguished name (DN).
Note: If the value contains spaces, enclose the value in single quotation marks (').
dc=mycluster,dc=icp
ldap.bindDN Configure LDAP bind user identity by specifying the bind distinguished name (bind DN).
Note: If the value contains spaces, enclose the value in single quotation marks (').
cn=admin,dc=mycluster,dc=icp
ldap.groupFilter Set LDAP group filter.
Note: If the value contains spaces, enclose the value in single quotation marks (').
uid=%s,ou=groups
ldap.mode Choose (stand-alone) for a built-in LDAP server or (proxy) and connect to an external organization LDAP server.
Note: Set LDAP properties as follows:
  • If you set ldap mode: standalone (internal LDAP), then use the default LDAP parameter values as listed in this table, otherwise the installation fails.
  • If you set ldap mode: proxy, then ensure that you set the correct LDAP values for your external LDAP service. Mandatory LDAP Organization Units, Users, and Groups entries must be created in the target LDAP server. For more information, see Creating users on an external LDAP server.
standalone
ldap.port Configure the port of your organization's LDAP server. If you need LDAP users that are created in the ObjectServers, set the LDAP port to 389 and set the sslPort to 636. For more information, see Pod fails to connect to LDAP. 389
ldap.serverType Set LDAP server type. (Default: "CUSTOM")

Alternatively, you can choose one of the following LDAP server types:

  • AD for Microsoft Active Directory
  • ADAM for Microsoft Active Directory Lightweight Directory Services
  • DOMINO for IBM Lotus Domino
  • IDS for IBMTivoli Directory Server
  • ZOSDS for IBMTivoli Directory Server for z/OS
  • NDS for Novell eDirectory
  • SUNONE for Oracle Directory Server or Sun ONE Directory Server
ldap.sslPort Configure the SSL port of your organization's LDAP server. If you need LDAP users that are created in the ObjectServers, set the LDAP port to 389 and set the sslPort to 636. For more information, see Pod fails to connect to LDAP. 636
ldap.storageClass LDAP storage class. Update this value to a valid storage class.  
ldap.storageSize LDAP storage size. 1 Gi
ldap.suffix Configure the high-level entry in the LDAP directory information tree (DIT). dc=mycluster,dc=icp
ldap.url Configure the URL of your organization's LDAP server. ldap://localhost:389
ldap.userFilter Set LDAP user filter.
Note: If the value contains spaces, enclose the value in single quotation marks (').
uid=%s,ou=users
license.accept Agreement to license. false
metadata.name The release name, for example, evtmanager.  
persistence.enabled Enable persistence storage.
Note: Persistence must be enabled. Set persistence.enabled to true in the custom resource.
false
persistence.storageClassCassandraBackup CassandraBackup storage class.  
persistence.storageClassCassandraData CassandraData storage class.  
persistence.storageClassCouchdb Couchdb storage class.  
persistence.storageClassElastic Elasticsearch storage class.  
persistence.storageClassImpactGUI ImpactGUI storage class.  
persistence.storageClassImpactServer ImpactServer storage class.  
persistence.storageClassKafka Kafka storage class.  
persistence.storageClassNCOBackup NCOBackup storage class.  
persistence.storageClassNCOPrimary NCOPrimary storage class.  
persistence.storageClassPostgresql Postgresql storage class.  
persistencestorageClassPostgresqlWal PostgresqlWal storage class.  
persistence.storageClassSharedSpark SharedSpark storage class.  
persistence.storageClassZookeeper Zookeeper storage class.  
persistence.storageSizeCassandraBackup CassandraBackup storage size. 50 Gi
persistence.storageSizeCassandraData CassandraData storage size. 50 Gi
persistence.storageSizeCouchdb Couchdb storage size. 5 Gi
persistence.storageSizeElastic Elasticsearch storage size. 75 Gi
persistence.storageSizeImpactGUI ImpactGUI storage size. 5 Gi
persistence.storageSizeImpactServer ImpactServer storage size. 5 Gi
persistence.storageSizeKafka Kafka storage size. 50 Gi
persistence.storageSizeNCOBackup NCOBackup storage size. 5 Gi
persistence.storageSizeNCOPrimary NCOPrimary storage size. 5 Gi
persistence.storageSizePostgresql Postgresql storage size. 100 Gi
persistence.storageSizePostgresqlWal PostgresqlWal storage size. 100 Gi
persistence.storageSizeSharedSpark SharedSpark storage size. 100 Gi
persistence.storageSizeZookeeper Zookeeper storage size. 5 Gi
serviceContinuity.continuousAnalyticsCorrelation Enables continuous service.

