Configuring Product Master deployment YAML (Fix Pack 6 and later)
Before deployment you need to configure Product Master YAML file.
Before you begin
- Ensure the system requirements for Container are met and required software is installed.
- File storage is mandatory for ‘appdata’ persistent volume. We recommend File storage for all the persistent volumes. If you use file storage ‘access_modes’ should be set to ReadWriteMany.
- All persistent volume claims are mandatory for successful deployment.
- Before performing un-deployment, it is recommended to take complete backup of all the persistent volumes.
Procedure
-
Review and update secret values in the app_secrets.yaml file.
- Generate self-signed certificate or procure valid certificate that is issued by the
certificate authority for applying to the Ingress routes, which in turn are applied to application
URLs. Convert certificate and key to Base64 format by using the following command.
cat crt.cert | base64 cat cert.key | base64Convert the output to single line for the crt.cert and cert.key files.
- Generate self-signed certificate or procure valid certificate that is issued by the
certificate authority for applying to the Ingress routes, which in turn are applied to application
URLs. Convert certificate and key to Base64 format by using the following command.
- Update the values in the app_secrets.yaml file in the following
format.
apiVersion: v1 kind: Secret metadata: name: app-secret namespace: <namespace> type: Opaque stringData: #Database details db_type: "<db2 / oracle>" db_name: "<DB name>" db_host: "<IP or hostname of DB>" db_user: "<DB username>" db_pass: "<DB password. For FP5 and earlier releases provide encrypted password.>" db_port: "<DB server port>" #SSL details db_ssl_crt: "<database plain text ssl certificate>" #IBM Watson Knowledge Catalog details cpd_host_url: "<CPD host URL>" cpd_user_name: "<CPD User name>" wkc_auth_api_key: "<WKC API Key>" wkc_catalog_name: "<WKC Catalog name>" #Simple Mail Transfer Protocol (SMTP) details smtp_address: "<SMTP server hostname>" from_address: "<From email address>" smtp_port: "<SMTP server port>" smtp_user: "<SMTP username or API key>" smtp_pass: "<SMTP password>" smtp_additional_props: "<SMTP additional properties>" #Security Assertion Markup Language (SAML) Single sign-on (SSO) details sso_company: "<company code>" sso_config_adminui: "<AdminUI SAML WebSSO configuration for IBM WebSphere® Liberty, in the <samlWebSso20>..</samlWebSso20>> format" sso_config_personaui: "<PersonaUI SAML WebSSO configuration for IBM WebSphere® Liberty, in the format <samlWebSso20>..</samlWebSso20>>" sso_idp_metadata: "<Identity provider metadata file content>" apiVersion: v1 kind: Secret metadata: name: tls-secret namespace: <namespace> type: kubernetes.io/tls data: #Specify the Base64 converted domain name certificate and key in a single line without any space tls.crt: "" tls.key: "" - Following is a list of sample deployment files for your reference.
- catalog_source.yaml
-
apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: name: ibm-productmaster-catalog namespace: <namespace> spec: displayName: IBM Product Master publisher: IBM sourceType: grpc image: registry.ng.bluemix.net/product_master/ipm-operator-catalog@<DIGEST_VALUE>
- operator_group.yaml
-
apiVersion: operators.coreos.com/v1alpha2 kind: OperatorGroup metadata: name: ibm-productmaster-catalog-group namespace: <namespace> spec: targetNamespaces: - <namespace> - subscription.yaml
-
apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: name: ibm-productmaster-catalog-subscription namespace: <namespace> spec: channel: v1.0 name: productmaster-operator installPlanApproval: Automatic source: ibm-productmaster-catalog sourceNamespace: <namespace> - volumes.yaml
-
kind: PersistentVolume apiVersion: v1 metadata: name: appdata-volume namespace: default labels: svc: appdata-volume spec: capacity: storage: 10Gi accessModes: - ReadWriteMany storageClassName: standard hostPath: path: /mnt/ipm12/appdata --- kind: PersistentVolume apiVersion: v1 metadata: name: admin-log-volume namespace: default labels: svc: admin-log-volume spec: capacity: storage: 2Gi accessModes: - ReadWriteOnce storageClassName: standard hostPath: path: /mnt/ipm12/admin --- kind: PersistentVolume apiVersion: v1 metadata: name: ftsind-log-volume namespace: default labels: svc: ftsind-log-volume spec: capacity: storage: 2Gi accessModes: - ReadWriteOnce storageClassName: standard hostPath: path: /mnt/ipm12/ftsindlog --- kind: PersistentVolume apiVersion: v1 metadata: name: ftspim-log-volume namespace: default labels: svc: ftspim-log-volume spec: capacity: storage: 2Gi accessModes: - ReadWriteOnce storageClassName: standard hostPath: path: /mnt/ipm12/ftspimlog --- kind: PersistentVolume apiVersion: v1 metadata: name: gds-log-volume namespace: default labels: svc: gds-log-volume spec: capacity: storage: 2Gi accessModes: - ReadWriteOnce storageClassName: standard hostPath: path: /mnt/ipm12/gds --- kind: PersistentVolume apiVersion: v1 metadata: name: ml-log-volume namespace: default labels: svc: ml-log-volume spec: capacity: storage: 2Gi accessModes: - ReadWriteOnce storageClassName: standard hostPath: path: /mnt/ipm12/ml --- kind: PersistentVolume apiVersion: v1 metadata: name: mongodb-data-volume namespace: default labels: svc: mongodb-data-volume spec: capacity: storage: 1Gi accessModes: - ReadWriteOnce storageClassName: standard hostPath: path: /mnt/ipm12/mongodb --- kind: PersistentVolume apiVersion: v1 metadata: name: mongodb-log-volume namespace: default labels: svc: mongodb-log-volume spec: capacity: storage: 1Gi accessModes: - ReadWriteOnce storageClassName: standard hostPath: path: /mnt/ipm12/mongodblog --- kind: PersistentVolume apiVersion: v1 metadata: name: mq-data-volume namespace: default labels: svc: mq-data-volume spec: capacity: storage: 1Gi accessModes: - ReadWriteOnce storageClassName: standard hostPath: path: /mnt/ipm12/mq-data --- kind: PersistentVolume apiVersion: v1 metadata: name: personaui-log-volume namespace: default labels: svc: personaui-log-volume spec: capacity: storage: 2Gi accessModes: - ReadWriteOnce storageClassName: standard hostPath: path: /mnt/ipm12/personaui --- kind: PersistentVolume apiVersion: v1 metadata: name: restapi-log-volume namespace: default labels: svc: restapi-log-volume spec: capacity: storage: 5Gi accessModes: - ReadWriteOnce storageClassName: standard hostPath: path: /mnt/ipm12/restapi --- kind: PersistentVolume apiVersion: v1 metadata: name: sch-log-volume namespace: default labels: svc: sch-log-volume spec: capacity: storage: 2Gi accessModes: - ReadWriteOnce storageClassName: standard hostPath: path: /mnt/ipm12/sch --- kind: PersistentVolume apiVersion: v1 metadata: name: wfl-log-volume namespace: default labels: svc: wfl-log-volume spec: capacity: storage: 2Gi accessModes: - ReadWriteOnce storageClassName: standard hostPath: path: /mnt/ipm12/wfl --- kind: PersistentVolume apiVersion: v1 metadata: name: elasticsearch-data-volume namespace: default labels: svc: elasticsearch-data-volume spec: capacity: storage: 1Gi accessModes: - ReadWriteOnce storageClassName: standard hostPath: path: /mnt/ipm12/elasticsearch-data - You can specify any value for the path: /mnt/ipm12.
