Installing IBM Multicloud Manager on an IBM Cloud Private cluster

After you have your IBM Cloud Private clusters, you can install IBM Multicloud Manager to manage those clusters.

• Prerequisites
• Loading the PPA archive
• Installing the IBM Multicloud Manager controller and the IBM Multicloud Manager console
• Installing and configuring the IBM Multicloud Manager CLI

Prerequisites

• You must have access to an IBM Cloud Private environment. For more details about IBM Cloud Private and setting up your environment, see the Overview.

• You must install Docker. To install Docker, see Install Docker .

• You need to install the Kubernetes command-line tool. To install kubectl, see Installing the Kubernetes CLI (kubectl)l.

• You must install Helm. For more information, see Installing the Helm CLI (helm) for IBM Cloud Private to install Helm.

• You must install the IBM Cloud Private CLI, cloudctl. For more information, see Installing the IBM Cloud Private CLI to install the CLI.

  You can download the installation file for CLI tools from the IBM Cloud Private management console.

  Note: You need the IBM Cloud Private monitoring service enabled when you install IBM Multicloud Manager and IBM Multicloud Manager Klusterlet on IBM Cloud Private.

Loading the IBM Multicloud Manager PPA archive

1. Run the following command to log in to the IBM Cloud Private Docker image registry:

   docker login <cluster_CA_domain>:8500
   

   To configure authentication to access the private image registry from outside of your IBM Cloud Private cluster, see Configuring authentication for the Docker CLI. To configure on your machine, complete the additional steps that are required to setup the authentication.

2. Log in to the IBM Cloud Private CLI, or cloudctl, to configure helm and kubectl. Run the following command:

   cloudctl login -a https://<icp-cluster-ip>:8443 --skip-ssl-validation
   

3. Load the Passport Advantage (PPA) archives.

   Run the following command to unpack the archive:

   tar zxvf mcm-3.1.1.tgz
   

   Then, run the following command to load the PPA archive:

   • For Linux® x86_64, run the following command with the archive file name:

     cloudctl catalog load-ppa-archive -a mcm-3.1.1-x86.tgz --registry <cluster_CA_domain>:8500/kube-system
     

   • For Linux® on Power® (ppc64le), run the following command with the archive file name:

     cloudctl catalog load-ppa-archive -a mcm-3.1.1-ppc64le.tgz --registry <cluster_CA_domain>:8500/kube-system
     

4. From the IBM Cloud Private management console, validate that the following Docker images were loaded to Container Images:

   • kube-system/catalog-ui
   • kube-system/etcd
   • kube-system/icp-router
   • kube-system/mcm-api
   • kube-system/mcm-application
   • kube-system/mcm-compliance
   • kube-system/mcm-controller
   • kube-system/mcm-mongodb
   • kube-system/mcm-openssl
   • kube-system/mcm-ui
   • kube-system/mcm-ui-api
   • kube-system/mcmctl
   • kube-system/platform-header
   • kube-system/platform-ui
   • kube-system/prometheus

5. From the IBM Cloud Private management console, validate that the following Helm charts were loaded to Catalog:

   • ibm-mcm-prod

You can now install IBM Multicloud Manager controller and console on one IBM Cloud Private cluster. This cluster becomes the IBM Multicloud Manager hub-cluster.

After you set up your hub-cluster, you can install the IBM Multicloud Manager Klusterlet on each IBM Cloud Private cluster that you want to manage with IBM Multicloud Manager. Your managed clusters are referred to as managed-clusters.

Installing the IBM Multicloud Manager controller and the IBM Multicloud Manager console

You can install the IBM Multicloud Manager controller and IBM Multicloud Manager console on your hub-cluster.

1. Log in to the IBM Cloud Private management console.

2. Click Catalog.

3. Select the ibm-mcm-prod Helm Chart.

4. Click Configure.

5. Configure the following required parameters:

   • Helm release name: <helm_release_name> is the name of the Helm release and can be any name.
   • Target namespace: choose kube-system, the chart that is required to be installed in the kube-system namespace.
   • IBM Multicloud Manager Namespace:<mcm_namespace> the dedicated namespace use for assigning resources (such as compliance policy) to the IBM Multicloud Manager controller.

