Enabling and disabling IBM Cloud Private management services

After you install IBM® Cloud Private, you can disable the custom-metrics-adapter, image-security-enforcement, service-catalog, metering, and monitoring services if they are not needed. These services were enabled by default during installation. The istio, vulnerability-advisor, storage-glusterfs, and storage-minio services are disabled by default.

Required user type or access level: Cluster administrator or team administrator.

If you are disabling a service, you must configure the helm command line interface (CLI) as an Admin user. For more information about configuring the Helm CLI, see Setting up the Helm CLI.

1. If you are upgrading to version 3.1, or later, you must reformat the management services section in the config.yaml file before you upgrade. The section of the file before the upgrade reads similar to the following example:

      disabled_management_services:["istio","vulnerability-advisor","custom-metrics-adapter"]
   

   The section of the file after the changes for the upgrade reads similar to the following example:

      management-services:
        istio: disabled
        vulnerability-advisor: disabled
        custom-metrics-adapter: disabled
   

   Note: If you enabled vulnerability-advisor on the previous version, ensure that the vulnerability-advisor entry is enabled in the management-services section of the config.yaml file after the upgrade. The enabled entry reads: vulnerability-advisor: enabled. The setting is disabled by default in the upgraded version, and the setting is not automatically retained during the upgrade.

2. To specify a service to disable, add the service to the management_services parameter list in the config.yaml file. You can also change the setting for listed service to disabled.

3. To specify a service to enable, remove the service from the management_services parameter list in the config.yaml file. You can also indicate that it is enabled by changing the disabled setting to enabled.

   Note: If you are enabling the vulnerability-advisor, deploy the new vulnerability advisor (VA) nodes. Ensure that the logging parameter is set to enabled in the parameter list. For more information about deploying the new VA nodes, see Adding an IBM Cloud Private cluster node.

4. Run the add-on command to enable or disable the service. Substitute ARCH for amd64 or ppc64le according to your CPU architecture:

    docker run --rm -t -e LICENSE=accept --net=host -v $(pwd):/installer/cluster ibmcom/icp-inception-ARCH:3.1.0-ee addon