Setting up the installation variables
A script is used as part of the installation process for Container Backup Support. Set up the environment and installation variables that are used by the installation script.
- baas-options.sh
- Contains the variables that are used to configure the prerequisites for Container Backup Support. This file is used to replace the sample baas-options.sh file that is provided in the installation package.
- baas-values.yaml
- Contains the values that are used to install Container Backup Support or to update an existing configuration. This file is used to replace the sample baas-values.yaml file that is provided in the installation package.
Information is provided on how to set up the installation variables for installing Container Backup Support in an airgap environment or from the IBM® Helm Charts Repository that is linked to IBM Entitled Registry.
To set up the variables in the baas-options.sh file, see Setting up installation variables in the baas-options.sh file.
To set up the configuration parameters in the baas-values.yaml file, see Setting up installation variables in the baas-values.yaml file.
Setting up installation variables in the baas-options.sh file
Set up the variables in the baas-options.sh file to configure the prerequisites for Container Backup Support. Use this file to replace the sample baas-options.sh file that is provided in the installation package.
mkdir install_vars_dir
cd install_vars_dir
where install_vars_dir is the
name of the directory that you created.Obtain an entitlement key
- Log in to the IBM Container software library with the IBMid and password that is associated with the entitled software.
- Click Get entitlement key.
- In the Access your container software page, click Copy key to copy the generated entitlement key.
- Save the key to a secure location for later use.
Set up the variables in baas-options.sh
export DOCKER_REGISTRY_ADDRESS='your_docker_registry'
export DOCKER_REGISTRY_USERNAME='your_docker_username'
export DOCKER_REGISTRY_PASSWORD='your_docker_password'
export DOCKER_REGISTRY_NAMESPACE='your_docker_registry_namespace'
export SPP_ADMIN_USERNAME='your_protectplus_containers_admin_username'
export SPP_ADMIN_PASSWORD='your_protectplus_containers_admin_password'
export DATAMOVER_USERNAME='create_a_datamover_username'
export DATAMOVER_PASSWORD='create_a_datamover_password'
export MINIO_USERNAME='create_a_minio_username'
export MINIO_PASSWORD='create_a_minio_password'
export BAAS_VERSION='protectplus_version'
The following table contains the descriptions for the environment variables in the
baas-options.sh file. You must enclose the values with single quotation marks
(''
).
Environment variable | Description |
---|---|
DOCKER_REGISTRY_ADDRESS | The address of the Docker registry in your environment where container images are
loaded. If you are pulling images from the IBM Entitled Registry, you must specify 'cp.icr.io/cp'. The value for DOCKER_REGISTRY_ADDRESS must match the value for the imageRegistry parameter in the baas-values.yaml file. |
DOCKER_REGISTRY_USERNAME | The user account for the Docker registry where container images are loaded. If you are pulling images from the IBM Entitled Registry, you must specify 'cp'. |
DOCKER_REGISTRY_PASSWORD | The user password for the Docker registry where the container images are loaded. To pull images from the IBM Entitled Registry, specify the entitlement key that you obtained from the IBM Container software library. You can avoid putting the password in the file by specifying an environment variable for any of the passwords. For example, ${DOCKERUSER_PW} or ${IBMCLOUD_API_KEY}. |
DOCKER_REGISTRY_NAMESPACE | The namespace of the Docker registry where the container images are loaded. The namespace
does not have to be created ahead of time. To pull images from the IBM Entitled Registry, you must specify 'sppc'. The value for DOCKER_REGISTRY_NAMESPACE must match the value for the imageRegistryNamespace parameter in the baas-values.yaml file. |
SPP_ADMIN_USERNAME | The user ID of the IBM Spectrum® Protect
Plus containers
administrator. The containers administrator is an IBM Spectrum Protect Plus administrator with the Containers Admin role. |
SPP_ADMIN_PASSWORD | The IBM Spectrum Protect
Plus password for the containers
administrator. You can optionally specify an environment variable for the password. For example, ${PROTECTPLUS_ADMIN_PW}. |
DATAMOVER_USERNAME | The user ID to create for use with the data mover. The value does not have to exist already.
