Deploying ICD Services and Deployment to Kubernetes Cluster

This topic describes how to deploy container images in the Kubernetes cluster.

1. Make sure you have access to the Product liberty docker images and Docker private repository.
2. Run the following command on the Kubernetes cluster Master Node:
   • Create the ICD namespace for the application, create a directory Namespace, and create a yaml file icd-namespace inside the directory.
   • Namespace for all Kubernetes components is defined using Namespace Type. Below is the code for reference:

     apiVersion: v1
     kind: Namespace
     metadata:
       name: icd
     

   • Run the below command to create the namespace.

     kubectl apply -f Namespace/icd-namespace.yaml

3. To create config map in the ICD namespace.
   • Config maps are customizable, you can add or update any data.
   • Create a directory Config and create config maps as mentioned below inside the directory.
   • ICD Config map data:
     • DB_PORT: "50005"
   • run command to create namespace.

     • kubectl apply -f Config/icd-map.yaml  

4. Create secrets in the ICD namespace.
   • Secrets are also customizable, you can use your own TLS certificate and key.
   • ICD-TLS-Secret: This is the default certificate for SSL service for your Ingress. If you want to change the TLS certificate and key, update the below field in the icd-tls-secret.yaml file:
     • tls.crt: //encoded certificate string
   • DB-Secret: This contains the master password for your database.
     • Update the master password the same as in your work station.
     • Update the below field inside the db-secret.yaml file.
       • password: //base64 encoded password
       • To get the encoded string for your password, run echo -n "your_password"|base64
   • Run the following command:
     • kubectl apply -f Secrets/db-secret.yaml
     • kubectl apply -f Secrets/icd-tls-secret.yaml
5. Create the services in the ICD namespace for the deployments. Services are required to access the Kubernetes pods and provide static access to the pods. Two types of services offered by Kubernetes are:
   • ClusterIP: This is used to expose your applications within the cluster. All applications are exposed to clusters and can be accessed from outside via ingress controller.
   • NodePort: This is used to expose your application to the outside world via the cluster-admin host. A single NodePort Service is there and is only for the database in case you need to access your database from outside directly.
   For IBM® Control Desk workloads, services must be created to access the different workload pods. For example icd-uiservice. Create a directory Services and create a yaml file ui-service.yaml for icd-ui service. Refer below code for icd-ui service:

   kind: Service
   apiVersion: v1
   metadata:
     labels:
       app: icd-ui
     name: icd-ui
     namespace: icd
   spec:
     type: ClusterIP
     ports:
     - name: "http-port"
       port: 9080
       targetPort: 9080
     - name: "https-port"
       port: 9443
       targetPort: 9443
     selector:
       app: icd-ui
   

   This service exposes all pods connected through the selector icd-ui on ports 9443 and 9080 using ClusterIP.
   1. Create the service by executing the command mentioned below:

      kubectl apply -f Services/ui-service.yaml

   2. Similarly, create the services for other workloads:
      • icd-cron
      • icd-report
      • icd-jms
      • icd-sp
      • icd-api
      • icd-mea
6. After services creation, deployments for all IBM Control Desk components need to be created. Deployments are used to create Kubernetes pods. Each pod can have one or more containers that run application code. Each pod will have only one container in the case of IBM Control Desk. Docker images created earlier will be used by the Kubernetes Deployment files to create pods. Let us create the icd-ui deployment in the ICD namespace. Below is the code snippet:

   kind: Deployment
   apiVersion: apps/v1
   metadata:
     labels:
       app: icd-ui
     name: icd-ui
     namespace: icd
   spec:
     replicas: 1
     selector:
       matchLabels:
         app: icd-ui
     template:
       metadata:
         labels:
           app: icd-ui
       spec:
         hostname: icd-ui
         containers:
         - env: 
           - name: DB_HOST
             value: <DB IP Address>
           - name: JMS_SERVER
             value: $(ICD_JMS_SERVICE_HOST)
           - name: JVM_ARGS
             value: -Dmxe.name=MAXIMO_UI
           image: icdlocalgsa.icdlab.com:5000/admin/icd/ui:7612
           name: ui
           resources:
            limits:
              memory: 5Gi
            requests:
              memory: 2Gi
   
           ports:
           - containerPort: 9443
           - containerPort: 9080
           envFrom:
             - configMapRef:
                 name: icd-map
         restartPolicy: Always
   

   The deployment icd-ui created in namespace icd is connected to icd-ui service which is specified by spec.selector.

   • Mandatory Fields:
     • image: <icdlocalgsa.icdlab.com:5000>/admin/icd/ui:<7612> //must be updated with your private repo icd-ui image path.
     • Env: DB_HOST environment variable would be admin workstation IP Address as our database is hosted on admin workstation.
   • Optional Fields:
     • replicas: 1 //can be updated
     • limits: memory: 5Gi // Max main memory allowed to use by the POD.
     • requests: memory: 2Gi // Initial request memory for the POD.
   • Additional configuration: Refer Logging in IBM Control Desk Containers and Scaling IBM Control Desk Workloads Pods to configure the logging and Scaling respectively for the IBM Control Desk worker pods.
   1. Do the deployment by executing the command mentioned below:

      kubectl apply -f ui-deployment.yaml

   2. Similarly, deployment for other workloads needs to be created with their respective images:
      • icd-cron
      • icd-report
      • icd-jms
      • icd-sp
      • icd-api
      • icd-mea