- ipm_12.0.x_cr.yaml
-
apiVersion: productmaster.ibm.com/v1 kind: ProductMaster metadata: name: productmaster spec: license: accept: true deployment_platform: 'openshift' #deployment_platform: 'k8s' version: 12.0.6 domain_name: "" enable: fts: 1 vendor: 1 dam: 1 ml: 1 gds: 1 wkc: 0 sso: 1 mountmgr: 1 image: registry: registry.ng.bluemix.net/product_master pullpolicy: Always productmastersecret: "ipm-registry" app_secret_name: "app-secret" random_secret_name: "random-secret" certs_secret_name: "tls-secret" enable_volume_selectors: true volume_details: admin: log: name: admin-log-volume storage: 2Gi access_modes: ReadWriteOnce storage_class_name: standard ftspim: log: name: ftspim-log-volume storage: 2Gi access_modes: ReadWriteOnce storage_class_name: standard ftsind: log: name: ftsind-log-volume storage: 2Gi access_modes: ReadWriteOnce storage_class_name: standard personaui: log: name: personaui-log-volume storage: 2Gi access_modes: ReadWriteOnce storage_class_name: standard restapi: log: name: restapi-log-volume storage: 2Gi access_modes: ReadWriteOnce storage_class_name: standard wfl: log: name: wfl-log-volume storage: 2Gi access_modes: ReadWriteOnce storage_class_name: standard sch: log: name: sch-log-volume storage: 2Gi access_modes: ReadWriteOnce storage_class_name: standard gds: log: name: gds-log-volume storage: 2Gi access_modes: ReadWriteOnce storage_class_name: standard appdata: name: appdata-volume storage: 1Gi access_modes: ReadWriteMany storage_class_name: standard ######################################################################## # This is file storage ######################################################################## mq: data: name: mq-data-volume storage: 1Gi access_modes: ReadWriteOnce storage_class_name: standard mongodb: data: name: mongodb-data-volume storage: 1Gi access_modes: ReadWriteOnce storage_class_name: standard log: name: mongodb-log-volume storage: 1Gi access_modes: ReadWriteOnce storage_class_name: standard ml: log: name: ml-log-volume storage: 2Gi access_modes: ReadWriteOnce storage_class_name: standard elasticsearch: data: name: elasticsearch-data-volume claim: elasticsearch-data-volume-claim storage: 1Gi access_modes: ReadWriteOnce storage_class_name: standard ################################ ml_service: replica_count: 1 image: ipm-ml-ubi8 imagetag: 12.0.6 http: ext_port: 31005 httpa: ext_port: 31105 httpb: ext_port: 31205 httpc: ext_port: 31305 readiness_probe: initial_delay_seconds: 30 timeout_seconds: 900 period_seconds: 60 liveness_probe: initial_delay_seconds: 30 timeout_seconds: 900 period_seconds: 60 resources: requests: memory: 2048Mi cpu: 500m limits: memory: 3072Mi cpu: 600m admin_service: replica_count: 1 image: ipm-admin-ubi8 imagetag: 12.0.6 memflag: -Xmx1024m -Xms256m evmemflag: -Xmx128m -Xms48m quememflag: -Xmx128m -Xms48m admmemflag: -Xmx128m -Xms48m readiness_probe: initial_delay_seconds: 90 timeout_seconds: 900 period_seconds: 10 liveness_probe: initial_delay_seconds: 120 timeout_seconds: 900 period_seconds: 60 resources: requests: memory: 2048Mi cpu: 1000m limits: memory: 3072Mi cpu: 1400m wfl_service: replica_count: 1 image: ipm-wfl-ubi8 imagetag: 12.0.6 memflag: -Xmx1024m -Xms48m readiness_probe: initial_delay_seconds: 30 timeout_seconds: 900 period_seconds: 60 liveness_probe: initial_delay_seconds: 30 timeout_seconds: 900 period_seconds: 60 resources: requests: memory: 1536Mi cpu: 600m limits: memory: 2048Mi cpu: 800m sch_service: replica_count: 1 image: ipm-sch-ubi8 imagetag: 12.0.6 memflag: -Xmx1024m -Xms48m readiness_probe: initial_delay_seconds: 30 timeout_seconds: 900 period_seconds: 60 liveness_probe: initial_delay_seconds: 30 