Cloud: This parameter must be set to false for a full cloud deployment of IBM Netcool Operations Insight on OpenShift.

Hybrid: This parameter must be set to true for a hybrid deployment when the isBackupDeployment parameter is set to false.

false
serviceContinuity.isBackupDeployment Enables continuous service.

If geoRedundancy.deploymentType is set to backup, the isBackupDeployment parameter is automatically set to true.

Determines the deployment state of the coordinator service. When set to true it enables coordinator service as backup deployment while set to false, it enables the primary deployment of the coordinator service.

Cloud: This parameter must be set to false for a full cloud deployment of IBM Netcool Operations Insight on OpenShift.

false
topology.appDisco.db2database Name of Db2® instance. Default value: taddm  
topology.appDisco.db2archuser Name of database archive user. Default value: archuser  
topology.appDisco.dbport Post of Db2 server. Default value: 50000  
topology.appDisco.db2user Name of database user. Default value: db2inst1  
topology.appDisco.scaleSSS Value must be greater than 0. Default value: 1  
topology.appDisco.scaleDS Value must be greater than 0. Default value: 1  
topology.appDisco.enabled Enable Application Discovery services and its observer. false
topology.appDisco.dburl Db2 Host URL for Application Discovery.  
topology.appDisco.dbsecret Db2 secret for Application Discovery.  
topology.appDisco.secure Enable secure connection to Db2 Host URL for Application Discovery. false
topology.appDisco.certSecret This secret must contain the Db2 certificate by the name tls.crt Applicable only if the property name is secure.  
topology.appDisco.tlsSecret The TLS secret.  
topology.observers.datadog    
topology.enabled Enable topology. f
topology.iafCartridgeRequirementsName Do not edit this parameter.  
topology.netDisco Enable Network Discovery services and its observer. false
topology.observers.alm Enable ALM observer. false
topology.observers.ansibleawx Enable Ansible® AWX observer. false
topology.observers.appdynamics Enable AppDynamics observer. false
topology.observers.aws Enable AWS observer. false
topology.observers.azure Enable Azure observer. false
topology.observers.bigcloudfabric Enable Big Cloud Fabric observer.  
topology.observers.bigfixinventory Enable BigFix® Inventory observer. false
topology.observers.cienablueplanet Enable Ciena Blue Planet observer. false
topology.observers.ciscoaci Enable Cisco ACI observer. false
topology.observers.contrail Enable Contrail observer. false
topology.observers.datadog   false
topology.observers.dns Enable DNS observer. false
topology.observers.docker Enable Docker observer. false
topology.observers.dynatrace Enable Dynatrace observer. false
topology.observers.file Enable File observer. false
topology.observers.gitlab Enable GitLab observer.  
topology.observers.googlecloud Enable Google Cloud observer. false
topology.observers.hpnfvd Enable HP NFVD observer.  
topology.observers.ibmcloud Enable IBM Cloud® observer. false
topology.observers.itnm Enable IBM Tivoli Network Manager observer. false
topology.observers.jenkins Enable Jenkins observer. false
topology.observers.junipercso Enable Junipercso observer. false
topology.observers.kubernetes Enable Kubernetes observer. false
topology.observers.newrelic Enable Newrelic observer. false
topology.observers.openstack Enable Openstack observer. false
topology.observers.rancher Enable Rancher observer. false
topology.observers.rest Enable REST observer. false
topology.observers.sdconap Enable SDC ONAP observer.  
topology.observers.servicenow Enable Servicenow observer. false
topology.observers.sevone Enable SevOne observer.  
topology.observers.taddm Enable Tivoli Application Dependency Discovery Manager observer. false
topology.observers.viptela Enable Viptela observer.  
topology.observers.vmvcenter Enable VMware vCenter observer. false
topology.observers.vmwarensx Enable VMware NSX observer. false
topology.observers.zabbix Enable Zabbix observer. false
topology.storageClassElasticTopology Elasticsearch storage class. Production only.  
topology.storageClassFileObserver FileObserver storage class. Production only.  
topology.storageSizeElasticTopology Elasticsearch storage size. Production only. 75 Gi
topology.storageSizeFileObserver FileObserver storage size. Production only. 5 Gi
topology.storageSizeSdconapObserver SDC ONAP storage size. Production only. 5 Gi
version Version. 1.6.9
Table 2. PostgreSQL properties
Property Description
edbPostgresImage
cp.icr.io/cp/cpd/postgresql:13.10@sha256:86fe95d5d9ddc7967f3931f679b4031eac2f02fa5e27b2dc0e810350c8414688

