GitHubContribute in GitHub: Open doc issue|Edit online

License usage with deploying on Kubernetes

The IBM License Metric Tool (IBM License Metric Tool) is an application that is provided by IBM to audit licensed products to ensure that licensed software is being used appropriately.

Any deployment that is used in a production environment must be licensed. To assist customers, this guide demonstrates how licensing information can be collected for containerized deployments by using the Kubernetes infrastructure.

To ensure license compliance when using Kubernetes, customers are required to:

  1. Deploy the IBM License Metric Tool operator.
  2. Deploy with appropriate annotations.
  3. Verify that license metrics are being collected.

The following sections describe in detail what is required for each of these steps.

Deploy IBM License Metric Tool operator

The IBM License Metric Tool container can be deployed by using a Kubernetes Operator that is maintained by IBM. This operator is available at https://github.com/IBM/ibm-licensing-operator. The IBM License Metric Tool team provides a guide to deploy the operator by using the Kubernetes cli tool (https://github.com/IBM/ibm-licensing-operator/blob/master/docs/Content/Install_from_scratch.md).

Once the license service container is running, you can deploy containers and verify that license audit information is being recorded.

Deploy

The license service relies on fixed annotations being added to deployed pods in order to report on license usage. For IBM® Security Verify Directory Integrator the annotations that should be added to each deployment descriptor include:

Annotation Value Description
ProductName IBM Security Verify Directory Integrator Name of the application that is being licensed.
ProductID 088f70b8f00041618832ba2a850180ee The internal identifier of the application being licensed.
ProductMetric PROCESSOR_VALUE_UNIT or USER_VALUE_UNIT Metric used for license usage calculation.
ProductChargedContainers All Names of containers that will be charged.

These annotations should be added to the deployment metadata for each container. The following code snippet demonstrates how the required Kubernetes annotations can be added to a deployment.

Note: Details about the container template selection or configuration have been omitted for conciseness.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: ibm-svdi
  labels:
    app: ibm-svdi
  annotations:
    productID: "088f70b8f00041618832ba2a850180ee"
    productName: "IBM Security Verify Directory Integrator"
    productMetric: "PROCESSOR_VALUE_UNIT"
    productChargedContainers: "All"
spec:
  selector:
    matchLabels:
      app: ibm-svdi
  replicas: 1
  template:
    ...

Verify the license server metrics

The Rest API of the license service container should be queried in order to verify that the container is able to correctly collect the license audit data. Detailed information on the API can be found at https://github.com/IBM/ibm-licensing-operator/blob/master/docs/Content/Retrieving_data.md.