Installing IBM PEM Essentials on OpenShift Container Platform

IBM® Partner Engagement Manager (IBM PEM) Container edition can be installed on a Red Hat® OpenShift® Container Platform (OCP).

Important: Upgrades from previous releases are not supported. PEM Essentials 6.3.0.0 is designed for fresh deployments only. If you are currently running PEM 6.2.x or earlier, you must plan for a new deployment rather than an in-place upgrade.

This application release has been qualified and on an on-premise Red Hat® OpenShift® Container Platform (OCP) which is an enterprise-ready Kubernetes container platform with full-stack automated operations to manage hybrid cloud and multi-cloud deployments. OCP is an orchestrated environment that provides strict security policies, built-in logging, routes to expose services, and management of container images. To install the application, the OCP cluster administrator and project administrator can work together to prepare the cluster and install IBM® PEM Essentials Container edition.

Ensure that you review following requirements before you install IBM PEM Essentials using Container:
Follow these steps to install IBM PEM Essentials using Container:
  1. Set up a client workstation. To install IBM PEM Essentials on a container platform, you must have a client workstation that can connect to the container platform cluster. You can setup additional workstations in case multiple people need to work on the installation. The client workstation must be a Windows, Mac OS, or Linux® machine with the following software installed:
    1. OpenShift command-line interface (oc) at a version that is compatible with your cluster.
    2. Helm command-line interface version 3.2 or later versions. For more information, see Helm.
  2. Download Container artifacts. For more information, see Downloading Container artifacts. For an air-gap installation, see Mirroring Container images in an air-gapped environment.
  3. You can add a non-root user to the IBM PEM Container image. For more information, see IBM PEM applications running as non-root user inside Docker containers.
  4. Set up the OpenShift cluster. The product can be installed on the versions of Red Hat OpenShift Container Platform. For information on supported versions, see Container Requirements. For more information, see Installing OpenShift Container Platform.
  5. Create Persistent Volumes (PV). For more information, see Setting up Persistent Volume(s).
    Note: The installation process will automatically create Persistent Volume Claims (PVC).
  6. The application deployment can be configured with security context or pod security policies with least privilege, non root user and privilege escalation as false in Red Hat OpenShift.
  7. Install the database server and make sure it is accessible from inside the cluster. For more information, Creating database schema.
  8. Set up a supported IBM MQ server version and make sure it is accessible from inside the cluster. For more information, see IBM MQ installation overview.
  9. Create Secrets for passphrase.txt, Keystore.jks, db passwords, and keystore passwords. For more information, see Adding Secrets.
  10. Install License Service using the automatic script on any Kubernetes-orchestrated cloud to automatically install ibm-licensing-operator with a stand-alone IBM Containerized Software using Operator Lifecycle Manager (OLM). The script installs License Service, creates an instance and validates the steps. For more information, see License Service Automatic installation using OLM.
  11. Configure the Container. For more information, see Configuring the Container.
  12. Install PEM Essentials using Container. For more information, see Deploying IBM PEM Essentials on a Container.
  13. Validate the installation. For more information, see Validating Deployment.