Installing IBM Sterling Secure Proxy using Helm chart
After completing all Pre-installation tasks, you can deploy the IBM Certified Container Software for Sterling Secure Proxy by invoking following command:
Configuration Manager:
helm install <my-release> --set license=true,image.repository=<repo name>,\
image.tag=<image tag>,image.imageSecrets=<image pull secret>,\
secret.secretName=<CM secret name>,\
service.externalIP=<Service IP> ibm-ssp-cm-1.2.x.tgz
Engine:
helm install <my-release> --set license=true,image.repository=<repo name>,\
image.tag=<image tag>,image.imageSecrets=<image pull secret>,\
secret.secretName=<Engine secret name>,\
service.externalIP=<Service IP> ibm-ssp-engine-1.2.x.tgz
Perimeter Server:
helm install <my-release> --set license=true,image.repository=<repo name>,\
image.tag=<image tag>,image.imageSecrets=<image pull secret>,\
service.externalIP=<Service IP> ibm-ssp-ps-1.2.x.tgz
Note: If you have used custom certificate(customCertEnabled: true) then execute below command after
deployment for CM and Engine:
kubectl get configmap <SSP Config Map> -o yaml | \
sed -e 's|customCertEnabled=true|customCertEnabled=false|' | \
kubectl apply -f - To get Config Map invoke the kubectl get configmap
command.
Mandatory parameters required at the helm install command:
| Parameter | Description |
|---|---|
| image.repository | Image full name including repository |
| image.tag | Image tag |
| image.imageSecrets | Image pull secrets |
| service.loadBalancerIP or service.externalIP | LoadBalancer / External IP for service discovery |
| secret.secretName | Secret Name (Not required for Perimeter Server ) |