Image. Do not modify or provide this property unless instructed by IBM Technical Support.

edbPostgresLicenseImage
cp.icr.io/cp/cpd/edb-postgres-license-provider@sha256:fd8339c382e1c5d69184d9c3f299a3da5c9a12a579e0db5e76e86d65be9190fd"

License image. Do not modify or provide this property unless instructed by IBM Technical Support.

edbPostgresSubscriptionName
cloud-native-postgresql
This property is the name of the edb-postgres subscription.
  • If you install with the dashboard or IBM Cloud catalog, this property is cloud-native-postgresql.
  • If you install with the case bundle, this property is cloud-native-postgresql-catalog-subscription.
It is necessary to provide this key and value pair only if you are installing Netcool Operations Insight with the dashboard or if you are manually creating the catalog source and subscription for Netcool Operations Insight or EnterpriseDB (EDB) Postgres.
bootstrap properties
enabled false

Use this property to determine whether to bootstrap a new cluster from a preexisting backup.

clusterName "evtmanager-noi-postgres-cluster"

This property is the name of the cluster to bootstrap from. The cluster must include an existing backup that is located in your destinationPath property. For example, if you had a previously running cluster that successfully took backups before, the value to provide for this property is what you originally provided in spec.postgresql.backups.serverName.

destinationPath

"s3://ceph-bkt-18d99a17-38ee-4798-accb-a39077bd1abd"

This property follows the "s3://${BUCKET_NAME}" format.

endpointURL "http://worker0.destrayer.cp.xyz.com:32252"

This example property uses node port.

# endpointURL "http://rook-ceph-rgw-my-store.rook-ceph.svc:8080"

If you use a local S3 bucket, the example property is "http://$AWS_HOST:$AWS_PORT".

Bootstrap s3Credentials properties
secretName "ceph-bucket"

This property is the name of the secret that contains the relevant S3 credentials.

keyNameAccessKeyID "AWS_ACCESS_KEY_ID"

This property is the name of the key in the secret with a value that matches the access key ID.

keyNameAccessSecretKey "AWS_SECRET_ACCESS_KEY"

This property is the name of the key in the secret with a value that matches the access secret key.

keyNameAccessSessionToken This optional property is the name of the key in the secret with a value that matches the access session token.
Bootstrap wal properties
walMaxParallel 1

This property indicates the number of jobs to use when bootstrapping the cluster. This property has bandwidth implications.

encryption "default"

Use the bucket default encryption. Options are default, AES256, or aws:kms.

compression "none"

Options are none, gzip, bzip2, or snappy.