timeout_seconds: 900 period_seconds: 60 resources: requests: memory: 1536Mi cpu: 600m limits: memory: 2048Mi cpu: 800m gds_service: replica_count: 1 image: ipm-gds-ubi8 imagetag: 12.0.6 memflag: -Xmx1024m -Xms48m gds_app_type: Supply gds_datapool_gln: 8380160030003 gds_self_gln: 0864471000477 company_name: <Company where GDS module loaded> readiness_probe: initial_delay_seconds: 30 timeout_seconds: 900 period_seconds: 60 liveness_probe: initial_delay_seconds: 30 timeout_seconds: 900 period_seconds: 60 resources: requests: memory: 1536Mi cpu: 600m limits: memory: 2048Mi cpu: 800m ftsind_service: replica_count: 1 image: ipm-fts-indexer-ubi8 imagetag: 12.0.6 memflag: -Xmx1024m -Xms256m readiness_probe: initial_delay_seconds: 30 timeout_seconds: 900 period_seconds: 10 liveness_probe: initial_delay_seconds: 60 timeout_seconds: 5000 period_seconds: 60 resources: requests: memory: 1536Mi cpu: 500m limits: memory: 2048Mi cpu: 600m ftspim_service: replica_count: 1 image: ipm-fts-pim-ubi8 imagetag: 12.0.6 memflag: -Xmx1024m -Xms256m readiness_probe: initial_delay_seconds: 30 timeout_seconds: 900 period_seconds: 10 liveness_probe: initial_delay_seconds: 60 timeout_seconds: 900 period_seconds: 60 resources: requests: memory: 1536Mi cpu: 500m limits: memory: 2048Mi cpu: 600m personaui_service: replica_count: 1 image: ipm-personaui-ubi8 imagetag: 12.0.6 maxmem: 1280 readiness_probe: initial_delay_seconds: 30 timeout_seconds: 900 period_seconds: 60 liveness_probe: initial_delay_seconds: 30 period_seconds: 60 timeout_seconds: 900 resources: requests: memory: 1536Mi cpu: 1000m limits: memory: 2048Mi cpu: 1400m restapi_service: replica_count: 1 image: ipm-restapi-ubi8 imagetag: 12.0.6 maxmem: 1536 readiness_probe: initial_delay_seconds: 90 timeout_seconds: 900 period_seconds: 10 liveness_probe: initial_delay_seconds: 120 period_seconds: 60 timeout_seconds: 900 resources: requests: memory: 1536Mi cpu: 1000m limits: memory: 2048Mi cpu: 1400m hazelcast_service: replica_count: 1 image: ipm-hazelcast imagetag: 4.2.4 readiness_probe: initial_delay_seconds: 10 timeout_seconds: 900 period_seconds: 5 liveness_probe: initial_delay_seconds: 15 period_seconds: 10 timeout_seconds: 900 resources: requests: memory: 1002Mi cpu: 498m limits: memory: 1254Mi cpu: 612m elasticsearch_service: replica_count: 1 image: ipm-elasticsearch imagetag: 7.16.2 privileged: true readiness_probe: initial_delay_seconds: 60 timeout_seconds: 900 period_seconds: 10 liveness_probe: initial_delay_seconds: 120 timeout_seconds: 900 period_seconds: 60 resources: requests: memory: 2006Mi cpu: 498m limits: memory: 2506Mi cpu: 612m ibm_mq_service: replica_count: 1 image: ipm-mq imagetag: 9.2.0.0-r2 mq_qmgr_name: QM1 mq_channel_name: DEV.APP.SVRCONN queue_connection_factory: ptpQcf inbound_queue_name: DEV.QUEUE.1 outbound_queue_name: DEV.QUEUE.2 readiness_probe: initial_delay_seconds: 30 timeout_seconds: 5000 period_seconds: 10 port: http liveness_probe: initial_delay_seconds: 30 timeout_seconds: 5000 period_seconds: 10 port: http service: productmaster-mq-service port: 1414 resources: requests: memory: 240Mi cpu: 80m limits: memory: 300Mi cpu: 100m mongodb_service: replica_count: 1 image: ipm-mongodb imagetag: 4.0.22 privileged: true memflag: -Xmx2048m -Xms500m readiness_probe: initial_delay_seconds: 90 timeout_seconds: 5000 period_seconds: 10 liveness_probe: initial_delay_seconds: 120 timeout_seconds: 5000 period_seconds: 110 resources: requests: memory: 3216Mi cpu: 488m limits: memory: 3500Mi cpu: 600m
- Update the parameters in the ipm_12.0.x_cr.yamlfile before deployment as per the requirement. For more information, see ipm_12.0.x_cr.yaml file parameters.