6. Enable and configure persistent storage for ETCD.

   • To enable persistent storage for ETCD, create a StorageClass or a PersistentVolume before you install the ibm-mcm-prod Helm chart.

   • To create StorageClass on IBM Cloud Private, see Creating a storage class.

   • To create PersistentVolume on IBM Cloud Private, see Creating a PersistentVolume.

   • From All parameters, configure the following parameters in IBM Multicloud Manager ETCD configuration.

   • Enable Persistence: Check the box to enable persistent storage.

   • Storageclass Name: Specify <storageclass_name>. To use PersistentVolume, leave the value blank.
   • Storage Capacity: <storage_capacity> is the capacity of the storage volume. Default capacity is 1G.
   • Access Modes: <access_mode> is the access mode of the storage volume. Default access mode is ReadWriteMany.

7. Read and agree to the License agreement.

8. Click Install to deploy ibm-mcm-prod Helm chart.

9. Run the following command to log in to your hub-cluster:

   cloudctl login -a https://<hub_cluster_host_name>:8443 --skip-ssl-validation
   

10. Run the following command to create the IBM Multicloud Manager namespace, where mcm-namespace is the dedicated namespace that you created:

    kubectl create namespace <mcm_namespace>
    

11. If you are running IBM Cloud Private 3.1.0, enable the IBM Multicloud Manager link in the IBM Cloud Private navigation bar, and the remote Helm install feature for IBM Cloud Private management console on your hub-cluster by running the following commands:

    export cluster_CA_domain=<cluster_CA_domain>
    
    kubectl patch daemonset -n kube-system platform-ui -p '{"spec": {"template": {"spec": {"containers": [{"name": "platform-ui", "image": "'${cluster_CA_domain}':8500/kube-system/platform-ui:3.1.0-mcm"}]}}}}'
    
    kubectl patch daemonset -n kube-system catalog-ui -p '{"spec": {"template": {"spec": {"containers": [{"name": "catalog-ui", "image": "'${cluster_CA_domain}':8500/kube-system/catalog-ui:3.1.0-mcm"}]}}}}'
    

Installing and Configuring the IBM Multicloud Manager CLI (mcmctl).

1. For the IBM Multicloud Manager CLI, you can obtain the mcmctl executable binary file for the following operating systems:

   • For Linux® 64-bit, run the following command:

     docker run -e LICENSE=accept -v $(pwd):/data <cluster_CA_domain>:8500/kube-system/mcmctl:3.1.1 cp mcmctl-linux-amd64 /data/mcmctl
     

   • For Linux® on Power® (ppc64le), run the following command:

     docker run -e LICENSE=accept -v $(pwd):/data <cluster_CA_domain>:8500/kube-system/mcmctl:3.1.1 cp mcmctl-linux-ppc64le /data/mcmctl
     

   • For Mac OSX, run the following command:

     docker run -e LICENSE=accept -v $(pwd):/data <cluster_CA_domain>:8500/kube-system/mcmctl:3.1.1 cp mcmctl-darwin-amd64 /data/mcmctl
     

   • For Windows 32 bit, run the following command:

     docker run -e LICENSE=accept -v $(pwd):/data <cluster_CA_domain>:8500/kube-system/mcmctl:3.1.1 cp mcmctl-win-386.exe /data/mcmctl
     

   • For Windows 64, run the following command:

     docker run -e LICENSE=accept -v $(pwd):/data <cluster_CA_domain>:8500/kube-system/mcmctl:3.1.1 cp mcmctl-win-amd64.exe
     

2. Configure the IBM Multicloud Manager CLI mcmctl. Run the following command to switch kubectl and helm config to hub-cluster with cloudctl login. The CLI uses the cluster configuration from kubectl.

   cloudctl login -a https://<hub_cluster_host_name>:8443 --skip-ssl-validation