It is created for the installation. The data mover username must adhere to the rules for usernames and passwords for Red Hat® Enterprise Linux® (RHEL) 7 operating system. The rules are the same as the ones for creating a new user on RHEL 7. For example, the password and the username must not be the same. |
DATAMOVER_PASSWORD | The user password to create for use with the data mover. The value does not have to exist
already. It is created for the installation. The data mover password must adhere to the rules for
usernames and passwords for RHEL 7. The rules are the same as the ones for creating a new user on
RHEL 7. For example:
|
MINIO_USERNAME | The username to create for the MinIO user. MinIO object storage is used to store backups of cluster and namespace resources. The value does not have to exist already. It is created for the installation. |
MINIO_PASSWORD | The password to create for the MinIO user. The value does not have to exist already. It is created for the installation. |
BAAS_VERSION | The version of IBM Spectrum Protect Plus that you are installing, for example, 10.1.8 or 10.1.8.x, where x specifies an interim fix (iFix). |
Setting up installation variables in the baas-values.yaml file
Set up the variables that are used to install or update Container Backup Support in the baas-values.yaml file. Use this file to replace the sample baas-values.yaml file that is provided in the installation package.
mkdir install_vars_dir
cd install_vars_dir
where install_vars_dir is the
name of the directory that you created.Set up the variables in baas-values.yaml
license: false | true
isOCP: false | true
clusterName: create_a_cluster_name
networkPolicy:
clusterAPIServerips:
- kubernetes_host_ip1
- kubernetes_host_ip2
- kubernetes_host_ip3
clusterAPIServerport: your_cluster_api_port
clusterCIDR: x.x.x.x/y
isServerInstalledOnAnotherCluster: false
SPPfqdn: your_protectplus_server_DNS_address
SPPips: your_protectplus_server_ip
SPPport: your_protectplus_server_port
productLoglevel: INFO | WARNING | ERROR | DEBUG
imageRegistry: your_docker_registry
imageRegistryNamespace: your_docker_registry_namespace
minioStorageClass: name_of_storageclass_to_use_with_minio
veleroNamespace: spp-velero
Ensure that the spacing is maintained as specified in the YAML file. Tabs are not allowed.
The following table contains the descriptions and default values for the configuration parameters in the baas-values.yaml file:
Parameter | Description | Default value |
---|---|---|
license | The product license for Container Backup Support. The
English license file is located in the LICENSES/LICENSE-en directory, which is
included in the installation package. Versions of the license in English and other languages are
available in the "IBM Spectrum Protect
Plus Capacity - Version
10.1.8" license agreements at License Information documents. Set the value to true to indicate that you have reviewed and agree to the license agreement. |
false |
isOCP | The type of cluster on which you are installing Container Backup Support. If you are installing the product on an OpenShift cluster, set the value to true. If you are installing the product on a Kubernetes cluster, set the value to false. |
false |
clusterName | The unique cluster name that is used to register the application host to the IBM Spectrum Protect Plus server. The cluster name can be any name of your choice, but it must be unique from the IBM Spectrum Protect Plus server. | None |
clusterAPIServerips | The IP address for the cluster API server. To obtain the cluster API server address, issue
the following command: For Kubernetes:
For OpenShift:
Use all of the provided
addresses listed under the addresses field in the output, or add or remove IP
addresses as needed. Specify multiple addresses as follows:
|
x.x.x.x |
clusterAPIServerport | The port address for the cluster API server. To obtain the cluster API server port, issue the
following command: For Kubernetes:
For OpenShift:
Use the port number listed in the port field in the output. |
6443 |
clusterCIDR | The Classless Inter-Domain Routing (CIDR) value for the cluster. To obtain the CIDR, issue
the following command: For Kubernetes:
For OpenShift:
Use the displayed IP address as the cluster CIDR address. Tip for Kubernetes: If the
command does not return the CIDR value, change the grep expression to look for
the combination of "cluster" and "CIDR" and run the command again.