Each option has implications for speed and size.

backups properties
enabled false

Enable or disable backups.

data The following settings refer to the actual data in the database and not the Write-Ahead Logging (WAL) files:
  • Use default to use the bucket default encryption. Options are default, AES256, or aws:kms. The bucket must support the encryption mode. If you're unsure, use default.
  • The compression options are none, gzip, bzip2, or snappy. Each option has different implications for speed and size.
  • The jobs property indicates the number of jobs to use when backing up the Postgres data. This property has bandwidth implications.
  • Use the encryption property to use encryption.
destinationPath "s3://ceph-bkt-18d99a17-38ee-4798-accb-a39077bd1abd"

This property is the S3 bucket name. If you use the Backing up and restoring for EDB Postgres guide, it is the value of the BUCKET_NAME variable.

endpointURL "http://worker0.destrayer.cp.xyz.com:32252"

This property is the endpoint URL. If you use the Backing up and restoring for EDB Postgres guide, it is the URL of one of the workers of the cluster that has the S3 bucket hosted on it followed by the external port that is defined in the node port service.

# endpointURL "http://rook-ceph-rgw-my-store.rook-ceph.svc:8080" # "http://$AWS_HOST:$AWS_PORT"

This example uses an S3 bucket that is co-located on the same cluster as the Netcool Operations Insight installation.

retentionPolicy "12m"

This property indicates how long to store backups.

serverName "restoredCluster"

This property is the folder name where the backups from the cluster go.

If you are bootstrapping from an existing backup, the value that is provided must be distinct from the value that is provided for the spec.postgresql.bootstrap.clusterName property. A common convention is to use "restoredCluster" if you are bootstrapping a new cluster from a backup. The new backups from that bootstrapped cluster go into the "restoredCluster" directory in your S3 bucket.

If you are not bootstrapping a cluster from an existing backup, meaning if you are creating a new Netcool Operations Insight installation or upgrading to version 1.6.9 for the first time, use the "evtmanager-noi-postgres-cluster" value.

Backups s3credentials properties
secretName "ceph-bucket"

This property is the name of the secret that contains the relevant S3 credentials key.

keyNameAccessKeyID "AWS_ACCESS_KEY_ID"

This property is the name of the key in the secret that has a value that matches the access ID key.

keyNameAccessSecretKey "AWS_SECRET_ACCESS_KEY"

This property is the name of the key in the secret with a value of the access secret key.

keyNameAccessSessionToken ""

This property is optional and matches the name of the key in the secret with a value of the access session token.

Backups wal properties
encryption "default"

Use the bucket default encryption with this property. Options are default, AES256, or aws:kms. The bucket must support the encryption mode. If you are unsure, use "default".

compression "none"

Options are none, gzip, bzip2, or snappy.

Each option has implications for speed and size.

walMaxParallel 1

Set this property to the number of jobs to use when backing up the WAL. This property has bandwidth implications.

Backups endpointCA properties
enabled false

Set this property to true to use a custom certificate authority (CA) certificate.

name This property is the name of the custom CA certificate secret.

The secret must include a key that is named "cacert" and that has a value of the Base64-encoded CA certificate.

Backups onetimeBackup properties
enabled true

Enable the taking of a one-time backup. You need to manually clean these properties up when you uninstall.

Backups scheduledBackup properties
enabled false

Set this property to determine whether to enable taking scheduled backups.

immediate true

Set this property to determine whether to start taking backups immediately.

schedule "0 0 0 * * *"

This property indicates the schedule for backups. It uses the same syntax as Kubernetes job schedules.

suspend false

Set this property to determine whether to suspend the taking of scheduled backups.

Set this property to true if you want to pause the taking of backups.

backupOwnerReference "none"

Use this property for the OwnerReference value for the derivative backup custom resources (CRs) that are created from this ScheduledBackup CR.

  • If the property is set to "none", no OwnerReference is used, and you need to manually delete the derivative backup CRs when you uninstall Netcool Operations Insight.
  • If the property is set to "self", the OwnerReference for the Backup CRs is the ScheduledBackup CR. When one ScheduledBackup CR is deleted, all derivative Backup CRs are automatically deleted.
  • If the property is set to "cluster", the OwnerReference for the Backup CRs is the Cluster CR. If the Cluster CR is deleted, such as when the Netcool Operations Insight CR is deleted, the Backup CRs are automatically deleted.
backupRestore properties
postgresql.backupRestore.enableAnalyticsBackups  
serviceContinuity properties
continuousAnalyticsCorrelation false

Enables continuous service.

isBackupDeployment false

Enables continuous service.