Supported platforms and hardware requirements

Before you install License Service on the cluster, review the following installation requirements.

Supported platforms

License Service is supported on all Kubernetes-orchestrated clouds on Linux® x86_64, Linux on Power (ppc64le), Linux on IBM Z and LinuxONE on the following platforms:

  • Red Hat® OpenShift® Container Platform 4.10 and later
  • Kubernetes 1.19 and later

Required resources

By default, License Service is installed with the resource settings for large environments with up to 1000 pods and three IBM Cloud Paks®. License Service consists of two main components that require resources: the operator deployment and the application deployment. The following table shows the required resources for these components for the large environment:

Table 1. Component resources for the large environment
CPU Request (m) CPU Limit (m) Memory Request (Mi) Memory Limit (Mi)
200 500 256 1024

*where m stands for Millicores, and Mi for Mebibytes

If your environment is smaller than the default, you can change the limits and resources for the application deployment by editing the IBMLicensing instance. For more information, see Configuration.

The following table shows the available deployment profiles with the respective resource requirements for Linux x86_64.

Table 2. Deployment profiles with the respective resource requirements for Linux x86_64
Profile Environment CPU Limit (m) Memory Limit (Mi)
small 200 pods and 3 IBM Cloud Paks® 200 850
medium 500 pods and 3 IBM Cloud Paks® 300 850
large 1000 pods and 3 IBM Cloud Paks® 500 1024

Note: If additional software, solution or plugin is deployed in your cluster that might require extra memory or CPU resources, for example Dynatrace, check the documentation of this product and add additional resources to prevent memory saturation.

Minimal resource requirements

Linux® x86_64 clusters

Table 3. Small profile sizing of License Service for Linux® on Power® (ppc64le)
CPU Request (cores) CPU Limit (cores) Memory Request (GB) Memory Limit (GB)
0.1 0.2 0.5 0.9

Linux® on Power® (ppc64le) clusters

Table 4. Small profile sizing of License Service for Linux® on Power® (ppc64le) clusters
CPU Request (cores) CPU Limit (cores) Memory Request (GB) Memory Limit (GB)
0.1 0.3 0.3 0.6

Linux® on IBM® Z and LinuxONE clusters

Table 5. Small profile sizing of License Service for Linux® on IBM® Z and LinuxONE clusters
CPU Request (cores) CPU Limit (cores) Memory Request (GB) Memory Limit (GB)
0.1 0.2 0.3 0.4

Hyperthreading

License Service supports multiple threads per physical core also referred to as Simultaneous multithreading (SMT) or Hyper-Threading (HT).

For more information about how to enable hyperthreading in License Service, and examples, see Hyperthreading.

Cluster permissions

The IBM License Service operator requires certain cluster-level permissions to perform the main operations. These permissions are closely tracked and documented so that users can understand any implications that they might have on other workloads in the cluster.

Table 6. List of permissions for the IBM License Service operator to perform main operations
API group Resources Verbs Description
" " pods
namespaces
nodes
Get
List
The cluster permissions for the ibm-license-service service account are read-only access permissions that are required to properly discover the running IBM applications to report license usage of the Virtual Processor Core (VPC) and Processor Value Unit (PVU) metrics.
apps deployments Get
List
Read-only access permissions are required to properly discover the status of the deployments, and avoid miscalculations of license usage while upgrading the applications.
operator.openshift.io servicecas List These permissions are required to generate the TLS certificate for License Service.
operator.ibm.com ibmlicensings
ibmlicenseservicereporters
ibmlicensings/status
ibmlicenseservicereporters/status
ibmlicensings/finalizers
ibmlicenseservicereporters/finalizers
Create
Delete
Get
List
Patch
Update
Watch
The cluster permissions for the ibm-licensing-operator service account are required to properly manage the status of the IBM License Service operator.

Pod security policy for VMware Tanzu Kubernetes Grid

Before you deploy License Service on VMware Tanzu Kubernetes Grid, you need the ClusterRoleBinding to run a privileged set of workloads.

To check whether you have the proper policy in place, run the following command:

kubectl get clusterrolebinding default-tkg-admin-privileged-binding

If you do not have the proper policy in place, you can apply it, for example, by running the following command:

kubectl create clusterrolebinding default-tkg-admin-privileged-binding --clusterrole=psp:vmware-system-privileged --group=system:authenticated

For more information, see Using Pod Security Policies with Tanzu Kubernetes Clusters and Example Role Bindings for Pod Security Policy in VMware documentation.