|
192.168.0.0/16 |
additionalAddresses | Enter a value for the dm.nfs.additionalAddresses field if the network
environment contains routers, proxies, gateways, or Network Address Translation (NAT) devices
between the cluster nodes and the IBM Spectrum Protect
Plus vSnap
server. This address is used for data transfer during backup and restore operations between the
cluster and vSnap server. Enter the public facing addresses for the device. The vSnap server uses an IP filter to regulate data transfer. You can specify more than one address, which can be in IP address or CIDR format. The addresses must be on the allowlist. Otherwise, the addresses are rejected. You can specify multiple addresses as follows:
|
x.x.x.x |
isServerInstalledOnAnotherCluster | For OpenShift environments, set the value to false regardless of
whether the IBM Spectrum Protect
Plus server is installed on the
same cluster as Container Backup Support or on a separate
cluster. If you are installing Container Backup Support on a Kubernetes cluster, or if the IBM Spectrum Protect Plus server is installed as a virtual appliance, set the value to false. |
false |
SPPfqdn | The DNS address for the IBM Spectrum Protect
Plus server.
You can specify an IP address or a fully qualified domain name (FQDN). If the IBM Spectrum Protect Plus server is installed as a virtual appliance and no DNS server is available, specify the IP address that is used for the SPPips parameter. If the IBM Spectrum Protect
Plus server is
installed in an OpenShift container environment,
retrieve the DNS address by issuing the following
command:
where
spp_server_namespace specifies the namespace in which the IBM Spectrum Protect
Plus server is installed. The DNS address to use is
listed in the HOST/PORT column in the command output. For
example:
|
None |
SPPips | The IBM Spectrum Protect
Plus server IP
address. If the IBM Spectrum Protect Plus server is installed as a virtual appliance, specify an IP address. If the IBM Spectrum Protect
Plus server is
installed in an OpenShift container environment, obtain
the IP address as follows:
|
x.x.x.x |
SPPport | The IBM Spectrum Protect Plus server port. You must set the port number to 443. | 443 |
productLoglevel | The trace levels for troubleshooting issues with the Container Backup Support transaction manager, controller, and scheduler components. The following trace levels are available: INFO, WARNING, DEBUG, and ERROR. | INFO |
imageRegistry | The address of the Docker registry in your environment where the container images are
loaded. If you are pulling images from the IBM Entitled Registry, you must specify cp.icr.io/cp. The value for the imageRegistry parameter must match the value for the DOCKER_REGISTRY_ADDRESS variable in the baas-options.sh file. |
docker-repo-hostname: 5000 |
imageRegistryNamespace | The namespace of the Docker registry where the container images are loaded. The namespace
does not have to be created ahead of time. To pull images from the IBM Entitled Registry, you must specify sppc. The value for the imageRegistryNamespace parameter must match the value for the DOCKER_REGISTRY_NAMESPACE variable in the baas-options.sh file. |
baas |
minioStorageClass | The name of the storage class to use for the MinIO server. The MinIO server is used to store
the backups of cluster and namespace resources. If you do not specify a value for this parameter, the default storage class of your cluster is used. Ensure that a default storage class is defined. Important: To safeguard resource snapshot backups in the case where the BaaS is
uninstalled or has been reinstalled, set the storage class with a Reclaim
Policy with the Retain value specified. Backups that have been
transferred to the vSnap server are not affected. Certain upgrade scenarios may also lead to losing
the minIO PVC content if the Reclaim Policy is not set to
Retain.
|
None |
veleroNamespace | Specify the namespace of the Velero installation that is dedicated to IBM Spectrum Protect
Plus
Container Backup Support, for example,
spp-velero .If you do not specify a value for this parameter, Velero integration is unavailable and you can use Container Backup Support to protect only PVCs. |
None |
Examples of baas-options.sh files
The following table shows examples of the baas-options.sh file for installations in different environments.
Kubernetes installation with a Docker registry in an airgap environment | OpenShift installation with the IBM Entitled Registry |
---|---|
|
|
Examples of baas-values.yaml files
The following table shows examples of the baas-values.yaml file for installations in different environments.
Kubernetes installation with a Docker registry in an airgap environment | OpenShift installation with the IBM Entitled Registry |
---|---|
|
|