An air gap installation allows you to install Operational Decision Manager on Kubernetes clusters that are not connected
to the internet (offline).
Before you begin
Before you perform an air gap installation:
- Choose a bastion server where you download the required files.
This server must be connected
to the internet and accessible to your air gap cluster.
- Download the cloudctl command-line interface to the bastion server.
- Choose the target docker repository to which you plan to mirror the ODM container images.
For
example, in Red Hat OpenShift, you can use the internal Red Hat OpenShift registry service. Run the
following command to get the name of the internal Red Hat OpenShift registry
service.
oc registry info --internal=true
The default service name is:
- In OpenShift 3.11: docker-registry.default.svc:5000/project
- In OpenShift 4.5 or 4.6:
image-registry.openshift-image-registry.svc:5000/project
About this task
If you plan to install IBM Operational
Decision Manager on an
air gap cluster, a cluster administrator must make the required files available to the cluster
before installation. You must download the required installation files to a bastion server that is
connected to the internet, and then transfer them to an installation node that is accessible from
the Kubernetes cluster. Then, you must mirror the container images to the target docker repository.
Finally, you will be able to install Operational Decision Manager
from the installation node to your air gap cluster.
Procedure
-
Download the ibm-odm-prod CASE.
A CASE (Container Application Software for Enterprises) is a well-defined file and directory
structure that provides metadata to describe everything needed for a product's installation, usage,
upgrade, and lifecycle.
cloudctl case save --repo https://github.com/IBM/cloud-pak/raw/master/repo/case --case ibm-odm-prod --version <version>
This command creates a flat directory structure that contains the ibm-odm-prod
.tgz CASE files, a folder that contains the ibm-odm-prod Helm charts, and two
comma-separated values files that contain the list of images and the list of charts associated with
the CASE.
- Transfer the /tmp/cases directory to your installation node.
Make sure the directory structure remains unchanged.
- Mirror the images from the IBM Entitled registry to your target docker repository.
- Create the <installation-namespace> in your
cluster.
- From the bastion server, set the credentials of the IBM Entitled registry and your
target docker repository with the following commands.
$ cloudctl case launch \
--case <casepath>/ibm-odm-prod \
--namespace <installation-namespace> \
--inventory ibmOdmProd \
--action configure-creds-airgap \
--args "--registry cp.icr.io --user cp --pass <API_KEY_GENERATED>"
Where
<API_KEY_GENERATED> is the entitlement key to access the Entitled
registry. Refer to https://www.ibm.com/docs/en/odm/8.11.0?topic=production-installing-helm-release-odm Step2,
Option 1.
$ cloudctl case launch \
--case <casepath>/ibm-odm-prod \
--namespace <installation-namespace> \
--inventory ibmOdmProd \
--action configure-creds-airgap \
--args "--registry <TARGET_REPOSITORY> --user <TARGET_REPOSITORY_USER> --pass <TARGET_REPOSITORY_PASS>"
Where
<TARGET_REPOSITORY> is the docker repository where you choose to mirror the
images.
- Mirror the images to the target docker repository.
cloudctl case launch \
--case <casepath>/ibm-odm-prod \
--namespace <installation-namespace> \
--inventory ibmOdmProd \
--action mirror-images \
--args "--registry $TARGET_REPOSITORY \
--inputDir /tmp/cases"
- From the installation node, install Operational Decision Manager.
- Create a pull secret to access your target docker repository.
kubectl create secret docker-registry <REPOSITORY_SECRET> --docker-server=<REPOSITORY_URL> --docker-username=<REPOSITORY_USER_NAME> \
--docker-password="<REPOSITORY_USER_PASSWORD>" --docker-email=<REPOSITORY_USER_EMAIL>
- Install an Operational Decision Manager Kubernetes
release.
helm install release_name \
--set image.pullSecrets=<REPOSITORY_SECRET> \
--set image.repository=<REPOSITORY_URL> \
chart/ibm-odm-prod-<version>.tgz